XMP Toolkit SDK version 2020.1 (and earlier) is affected by an Improper Input Validation vulnerability potentially resulting in arbitrary code execution in the context of the current user. Exploitation requires user interaction in that a victim must open a crafted file.
References
| Link | Resource |
|---|---|
| https://helpx.adobe.com/security/products/xmpcore/apsb21-65.html | Patch Vendor Advisory |
| https://lists.debian.org/debian-lts-announce/2023/09/msg00032.html | Mailing List Third Party Advisory |
| https://helpx.adobe.com/security/products/xmpcore/apsb21-65.html | Patch Vendor Advisory |
| https://lists.debian.org/debian-lts-announce/2023/09/msg00032.html | Mailing List Third Party Advisory |
Configurations
History
21 Nov 2024, 06:13
| Type | Values Removed | Values Added |
|---|---|---|
| References | () https://helpx.adobe.com/security/products/xmpcore/apsb21-65.html - Patch, Vendor Advisory | |
| References | () https://lists.debian.org/debian-lts-announce/2023/09/msg00032.html - Mailing List, Third Party Advisory |
19 Oct 2023, 20:48
| Type | Values Removed | Values Added |
|---|---|---|
| CPE | cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:* | |
| References | (MLIST) https://lists.debian.org/debian-lts-announce/2023/09/msg00032.html - Mailing List, Third Party Advisory | |
| First Time |
Debian debian Linux
Debian |
26 Sep 2023, 01:15
| Type | Values Removed | Values Added |
|---|---|---|
| References |
|
Information
Published : 2021-09-01 15:15
Updated : 2024-11-21 06:13
NVD link : CVE-2021-36048
Mitre link : CVE-2021-36048
CVE.ORG link : CVE-2021-36048
JSON object : View
Products Affected
adobe
- xmp_toolkit_software_development_kit
debian
- debian_linux
CWE
CWE-20
Improper Input Validation