CVE Vulnerability

CVE-2021-36057

XMP Toolkit SDK version 2020.1 (and earlier) is affected by a write-what-where condition vulnerability caused during the application's memory allocation process. This may cause the memory management functions to become mismatched resulting in local application denial of service in the context of the current user.

2.1 /10

CVSS v2.0 :

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 2.9

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact PARTIAL

Scope

3.3 /10

CVSS v3.0 : LOW

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 1.4

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact LOW

Scope UNCHANGED

References
Link Resource
https://helpx.adobe.com/security/products/xmpcore/apsb21-65.html Patch Vendor Advisory
Configurations

Configuration 1

cpe:2.3:a:adobe:xmp_toolkit_software_development_kit:*:*:*:*:*:*:*:*
Information

Published : 2021-09-01 03:15

Updated : 2021-10-27 01:47

NVD link : CVE-2021-36057

Mitre link : CVE-2021-36057

Products Affected
No products.
CWE
CWE-123