Lucene search

[email protected]CVE-2021-26025

HistoryJan 26, 2021 - 6:16 p.m.

CVE-2021-26025

2021-01-2618:16:23

CWE-863

[email protected]

web.nvd.nist.gov

cve-2021-26025

acdsee professional

user mode write access violation

security vulnerability

bmp image

nvd

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

7.4 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

27.4%

JSON

PlugIns\IDE_ACDStd.apl in ACDSee Professional 2021 14.0 1721 has a User Mode Write Access Violation starting at IDE_ACDStd!zlibVersion+0x0000000000004e5e via a crafted BMP image.

Affected configurations

NVD

Node

acdseephoto_studio_2021Match14.0build_1721professional

CPENameOperatorVersion
acdsee:photo_studio_2021acdsee photo studio 2021eq14.0

CPE	Name	Operator	Version
acdsee:photo_studio_2021	acdsee photo studio 2021	eq	14.0

References

github.com/secluck/pentest/blob/main/000022.md

Social References

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

7.4 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

27.4%

JSON

Related for CVE-2021-26025

prion1 nvd1 cvelist1