CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2021-39819 – Adobe InCopy Memory Corruption Vulnerability Could Lead to Arbitrary Code Execution
https://notcve.org/view.php?id=CVE-2021-39819
27 Sep 2021 — Adobe InCopy version 11.1 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious XML file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability. Adobe InCopy versiones 11.1 (y anteriores), está afectada por una vulnerabilidad de corrupción de memoria debido al manejo no seguro de un archivo XML malicioso, resultando potencialmente en una ejecución de código arbitrario e... • https://helpx.adobe.com/security/products/incopy/apsb21-71.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-788: Access of Memory Location After End of Buffer •
CVSS: 9.3EPSS: 0%CPEs: 2EXPL: 0CVE-2021-21090 – Adobe InCopy DOCX file parsing directory traversal vulnerability could lead to remote code execution
https://notcve.org/view.php?id=CVE-2021-21090
13 May 2021 — Adobe InCopy version 16.0 (and earlier) is affected by an path traversal vulnerability when parsing a crafted file. An unauthenticated attacker could leverage this vulnerability to achieve remote code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Adobe InCopy versiones 16.0 (y anteriores), está afectada por una vulnerabilidad de salto de ruta cuando se analiza un archivo diseñado. Un atacante no autenticado pod... • https://helpx.adobe.com/security/products/incopy/apsb21-25.html • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 7.0EPSS: 0%CPEs: 2EXPL: 0CVE-2021-21010 – Uncontrolled search path element in Adobe InCopy
https://notcve.org/view.php?id=CVE-2021-21010
13 Jan 2021 — InCopy version 15.1.1 (and earlier) for Windows is affected by an uncontrolled search path vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. InCopy versiones 15.1.1 (y anteriores) para Windows está afectado por una vulnerabilidad de ruta de búsqueda no controlada que podría resultar en una ejecución de código arbitraria en el contexto del usuario actual. La exp... • https://helpx.adobe.com/security/products/incopy/apsb21-05.html • CWE-427: Uncontrolled Search Path Element •