Lucene search

PRIOn knowledge basePRION:CVE-2021-21092

HistoryApr 15, 2021 - 2:15 p.m.

Memory corruption

2021-04-1514:15:00

PRIOn knowledge base

www.prio-n.com

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.001 Low

EPSS

Percentile

47.2%

JSON

Adobe Bridge versions 10.1.1 (and earlier) and 11.0.1 (and earlier) are affected by a memory corruption vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

CPENameOperatorVersion
bridgege10.0
bridgele10.1.1
bridgege11.0
bridgele11.0.1

Name	Operator	Version
bridge	ge	10.0
bridge	le	10.1.1
bridge	ge	11.0
bridge	le	11.0.1

References

helpx.adobe.com/security/products/bridge/apsb21-23.html

www.zerodayinitiative.com/advisories/ZDI-21-415/

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.001 Low

EPSS

Percentile

47.2%

JSON

Related for PRION:CVE-2021-21092