mirror of
https://github.com/CVEProject/cvelist.git
synced 2025-08-04 08:44:25 +00:00
101 lines
3.8 KiB
JSON
101 lines
3.8 KiB
JSON
{
|
|
"CVE_data_meta": {
|
|
"ASSIGNER": "psirt@adobe.com",
|
|
"DATE_PUBLIC": "2021-04-13T23:00:00.000Z",
|
|
"ID": "CVE-2021-21094",
|
|
"STATE": "PUBLIC",
|
|
"TITLE": "Adobe Bridge PDF File Parsing Out-Of-Bounds Write vulnerability could lead to arbitrary code execution"
|
|
},
|
|
"affects": {
|
|
"vendor": {
|
|
"vendor_data": [
|
|
{
|
|
"product": {
|
|
"product_data": [
|
|
{
|
|
"product_name": "Bridge",
|
|
"version": {
|
|
"version_data": [
|
|
{
|
|
"version_affected": "<=",
|
|
"version_value": "11.0.1"
|
|
},
|
|
{
|
|
"version_affected": "<=",
|
|
"version_value": "10.1.1"
|
|
},
|
|
{
|
|
"version_affected": "<=",
|
|
"version_value": "None"
|
|
},
|
|
{
|
|
"version_affected": "<=",
|
|
"version_value": "None"
|
|
}
|
|
]
|
|
}
|
|
}
|
|
]
|
|
},
|
|
"vendor_name": "Adobe"
|
|
}
|
|
]
|
|
}
|
|
},
|
|
"data_format": "MITRE",
|
|
"data_type": "CVE",
|
|
"data_version": "4.0",
|
|
"description": {
|
|
"description_data": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "Adobe Bridge versions 10.1.1 (and earlier) and 11.0.1 (and earlier) are affected by an Out-of-bounds write vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
|
|
}
|
|
]
|
|
},
|
|
"impact": {
|
|
"cvss": {
|
|
"attackComplexity": "Low",
|
|
"attackVector": "Local",
|
|
"availabilityImpact": "High",
|
|
"baseScore": 7.8,
|
|
"baseSeverity": "High",
|
|
"confidentialityImpact": "High",
|
|
"integrityImpact": "High",
|
|
"privilegesRequired": "None",
|
|
"scope": "Unchanged",
|
|
"userInteraction": "Required",
|
|
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
|
|
"version": "3.1"
|
|
}
|
|
},
|
|
"problemtype": {
|
|
"problemtype_data": [
|
|
{
|
|
"description": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "Out-of-bounds Write (CWE-787)"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
"references": {
|
|
"reference_data": [
|
|
{
|
|
"refsource": "MISC",
|
|
"url": "https://helpx.adobe.com/security/products/bridge/apsb21-23.html",
|
|
"name": "https://helpx.adobe.com/security/products/bridge/apsb21-23.html"
|
|
},
|
|
{
|
|
"refsource": "MISC",
|
|
"name": "https://www.zerodayinitiative.com/advisories/ZDI-21-416/",
|
|
"url": "https://www.zerodayinitiative.com/advisories/ZDI-21-416/"
|
|
}
|
|
]
|
|
},
|
|
"source": {
|
|
"discovery": "EXTERNAL"
|
|
}
|
|
} |