CVE-2021-36053

XMP Toolkit SDK versions 2020.1 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of arbitrary memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Configurations

Configuration 1 (hide)

cpe:2.3:a:adobe:xmp_toolkit_software_development_kit:*:*:*:*:*:*:*:*

Configuration 2 (hide)

cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*

History

21 Nov 2024, 06:13

Type Values Removed Values Added
References () https://helpx.adobe.com/security/products/xmpcore/apsb21-65.html - Patch, Vendor Advisory () https://helpx.adobe.com/security/products/xmpcore/apsb21-65.html - Patch, Vendor Advisory
References () https://lists.debian.org/debian-lts-announce/2023/09/msg00032.html - Mailing List, Third Party Advisory () https://lists.debian.org/debian-lts-announce/2023/09/msg00032.html - Mailing List, Third Party Advisory

19 Oct 2023, 20:51

Type Values Removed Values Added
First Time Debian debian Linux
Debian
References (MLIST) https://lists.debian.org/debian-lts-announce/2023/09/msg00032.html - (MLIST) https://lists.debian.org/debian-lts-announce/2023/09/msg00032.html - Mailing List, Third Party Advisory
CPE cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*

26 Sep 2023, 01:15

Type Values Removed Values Added
References
  • (MLIST) https://lists.debian.org/debian-lts-announce/2023/09/msg00032.html -

Information

Published : 2021-09-01 15:15

Updated : 2024-11-21 06:13


NVD link : CVE-2021-36053

Mitre link : CVE-2021-36053

CVE.ORG link : CVE-2021-36053


JSON object : View

Products Affected

adobe

  • xmp_toolkit_software_development_kit

debian

  • debian_linux
CWE
CWE-125

Out-of-bounds Read