mirror of
https://github.com/fkie-cad/nvd-json-data-feeds.git
synced 2025-05-28 09:11:28 +00:00
130 lines
4.1 KiB
JSON
130 lines
4.1 KiB
JSON
{
|
|
"id": "CVE-2021-43755",
|
|
"sourceIdentifier": "psirt@adobe.com",
|
|
"published": "2022-06-15T20:15:17.440",
|
|
"lastModified": "2022-06-24T17:05:39.237",
|
|
"vulnStatus": "Analyzed",
|
|
"descriptions": [
|
|
{
|
|
"lang": "en",
|
|
"value": "Adobe After Effects versions 22.0 (and earlier) and 18.4.2 (and earlier) are affected by a memory corruption vulnerability due to insecure handling of a malicious file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability."
|
|
},
|
|
{
|
|
"lang": "es",
|
|
"value": "Adobe After Effects versiones 22.0 (y anteriores) y 18.4.2 (y anteriores), est\u00e1n afectadas por una vulnerabilidad de corrupci\u00f3n de memoria debido a un manejo no seguro de un archivo malicioso, que puede resultar en una ejecuci\u00f3n de c\u00f3digo arbitrario en el contexto del usuario actual. Es requerida la interacci\u00f3n del usuario para explotar esta vulnerabilidad"
|
|
}
|
|
],
|
|
"metrics": {
|
|
"cvssMetricV31": [
|
|
{
|
|
"source": "psirt@adobe.com",
|
|
"type": "Primary",
|
|
"cvssData": {
|
|
"version": "3.1",
|
|
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
|
|
"attackVector": "LOCAL",
|
|
"attackComplexity": "LOW",
|
|
"privilegesRequired": "NONE",
|
|
"userInteraction": "REQUIRED",
|
|
"scope": "UNCHANGED",
|
|
"confidentialityImpact": "HIGH",
|
|
"integrityImpact": "HIGH",
|
|
"availabilityImpact": "HIGH",
|
|
"baseScore": 7.8,
|
|
"baseSeverity": "HIGH"
|
|
},
|
|
"exploitabilityScore": 1.8,
|
|
"impactScore": 5.9
|
|
}
|
|
],
|
|
"cvssMetricV2": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"cvssData": {
|
|
"version": "2.0",
|
|
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
|
|
"accessVector": "NETWORK",
|
|
"accessComplexity": "MEDIUM",
|
|
"authentication": "NONE",
|
|
"confidentialityImpact": "PARTIAL",
|
|
"integrityImpact": "PARTIAL",
|
|
"availabilityImpact": "PARTIAL",
|
|
"baseScore": 6.8
|
|
},
|
|
"baseSeverity": "MEDIUM",
|
|
"exploitabilityScore": 8.6,
|
|
"impactScore": 6.4,
|
|
"acInsufInfo": false,
|
|
"obtainAllPrivilege": false,
|
|
"obtainUserPrivilege": false,
|
|
"obtainOtherPrivilege": false,
|
|
"userInteractionRequired": true
|
|
}
|
|
]
|
|
},
|
|
"weaknesses": [
|
|
{
|
|
"source": "psirt@adobe.com",
|
|
"type": "Primary",
|
|
"description": [
|
|
{
|
|
"lang": "en",
|
|
"value": "CWE-788"
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"configurations": [
|
|
{
|
|
"operator": "AND",
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:adobe:after_effects:*:*:*:*:*:*:*:*",
|
|
"versionEndIncluding": "18.4.2",
|
|
"matchCriteriaId": "72865AD1-349D-4960-B0C5-DC622BF08C9C"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:adobe:after_effects:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "22.0",
|
|
"versionEndExcluding": "22.1.1",
|
|
"matchCriteriaId": "21A4435A-A7A4-4092-8968-AA5518898EB2"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E"
|
|
},
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"references": [
|
|
{
|
|
"url": "https://helpx.adobe.com/security/products/after_effects/apsb21-115.html",
|
|
"source": "psirt@adobe.com",
|
|
"tags": [
|
|
"Patch",
|
|
"Vendor Advisory"
|
|
]
|
|
}
|
|
]
|
|
} |