CVE-2021-40777 – Adobe Media Encoder WAV file memory corruption vulnerability could lead to arbitrary code execution
https://notcve.org/view.php?id=CVE-2021-40777
Adobe Media Encoder version 15.4.1 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability. Adobe Media Encoder versión 15.4.1 (y anteriores), está afectado por una vulnerabilidad de corrupción de memoria debida a un manejo no seguro de un archivo malicioso, resultando potencialmente en una ejecución de código arbitrario en el contexto del usuario actual. Es requerida una interacción del usuario para explotar esta vulnerabilidad • https://helpx.adobe.com/security/products/media-encoder/apsb21-99.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-788: Access of Memory Location After End of Buffer •
CVE-2021-40778 – Adobe Media Encoder Null Pointer Dereference Application denial-of-service
https://notcve.org/view.php?id=CVE-2021-40778
Adobe Media Encoder 15.4.1 (and earlier) is affected by a Null pointer dereference vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-service in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Adobe Media Encoder versión 15.4.1 (y anteriores), está afectado por una vulnerabilidad de desreferencia de puntero Null cuando es analizado un archivo especialmente diseñado. Un atacante no autenticado podría aprovechar esta vulnerabilidad para conseguir una denegación de servicio de la aplicación en el contexto del usuario actual. • https://helpx.adobe.com/security/products/media-encoder/apsb21-99.html • CWE-476: NULL Pointer Dereference •
CVE-2021-43757 – Adobe Media Encoder 3GP File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2021-43757
Adobe Media Encoder versions 22.0, 15.4.2 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious 3GP ​file This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Media Encoder. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of 3GP files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated structure. • https://helpx.adobe.com/security/products/media-encoder/apsb21-118.html • CWE-125: Out-of-bounds Read •
CVE-2021-43760 – Adobe Media Encoder MOV File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2021-43760
Adobe Media Encoder versions 22.0, 15.4.2 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious MOV file. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Adobe Media Encoder. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of MOV files. • https://helpx.adobe.com/security/products/media-encoder/apsb21-118.html • CWE-125: Out-of-bounds Read •
CVE-2021-43758 – Adobe Media Encoder MP4 File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2021-43758
Adobe Media Encoder versions 22.0, 15.4.2 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious MP4 file. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Adobe Media Encoder. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of MP4 files. • https://helpx.adobe.com/security/products/media-encoder/apsb21-118.html • CWE-125: Out-of-bounds Read •