CVE-2021-40755

Name of the Vulnerable Software and Affected Versions Adobe After Effects versions 18.4.1 and earlier

Description The issue is related to a memory corruption vulnerability due to insecure handling of a malicious SGI file in the DoReadContinue function, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability. It is also described as a buffer overflow vulnerability in memory, which could allow an attacker to execute arbitrary code on the target system.

Recommendations For Adobe After Effects versions 18.4.1 and earlier, consider disabling the DoReadContinue function as a temporary workaround until a patch is available. Restrict the handling of SGI files to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.