Lucene search
AdobeCVELIST:CVE-2021-40738HistoryMar 16, 2022 - 2:03 p.m.
CVE-2021-40738 Adobe Audition WAV file Memory corruption could lead to Arbitrary code execution
2022-03-1614:03:27
CWE-788
adobe
www.cve.org
4
adobe
audition
wav file
memory corruption
arbitrary code execution
user interaction
CVSS3
7.8
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS
0.001
Percentile
39.9%
Adobe Audition version 14.4 (and earlier) is affected by a memory corruption vulnerability when parsing a WAV file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability.
CNA Affected
[
{
"product": "Audition",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "14.4",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
]Related
prion
prion
Memory corruption
2022-03-16 15:15:00
nvd
nvd
CVE-2021-40738
2022-03-16 15:15:12
cve
cve
CVE-2021-40738
2022-03-16 15:15:12
cnvd
cnvd
Adobe Audition Arbitrary Code Execution Vulnerability (CNVD-2022-00592)
2021-10-27 00:00:00
adobe
adobe
APSB21-92 : Security update available for Adobe Audition
2021-10-26 00:00:00
nessus
nessus
Adobe Audition < 14.4.2 Multiple Vulnerabilities (APSB21-92)
2021-10-29 00:00:00
threatpost
threatpost
Adobe's Surprise Security Bulletin Dominated by Critical Patches
2021-10-27 19:13:47
CVSS3
7.8
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS
0.001
Percentile
39.9%
Related for CVELIST:CVE-2021-40738