CVE-2021-28620

Adobe Animate version 21.0.6 (and earlier) is affected by a Heap-based Buffer Overflow vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
References
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
cpe:2.3:a:adobe:animate:*:*:*:*:*:*:*:*

History

30 Aug 2021, 20:32

Type Values Removed Values Added
CVSS v2 : unknown
v3 : 7.8
v2 : 6.8
v3 : 7.8
CPE cpe:2.3:a:adobe:animate:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
References (MISC) https://helpx.adobe.com/security/products/animate/apsb21-50.html - (MISC) https://helpx.adobe.com/security/products/animate/apsb21-50.html - Patch, Vendor Advisory

24 Aug 2021, 19:15

Type Values Removed Values Added
New CVE

Information

Published : 2021-08-24 19:15

Updated : 2024-02-04 21:47


NVD link : CVE-2021-28620

Mitre link : CVE-2021-28620

CVE.ORG link : CVE-2021-28620


JSON object : View

Products Affected

microsoft

  • windows

adobe

  • animate
CWE
CWE-122

Heap-based Buffer Overflow