CVE-2021-21067 – Adobe Photoshop CoolType arbitrary stack manipulation in Type 1/Multiple Master

https://notcve.org/view.php?id=CVE-2021-21067

Adobe Photoshop versions 21.2.5 (and earlier) and 22.2 (and earlier) are affected by an Out-of-bounds Write vulnerability in the CoolType library. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Adobe Photoshop versiones 21.2.5 (y anteriores) y 22.2 (y anteriores), están afectadas por una vulnerabilidad de Escritura Fuera de Límites en la biblioteca CoolType. Un atacante no autenticado podría aprovechar esta vulnerabilidad para lograr una ejecución de código arbitraria en el contexto del usuario actual. • https://helpx.adobe.com/security/products/photoshop/apsb21-17.html • CWE-787: Out-of-bounds Write •