Lucene search
AdobeCVELIST:CVE-2021-40739HistoryOct 26, 2021 - 12:00 a.m.
CVE-2021-40739 Adobe Audition Memory Corruption could lead to Arbitrary code execution
2021-10-2600:00:00
CWE-788
adobe
www.cve.org
4
adobe audition
memory corruption
cve-2021-40739
m4a file
arbitrary code execution
user interaction
CVSS3
7.8
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS
0.001
Percentile
35.4%
Adobe Audition version 14.4 (and earlier) is affected by a memory corruption vulnerability when parsing a M4A file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability.
CNA Affected
[
{
"product": "Audition",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "14.4",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "None",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
]Related
prion
prion
Memory corruption
2022-03-16 15:15:00
cve
cve
CVE-2021-40739
2022-03-16 15:15:12
cnvd
cnvd
Adobe Audition Arbitrary Code Execution Vulnerability (CNVD-2022-00591)
2021-10-27 00:00:00
nvd
nvd
CVE-2021-40739
2022-03-16 15:15:12
nessus
nessus
Adobe Audition < 14.4.2 Multiple Vulnerabilities (APSB21-92)
2021-10-29 00:00:00
adobe
adobe
APSB21-92 : Security update available for Adobe Audition
2021-10-26 00:00:00
threatpost
threatpost
Adobe's Surprise Security Bulletin Dominated by Critical Patches
2021-10-27 19:13:47
CVSS3
7.8
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS
0.001
Percentile
35.4%
Related for CVELIST:CVE-2021-40739