Adobe Digital Editions version 4.5.11.187245 (and earlier) is affected by a Privilege Escalation vulnerability during installation. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary file system write in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
References
Link | Resource |
---|---|
https://helpx.adobe.com/security/products/Digital-Editions/apsb21-26.html | Vendor Advisory |
https://helpx.adobe.com/security/products/Digital-Editions/apsb21-26.html | Vendor Advisory |
Configurations
Configuration 1 (hide)
AND |
|
History
21 Nov 2024, 05:47
Type | Values Removed | Values Added |
---|---|---|
References | () https://helpx.adobe.com/security/products/Digital-Editions/apsb21-26.html - Vendor Advisory |
Information
Published : 2021-04-15 14:15
Updated : 2024-11-21 05:47
NVD link : CVE-2021-21100
Mitre link : CVE-2021-21100
CVE.ORG link : CVE-2021-21100
JSON object : View
Products Affected
apple
- macos
adobe
- digital_editions
CWE
CWE-379
Creation of Temporary File in Directory with Insecure Permissions