Acrobat Bridge versions 11.1.1 and earlier are affected by a use-after-free vulnerability in the processing of Format event actions that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
References
Link | Resource |
---|---|
https://helpx.adobe.com/security/products/bridge/apsb21-94.html | Vendor Advisory |
https://helpx.adobe.com/security/products/bridge/apsb21-94.html | Vendor Advisory |
Configurations
Configuration 1 (hide)
AND |
|
History
21 Nov 2024, 06:28
Type | Values Removed | Values Added |
---|---|---|
References | () https://helpx.adobe.com/security/products/bridge/apsb21-94.html - Vendor Advisory |
15 Apr 2022, 15:23
Type | Values Removed | Values Added |
---|---|---|
References | (MISC) https://helpx.adobe.com/security/products/bridge/apsb21-94.html - Vendor Advisory |
16 Mar 2022, 15:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
CWE | CWE-416 | |
Summary | Acrobat Bridge versions 11.1.1 and earlier are affected by a use-after-free vulnerability in the processing of Format event actions that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. |
17 Nov 2021, 18:33
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : 9.3
v3 : 7.8 |
References | (MISC) https://helpx.adobe.com/security/products/media-encoder/apsb21-70.html - Vendor Advisory | |
CWE | CWE-119 | |
CPE | cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:* cpe:2.3:a:adobe:media_encoder:*:*:*:*:*:*:*:* |
17 Nov 2021, 02:29
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2021-11-16 21:15
Updated : 2024-11-21 06:28
NVD link : CVE-2021-42721
Mitre link : CVE-2021-42721
CVE.ORG link : CVE-2021-42721
JSON object : View
Products Affected
microsoft
- windows
adobe
- media_encoder
CWE
CWE-416
Use After Free