CVE-2021-28575

Name of the Vulnerable Software and Affected Versions Adobe Animate versions 21.0.5 and earlier

Description The issue is related to an out-of-bounds read vulnerability in memory when parsing a specially crafted file, potentially allowing a remote attacker to gain unauthorized access to protected information in the context of the current user. This can be achieved by exploiting the vulnerability through a specially crafted PDF file. Exploitation requires user interaction, where a victim must open a malicious file, allowing an unauthenticated attacker to disclose sensitive information.

Recommendations For Adobe Animate versions 21.0.5 and earlier, update to a version that fixes the out-of-bounds read vulnerability to prevent exploitation. As a temporary workaround, consider avoiding the use of specially crafted files that could trigger the vulnerability until a patch is available. Restrict access to potentially malicious files to minimize the risk of exploitation.