Adobe Prelude up to 10.1 MXF File buffer overflow

EntryeditHistoryDiffjsonxmlCTI

A vulnerability was found in Adobe Prelude up to 10.1 and classified as critical. Affected by this issue is an unknown part of the component MXF File Handler. Upgrading eliminates this vulnerability.

Field11/22/2021 07:48 PM11/25/2021 04:24 PM
vendorAdobeAdobe
namePreludePrelude
version<=10.1<=10.1
componentMXF File HandlerMXF File Handler
cwe120 (memory corruption)120 (memory corruption)
risk22
cvss3_vuldb_avNN
cvss3_vuldb_acLL
cvss3_vuldb_prNN
cvss3_vuldb_uiRR
cvss3_vuldb_sUU
cvss3_vuldb_cLL
cvss3_vuldb_iLL
cvss3_vuldb_aLL
cvss3_vuldb_rlOO
cvss3_vuldb_rcCC
cvss3_cna_avLL
cvss3_cna_acLL
cvss3_cna_prNN
cvss3_cna_uiRR
cvss3_cna_sUU
cvss3_cna_cHH
cvss3_cna_iHH
cvss3_cna_aHH
identifierapsb21-96apsb21-96
urlhttps://helpx.adobe.com/security/products/prelude/apsb21-96.htmlhttps://helpx.adobe.com/security/products/prelude/apsb21-96.html
nameUpgradeUpgrade
cveCVE-2021-42738CVE-2021-42738
cve_assigned16345944001634594400
cve_cnaAdobe Systems IncorporatedAdobe Systems Incorporated
date1637535600 (11/22/2021)1637535600 (11/22/2021)
cvss2_vuldb_avNN
cvss2_vuldb_acLL
cvss2_vuldb_auNN
cvss2_vuldb_ciPP
cvss2_vuldb_iiPP
cvss2_vuldb_aiPP
cvss2_vuldb_rcCC
cvss2_vuldb_rlOFOF
cvss2_vuldb_eNDND
cvss3_vuldb_eXX
cvss3_cna_basescore7.87.8
cvss2_vuldb_basescore7.57.5
cvss2_vuldb_tempscore6.56.5
cvss3_vuldb_basescore6.36.3
cvss3_vuldb_tempscore6.06.0
cvss3_meta_basescore7.07.0
cvss3_meta_tempscore6.96.9
price_0day$5k-$25k$5k-$25k
cve_nvd_summaryAdobe Prelude version 10.1 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious MXF file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required in that the victim must open a specially crafted file to exploit this vulnerability.

Want to stay up to date on a daily basis?

Enable the mail alert feature now!