CVE-2024-52987: 
NixOS vulnerability analysis and mitigation

Adobe Animate versions 23.0.8, 24.0.5 and earlier are affected by an Integer Underflow vulnerability identified as CVE-2024-52987. The vulnerability was disclosed on December 10, 2024, and affects both Windows and macOS operating systems. This security issue was reported by Adobe Systems Incorporated and has been assigned a high severity rating with a CVSS v3.1 base score of 7.8 (NVD, Adobe Advisory).

The vulnerability is classified as an Integer Underflow (Wrap or Wraparound) issue, categorized under CWE-191. The CVSS v3.1 vector string is CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H, indicating local access vector, low attack complexity, no privileges required, user interaction required, and high impact on confidentiality, integrity, and availability (NVD).

If successfully exploited, this vulnerability could result in arbitrary code execution in the context of the current user. The high severity rating indicates significant potential impact on system security, affecting both confidentiality and integrity of the system (NVD).

Adobe has addressed this vulnerability by releasing updated versions of the software. Users running Animate version 23.0.8 should update to version 23.0.9 or later, while users on version 24.0.5 should update to version 24.0.6 or later (NVD).