Adobe Bridge à 11.0 TTF File buffer overflow

entréeeditHistoryDiffjsonxmlCTI

Une vulnérabilité a été trouvé dans Adobe Bridge à 11.0 et classée critique. Affecté par ce problème est une fonction inconnue du composant TTF File Handler. Mettre à jour élimine cette vulnérabilité.

Domaine14/01/2021 13:1914/02/2021 11:0914/02/2021 11:16
nameUpgradeUpgradeUpgrade
cveCVE-2021-21013CVE-2021-21013CVE-2021-21013
vendorAdobeAdobeAdobe
nameBridgeBridgeBridge
version<=11.0<=11.0<=11.0
componentTTF File HandlerTTF File HandlerTTF File Handler
cwe787 (buffer overflow)787 (buffer overflow)787 (buffer overflow)
risk222
cvss3_vuldb_avNNN
cvss3_vuldb_acLLL
cvss3_vuldb_prNNN
cvss3_vuldb_uiRRR
cvss3_vuldb_sUUU
cvss3_vuldb_cLLL
cvss3_vuldb_iLLL
cvss3_vuldb_aLLL
cvss3_vuldb_rlOOO
cvss3_vuldb_rcCCC
urlhttps://helpx.adobe.com/security/products/bridge/apsb21-07.htmlhttps://helpx.adobe.com/security/products/bridge/apsb21-07.htmlhttps://helpx.adobe.com/security/products/bridge/apsb21-07.html
date1610578800 (14/01/2021)1610578800 (14/01/2021)1610578800 (14/01/2021)
cvss2_vuldb_avNNN
cvss2_vuldb_acLLL
cvss2_vuldb_auNNN
cvss2_vuldb_ciPPP
cvss2_vuldb_iiPPP
cvss2_vuldb_aiPPP
cvss2_vuldb_rcCCC
cvss2_vuldb_rlOFOFOF
cvss2_vuldb_eNDNDND
cvss3_vuldb_eXXX
cvss2_vuldb_basescore7.57.57.5
cvss2_vuldb_tempscore7.56.56.5
cvss3_vuldb_basescore6.36.36.3
cvss3_vuldb_tempscore6.36.06.0
cvss3_meta_basescore6.36.37.0
cvss3_meta_tempscore6.36.06.7
price_0day$5k-$25k$5k-$25k$5k-$25k
cve_assigned16082460001608246000
cve_nvd_summaryMagento versions 2.4.1 (and earlier), 2.4.0-p1 (and earlier) and 2.3.6 (and earlier) are vulnerable to an insecure direct object vulnerability (IDOR) in the customer API module. Successful exploitation could lead to sensitive information disclosure.Magento versions 2.4.1 (and earlier), 2.4.0-p1 (and earlier) and 2.3.6 (and earlier) are vulnerable to an insecure direct object vulnerability (IDOR) in the customer API module. Successful exploitation could lead to sensitive information disclosure.
cvss3_nvd_avL
cvss3_nvd_acL
cvss3_nvd_prN
cvss3_nvd_uiR
cvss3_nvd_sU
cvss3_nvd_cH
cvss3_nvd_iH
cvss3_nvd_aH
cvss2_nvd_avN
cvss2_nvd_acM
cvss2_nvd_auN
cvss2_nvd_ciP
cvss2_nvd_iiP
cvss2_nvd_aiP
cve_cnaAdobe Systems Incorporated
cvss2_nvd_basescore6.8
cvss3_nvd_basescore7.8

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!