Lucene search

China National Vulnerability DatabaseCNVD-2022-08206

HistoryJan 13, 2022 - 12:00 a.m.

Adobe Bridge resource management error vulnerability

2022-01-1300:00:00

China National Vulnerability Database

www.cnvd.org.cn

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:N/A:N

JSON

Adobe Bridge is a file viewer from Adobe, Inc. Adobe Bridge is vulnerable to a resource management error that originates from a use-after-free error when processing files. A remote attacker could use the vulnerability to trick victims into opening specially crafted files, trigger a use-after-free error and gain access to sensitive information.

CPENameOperatorVersion
adobe bridgeeq12.0
adobe bridgelt11.1.3

CPE	Name	Operator	Version
	adobe bridge	eq	12.0
	adobe bridge	lt	11.1.3

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:N/A:N

JSON

Related for CNVD-2022-08206