CVE-2021-21092 · CVEKit

cve.orgen

388 chars

Adobe Bridge versions 10.1.1 (and earlier) and 11.0.1 (and earlier) are affected by a memory corruption vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

NVDen

388 chars

Adobe Bridge versions 10.1.1 (and earlier) and 11.0.1 (and earlier) are affected by a memory corruption vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

NVDes

473 chars

Adobe Bridge versiones 10.1.1 (y anteriores) y versiones 11.0.1 (y anteriores) están afectadas por una vulnerabilidad de corrupción de la memoria cuando analiza un archivo especialmente diseñado. Un atacante no autenticado podría aprovechar esta vulnerabilidad para lograr una ejecución de código arbitraria en el contexto del usuario actual. Es requerida una interacción del usuario para explotar este problema, ya que la víctima debe abrir un archivo malicioso

CVSS metrics across sources

4

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	NVD	6.8	8.6	6.4	AV:N/AC:M/Au:N/C:P/I:P/A:P
3.0	Primary	cve.org	7.8	—	—	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H