Rewterz Threat Alert – Apache Log4j Complete Guide – Update B
December 17, 2021Rewterz Threat Advisory – ICS: Schneider Electric Rack PDU Vulnerability
December 17, 2021Severity
High
Analysis Summary
CVE-2021-43027: CVE-2021-44195: CVE-2021-44194: CVE-2021-44193: CVE-2021-44192: CVE-2021-44191: CVE-2021-44190: CVE-2021-44189:
Adobe After Effects could allow a remote attacker to obtain sensitive information, caused by an out-of-bounds read. By persuading a victim to open a specially-crafted document, a remote attacker could exploit this vulnerability to obtain sensitive information.
CVE-2021-44188
Adobe After Effects could allow a remote attacker to execute arbitrary code on the system, caused by an out-of-bounds read. By persuading a victim to open a specially-crafted file, an attacker could exploit this vulnerability to execute arbitrary code on the system.
CVE-2021-43755
Adobe After Effects could allow a remote attacker to execute arbitrary code on the system, caused by access of memory location after end of buffer. By persuading a victim to open a specially-crafted file, an attacker could exploit this vulnerability to execute arbitrary code on the system.
CVE-2021-43753
Adobe Lightroom could allow a remote attacker to gain elevated privileges on the system, caused by a use-after-free flaw. By persuading a victim to open a specially-crafted document, a remote attacker could exploit this vulnerability to gain elevated privileges on the system.
Impact
- Information Disclosure
- Code Execution
- Privilege Escalation
Affected Vendors
Adobe
Affected Products
- Adobe After Effects 22.0
- Adobe After Effects 18.4.2
- Adobe Lightroom 4.4
Remediation
Refer to Adobe Security Advisory for patch, upgrade or suggested workaround information.
Adobe After Effects:
Adobe Lightroom: