CVE-2021-42272

Name of the Vulnerable Software and Affected Versions Adobe Animate versions 21.0.9 and earlier

Description The issue is related to an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction, where a victim must open a malicious GIF file. This allows an attacker to potentially execute code in the context of the current user.

Recommendations For Adobe Animate versions 21.0.9 and earlier, consider avoiding the use of GIF files from untrusted sources until a patch is available. As a temporary workaround, restrict the ability to open malicious GIF files to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.