CVE-2021-36047

XMP Toolkit SDK version 2020.1 (and earlier) is affected by an Improper Input Validation vulnerability potentially resulting in arbitrary code execution in the context of the current user. Exploitation requires user interaction in that a victim must open a crafted file.
Configurations

Configuration 1 (hide)

cpe:2.3:a:adobe:xmp_toolkit_software_development_kit:*:*:*:*:*:*:*:*

Configuration 2 (hide)

cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*

History

27 Oct 2021, 01:47

Type Values Removed Values Added
CPE cpe:2.3:a:adobe:xmp_toolkit_sdk:*:*:*:*:*:*:*:* cpe:2.3:a:adobe:xmp_toolkit_software_development_kit:*:*:*:*:*:*:*:*

08 Sep 2021, 19:35

Type Values Removed Values Added
CVSS v2 : unknown
v3 : 7.8
v2 : 9.3
v3 : 7.8
References (MISC) https://helpx.adobe.com/security/products/xmpcore/apsb21-65.html - (MISC) https://helpx.adobe.com/security/products/xmpcore/apsb21-65.html - Patch, Vendor Advisory
CPE cpe:2.3:a:adobe:xmp_toolkit_sdk:*:*:*:*:*:*:*:*

01 Sep 2021, 15:19

Type Values Removed Values Added
New CVE

Information

Published : 2021-09-01 15:15

Updated : 2024-02-04 21:47


NVD link : CVE-2021-36047

Mitre link : CVE-2021-36047

CVE.ORG link : CVE-2021-36047


JSON object : View

Products Affected

debian

  • debian_linux

adobe

  • xmp_toolkit_software_development_kit
CWE
CWE-20

Improper Input Validation