PT-2021-7029 · Adobe · Animate

Published

2021-02-09

Updated

2021-02-17

CVE-2021-21052

CVSS v2.0

9.3

High

Vector

AV:N/AC:M/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Adobe Animate versions 21.0.2 and earlier

Description The issue is caused by an Out-of-bounds Write vulnerability, which can be leveraged by an unauthenticated attacker to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction, where a victim must open a malicious file. This can allow a remote attacker to execute arbitrary code using a specially crafted file.

Recommendations For Adobe Animate versions 21.0.2 and earlier, update to a version that is not affected by this issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Memory Corruption

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-787

Related Identifiers

BDU:2022-02997

CVE-2021-21052

Affected Products

Animate

PT-2021-7029 · Adobe · Animate

CVE-2021-21052

Weakness Enumeration

Related Identifiers

Affected Products

References · 6