CVE-2021-42733

Name of the Vulnerable Software and Affected Versions Adobe Bridge version 11.1.1 and earlier Adobe Prelude versions 10.1 and earlier

Description The issue is related to improper input validation and a Null pointer dereference vulnerability when parsing specially crafted files. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-service or execute arbitrary code in the context of the current user. Exploitation requires user interaction, where a victim must open a malicious file.

Recommendations For Adobe Bridge version 11.1.1 and earlier, update to a version that addresses the Null pointer dereference vulnerability. For Adobe Prelude versions 10.1 and earlier, update to a version that addresses the improper input validation vulnerability in the XDCAMSAM directory. As a temporary workaround, consider restricting the opening of files from untrusted sources to minimize the risk of exploitation.