CVE-2021-36077
01.09.2021, 15:15
Adobe Bridge version 11.1 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious SVG file, potentially resulting in local application denial of service in the context of the current user. User interaction is required to exploit this vulnerability.Enginsight
| Vendor | Product | Version |
|---|---|---|
| adobe | bridge | 𝑥 ≤ 11.1 |
𝑥
= Vulnerable software versions
Common Weakness Enumeration
- CWE-788 - Access of Memory Location After End of BufferThe software reads or writes to a buffer using an index or pointer that references a memory location after the end of the buffer.
- CWE-119 - Improper Restriction of Operations within the Bounds of a Memory BufferThe software performs operations on a memory buffer, but it can read from or write to a memory location that is outside of the intended boundary of the buffer.