XMP Toolkit SDK version 2020.1 (and earlier) is affected by an Improper Input Validation vulnerability potentially resulting in arbitrary code execution in the context of the current user. Exploitation requires user interaction in that a victim must open a crafted file.
References
Link | Resource |
---|---|
https://helpx.adobe.com/security/products/xmpcore/apsb21-65.html | Patch Vendor Advisory |
https://lists.debian.org/debian-lts-announce/2023/09/msg00032.html | Mailing List Third Party Advisory |
Configurations
History
27 Oct 2021, 01:47
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:adobe:xmp_toolkit_software_development_kit:*:*:*:*:*:*:*:* |
08 Sep 2021, 19:35
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : 9.3
v3 : 7.8 |
References | (MISC) https://helpx.adobe.com/security/products/xmpcore/apsb21-65.html - Patch, Vendor Advisory | |
CPE | cpe:2.3:a:adobe:xmp_toolkit_sdk:*:*:*:*:*:*:*:* |
01 Sep 2021, 15:19
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2021-09-01 15:15
Updated : 2024-02-04 21:47
NVD link : CVE-2021-36047
Mitre link : CVE-2021-36047
CVE.ORG link : CVE-2021-36047
JSON object : View
Products Affected
debian
- debian_linux
adobe
- xmp_toolkit_software_development_kit
CWE
CWE-20
Improper Input Validation