Lucene search
This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.ADOBE_PREMIERE_PRO_APSB21-67.NASLHistorySep 16, 2021 - 12:00 a.m.
Adobe Premiere Pro < 15.4.1 Arbitrary Code Execution (APSB21-67)
2021-09-1600:00:00
This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
37
The version of Adobe Premiere Pro installed on the remote Windows host is prior to 15.4.1. It is, therefore, affected by memory access vulnerabilities that could lead to arbitrary code execution.
Note that Nessus has not attempted to exploit these issues but has instead relied only on the application’s self-reported version number.
#%NASL_MIN_LEVEL 70300
##
# (C) Tenable Network Security, Inc.
##
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(153439);
script_version("1.5");
script_set_attribute(attribute:"plugin_modification_date", value:"2022/01/26");
script_cve_id("CVE-2021-40710", "CVE-2021-40715");
script_xref(name:"IAVA", value:"2021-A-0420-S");
script_name(english:"Adobe Premiere Pro < 15.4.1 Arbitrary Code Executionâ¯(APSB21-67)");
script_set_attribute(attribute:"synopsis", value:
"Adobe Premiere Pro installed on the remote Windows host is affected by multiple vulnerabilities.");
script_set_attribute(attribute:"description", value:
"The version of Adobe Premiere Pro installed on the remote Windows host is prior to 15.4.1. It is, therefore, affected
by memory access vulnerabilities that could lead to arbitrary code execution.
Note that Nessus has not attempted to exploit these issues but has instead relied only on the application's
self-reported version number.");
script_set_attribute(attribute:"see_also", value:"https://helpx.adobe.com/security/products/premiere_pro/apsb21-67.html");
script_set_attribute(attribute:"solution", value:
"Upgrade to Adobe Premiere Pro version 15.4.1 or later.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2021-40715");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"vuln_publication_date", value:"2021/09/14");
script_set_attribute(attribute:"patch_publication_date", value:"2021/09/14");
script_set_attribute(attribute:"plugin_publication_date", value:"2021/09/16");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"cpe:/a:adobe:premiere_pro");
script_set_attribute(attribute:"cpe", value:"cpe:/a:adobe:premiere_pro_cc");
script_set_attribute(attribute:"stig_severity", value:"I");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Windows");
script_copyright(english:"This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("adobe_premiere_pro_installed.nasl");
script_require_keys("installed_sw/Adobe Premiere Pro", "SMB/Registry/Enumerated");
exit(0);
}
include('vcf.inc');
get_kb_item_or_exit('SMB/Registry/Enumerated');
var app_info = vcf::get_app_info(app:'Adobe Premiere Pro', win_local:TRUE);
var constraints = [{'fixed_version': '15.4.1'}];
vcf::check_version_and_report(
app_info:app_info,
constraints:constraints,
severity:SECURITY_HOLE
);
| Vendor | Product | Version | CPE |
|---|---|---|---|
| adobe | premiere_pro | cpe:/a:adobe:premiere_pro | |
| adobe | premiere_pro_cc | cpe:/a:adobe:premiere_pro_cc |
Related
openvas
openvas
prion
prion
Memory corruption
2021-09-29 16:15:00
Memory corruption
2021-09-29 16:15:00
cnvd
cnvd
cvelist
cvelist
cve
cve
CVE-2021-40710
2021-09-29 16:15:00
CVE-2021-40715
2021-09-29 16:15:00
Related for ADOBE_PREMIERE_PRO_APSB21-67.NASL