Adobe Bridge à 11.0 TTF File buffer overflow

Une vulnérabilité a été trouvé dans Adobe Bridge à 11.0 et classée critique. Affecté par ce problème est une fonction inconnue du composant TTF File Handler. Mettre à jour élimine cette vulnérabilité.

Domaine	14/01/2021 13:19	14/02/2021 11:09	14/02/2021 11:16
name	Upgrade	Upgrade	Upgrade
cve	CVE-2021-21013	CVE-2021-21013	CVE-2021-21013
vendor	Adobe	Adobe	Adobe
name	Bridge	Bridge	Bridge
version	<=11.0	<=11.0	<=11.0
component	TTF File Handler	TTF File Handler	TTF File Handler
cwe	787 (buffer overflow)	787 (buffer overflow)	787 (buffer overflow)
risk	2	2	2
cvss3_vuldb_av	N	N	N
cvss3_vuldb_ac	L	L	L
cvss3_vuldb_pr	N	N	N
cvss3_vuldb_ui	R	R	R
cvss3_vuldb_s	U	U	U
cvss3_vuldb_c	L	L	L
cvss3_vuldb_i	L	L	L
cvss3_vuldb_a	L	L	L
cvss3_vuldb_rl	O	O	O
cvss3_vuldb_rc	C	C	C
url	https://helpx.adobe.com/security/products/bridge/apsb21-07.html	https://helpx.adobe.com/security/products/bridge/apsb21-07.html	https://helpx.adobe.com/security/products/bridge/apsb21-07.html
date	1610578800 (14/01/2021)	1610578800 (14/01/2021)	1610578800 (14/01/2021)
cvss2_vuldb_av	N	N	N
cvss2_vuldb_ac	L	L	L
cvss2_vuldb_au	N	N	N
cvss2_vuldb_ci	P	P	P
cvss2_vuldb_ii	P	P	P
cvss2_vuldb_ai	P	P	P
cvss2_vuldb_rc	C	C	C
cvss2_vuldb_rl	OF	OF	OF
cvss2_vuldb_e	ND	ND	ND
cvss3_vuldb_e	X	X	X
cvss2_vuldb_basescore	7.5	7.5	7.5
cvss2_vuldb_tempscore	7.5	6.5	6.5
cvss3_vuldb_basescore	6.3	6.3	6.3
cvss3_vuldb_tempscore	6.3	6.0	6.0
cvss3_meta_basescore	6.3	6.3	7.0
cvss3_meta_tempscore	6.3	6.0	6.7
price_0day	$5k-$25k	$5k-$25k	$5k-$25k
cve_assigned		1608246000	1608246000
cve_nvd_summary		Magento versions 2.4.1 (and earlier), 2.4.0-p1 (and earlier) and 2.3.6 (and earlier) are vulnerable to an insecure direct object vulnerability (IDOR) in the customer API module. Successful exploitation could lead to sensitive information disclosure.	Magento versions 2.4.1 (and earlier), 2.4.0-p1 (and earlier) and 2.3.6 (and earlier) are vulnerable to an insecure direct object vulnerability (IDOR) in the customer API module. Successful exploitation could lead to sensitive information disclosure.
cvss3_nvd_av			L
cvss3_nvd_ac			L
cvss3_nvd_pr			N
cvss3_nvd_ui			R
cvss3_nvd_s			U
cvss3_nvd_c			H
cvss3_nvd_i			H
cvss3_nvd_a			H
cvss2_nvd_av			N
cvss2_nvd_ac			M
cvss2_nvd_au			N
cvss2_nvd_ci			P
cvss2_nvd_ii			P
cvss2_nvd_ai			P
cve_cna			Adobe Systems Incorporated
cvss2_nvd_basescore			6.8
cvss3_nvd_basescore			7.8

◂ Précédent Aperçu Suivant ▸

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!