Adobe Prelude até 10.1 MXF File Excesso de tampão

Campo22/11/2021 19h4825/11/2021 16h24
vendorAdobeAdobe
namePreludePrelude
version<=10.1<=10.1
componentMXF File HandlerMXF File Handler
cwe120 (Excesso de tampão)120 (Excesso de tampão)
risk22
cvss3_vuldb_avNN
cvss3_vuldb_acLL
cvss3_vuldb_prNN
cvss3_vuldb_uiRR
cvss3_vuldb_sUU
cvss3_vuldb_cLL
cvss3_vuldb_iLL
cvss3_vuldb_aLL
cvss3_vuldb_rlOO
cvss3_vuldb_rcCC
cvss3_cna_avLL
cvss3_cna_acLL
cvss3_cna_prNN
cvss3_cna_uiRR
cvss3_cna_sUU
cvss3_cna_cHH
cvss3_cna_iHH
cvss3_cna_aHH
identifierapsb21-96apsb21-96
urlhttps://helpx.adobe.com/security/products/prelude/apsb21-96.htmlhttps://helpx.adobe.com/security/products/prelude/apsb21-96.html
nameUpgradeUpgrade
cveCVE-2021-42738CVE-2021-42738
cve_assigned16345944001634594400
cve_cnaAdobe Systems IncorporatedAdobe Systems Incorporated
date1637535600 (22/11/2021)1637535600 (22/11/2021)
cvss2_vuldb_avNN
cvss2_vuldb_acLL
cvss2_vuldb_auNN
cvss2_vuldb_ciPP
cvss2_vuldb_iiPP
cvss2_vuldb_aiPP
cvss2_vuldb_rcCC
cvss2_vuldb_rlOFOF
cvss2_vuldb_eNDND
cvss3_vuldb_eXX
cvss3_cna_basescore7.87.8
cvss2_vuldb_basescore7.57.5
cvss2_vuldb_tempscore6.56.5
cvss3_vuldb_basescore6.36.3
cvss3_vuldb_tempscore6.06.0
cvss3_meta_basescore7.07.0
cvss3_meta_tempscore6.96.9
price_0day$5k-$25k$5k-$25k
cve_nvd_summaryAdobe Prelude version 10.1 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious MXF file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required in that the victim must open a specially crafted file to exploit this vulnerability.

Interested in the pricing of exploits?

See the underground prices here!