Page 5 of 23 results (0.005 seconds)

CVSS: 9.3EPSS: 0%CPEs: 2EXPL: 0

CVE-2021-36047 – XMP Toolkit SDK Improper Input Validation Could Lead To Arbitrary Code Execution

https://notcve.org/view.php?id=CVE-2021-36047

XMP Toolkit SDK version 2020.1 (and earlier) is affected by an Improper Input Validation vulnerability potentially resulting in arbitrary code execution in the context of the current user. Exploitation requires user interaction in that a victim must open a crafted file. XMP Toolkit SDK versiones 2020.1 (y anteriores), está afectado por una vulnerabilidad de comprobación Inapropiada de Entrada, resultando potencialmente en una ejecución de código arbitrario en el contexto del usuario actual. Una explotación requiere la interacción del usuario, ya que la víctima debe abrir un archivo diseñado • https://helpx.adobe.com/security/products/xmpcore/apsb21-65.html https://lists.debian.org/debian-lts-announce/2023/09/msg00032.html • CWE-20: Improper Input Validation •

CVSS: 4.3EPSS: 0%CPEs: 2EXPL: 0

CVE-2021-36045 – XMP Toolkit SDK Out-of-bounds Read Vulnerability In PostScriptSupport::ConvertToDate Could Lead To Information Exposure

https://notcve.org/view.php?id=CVE-2021-36045

XMP Toolkit SDK versions 2020.1 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of arbitrary memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. XMP Toolkit SDK versiones 2020.1 (y anteriores), están afectadas por una vulnerabilidad de lectura fuera de límites que podría conllevar a una divulgación de memoria arbitraria. Un atacante podría aprovechar esta vulnerabilidad para omitir mitigaciones como ASLR. • https://helpx.adobe.com/security/products/xmpcore/apsb21-65.html https://lists.debian.org/debian-lts-announce/2023/09/msg00032.html • CWE-125: Out-of-bounds Read •

CVSS: 9.3EPSS: 0%CPEs: 2EXPL: 0

CVE-2021-36046 – XMP Toolkit SDK TIFF_MemoryReader::SortIFD function Memory Corruption

https://notcve.org/view.php?id=CVE-2021-36046

XMP Toolkit version 2020.1 (and earlier) is affected by a memory corruption vulnerability, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability. XMP Toolkit versiones 2020.1 (y anteriores), está afectada por una vulnerabilidad de corrupción de memoria, resultando potencialmente en una ejecución de código arbitrario en el contexto del usuario actual. Es requerida una interacción del usuario para explotar esta vulnerabilidad • https://helpx.adobe.com/security/products/xmpcore/apsb21-65.html https://lists.debian.org/debian-lts-announce/2023/09/msg00032.html • CWE-787: Out-of-bounds Write CWE-788: Access of Memory Location After End of Buffer •