Free and open-source vulnerability scanner

Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.

Install Now

Available for macOS, Windows, and Linux

App screenshot

CVE-2021-21094

CVE information

Published

2 years ago

Last Modified

4 months ago

CVSSv2.0 Severity

Medium

Impact Analysis

Description

Adobe Bridge versions 10.1.1 (and earlier) and 11.0.1 (and earlier) are affected by an Out-of-bounds write vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file..

CVSSv2.0 Score

Severity
Medium
Base Score
6.8/10
Exploit Score
8.6/10
Access Vector
Network
Access Complexity
Medium
Authentication Required
None
Impact Score
6.4/10
Confidentiality Impact
Partial
Availability Impact
Partial
Integrity Impact
Partial

Products Affected

CPE Affected Vulnerable Excluding Edit
cpe:2.3:a:adobe:bridge:*:*:*:*:*:*:*:*
  Yes
10.0 -
cpe:2.3:a:adobe:bridge:*:*:*:*:*:*:*:*
  Yes
11.0 -
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
  No
-