Headline
CVE-2021-36052: Adobe Security Bulletin
XMP Toolkit version 2020.1 (and earlier) is affected by a memory corruption vulnerability, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability.
Security Updates Available for Adobe XMP Toolkit SDK | APSB21-65
Bulletin ID
Date Published
Priority
APSB21-65
August 17, 2021
3
Summary
Adobe has released updates for XMP-Toolkit-SDK. These updates resolve multiple critical and important vulnerabilities. Successful exploitation could lead to arbitrary code execution in the context of the current user.
Affected versions
2020.1 and earlier versions
Solution
Adobe categorizes these updates with the following priority ratings and recommends users update their installation to the newest.
Product
Updated version
Platform
Priority rating
Availability
Adobe XMP-Toolkit-SDK
2021.07
All
3
Release Note
Vulnerability Details
Vulnerability Category
Vulnerability Impact
Severity
CVSS base score
CVSS vector
CVE Number
Out-of-bounds Read
(CWE-125)
Arbitrary file system read
Critical
7.1
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H
CVE-2021-36045
Access of Memory Location After End of Buffer
(CWE-788)
Arbitrary code execution
Critical
7.8
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2021-36046
CVE-2021-36052
Improper Input Validation
(CWE-20)
Arbitrary code execution
Critical
7.8
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2021-36047
CVE-2021-36048
Heap-based Buffer Overflow
(CWE-122)
Arbitrary code execution
Critical
7.8
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2021-36050
CVE-2021-36051
Stack-based Buffer Overflow
(CWE-121)
Arbitrary code execution
Critical
7.8
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2021-39847
Out-of-bounds Read
(CWE-125)
Application denial-of-service
Important
5
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
CVE-2021-36053
Heap-based Buffer Overflow
(CWE-122)
Application denial-of-service
Important
6.1
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
CVE-2021-36054
Heap-based Buffer Overflow
(CWE-122)
Application denial-of-service
Important
6.1
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H
CVE-2021-36055
CVE-2021-36056
Write-what-where Condition
(CWE-123)
Arbitrary code execution
Important
4.7
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
CVE-2021-36057
Buffer Underwrite (‘Buffer Underflow’) (CWE-124)
Arbitrary code execution
Critical
7.8
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2021-36064
Integer Overflow or Wraparound
(CWE-190)
Application denial-of-service
Important
6.6
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
CVE-2021-36058
Acknowledgments
Adobe would like to thank the following for reporting the relevant issues and for working with Adobe to help protect our customers:
- CFF of Topsec Alpha Team (cff_123) (CVE-2021-36052, CVE-2021-36064)
- CQY of Topsec Alpha Team (yjdfy) (CVE-2021-36045, CVE-2021-36046, CVE-2021-36047, CVE-2021-36048, CVE-2021-36050, CVE-2021-36051, CVE-2021-36053, CVE-2021-36054, CVE-2021-36055, CVE-2021-36056, CVE-2021-36057, CVE-2021-36058, CVE-2021-39847)
Revision
September 1, 2021: Updated the CVSS base score and the CVSS vector for CVE-2021-36064, CVE-2021-36052.
Included details about CVE-2021-39847.
Updated acknowledgement details for yjdfy.
September 27, 2021: Updated CVSS base score for CVE-2021-36058 & CVE-2021-36054. Updated Vulnerability category for CVE-2021-36056. Updated credit for CVE-2021-36058.
For more information, visit https://helpx.adobe.com/security.html, or email [email protected].
Related news
Ubuntu Security Notice 5483-1 - It was discovered that Exempi incorrectly handled certain media files. If a user or automated system were tricked into opening a specially crafted file, a remote attacker could cause Exempi to stop responding or crash, resulting in a denial of service, or possibly execute arbitrary code.
Ubuntu Security Notice 5483-1 - It was discovered that Exempi incorrectly handled certain media files. If a user or automated system were tricked into opening a specially crafted file, a remote attacker could cause Exempi to stop responding or crash, resulting in a denial of service, or possibly execute arbitrary code.
Ubuntu Security Notice 5483-1 - It was discovered that Exempi incorrectly handled certain media files. If a user or automated system were tricked into opening a specially crafted file, a remote attacker could cause Exempi to stop responding or crash, resulting in a denial of service, or possibly execute arbitrary code.
Ubuntu Security Notice 5483-1 - It was discovered that Exempi incorrectly handled certain media files. If a user or automated system were tricked into opening a specially crafted file, a remote attacker could cause Exempi to stop responding or crash, resulting in a denial of service, or possibly execute arbitrary code.
Ubuntu Security Notice 5483-1 - It was discovered that Exempi incorrectly handled certain media files. If a user or automated system were tricked into opening a specially crafted file, a remote attacker could cause Exempi to stop responding or crash, resulting in a denial of service, or possibly execute arbitrary code.
Ubuntu Security Notice 5483-1 - It was discovered that Exempi incorrectly handled certain media files. If a user or automated system were tricked into opening a specially crafted file, a remote attacker could cause Exempi to stop responding or crash, resulting in a denial of service, or possibly execute arbitrary code.
Ubuntu Security Notice 5483-1 - It was discovered that Exempi incorrectly handled certain media files. If a user or automated system were tricked into opening a specially crafted file, a remote attacker could cause Exempi to stop responding or crash, resulting in a denial of service, or possibly execute arbitrary code.
Ubuntu Security Notice 5483-1 - It was discovered that Exempi incorrectly handled certain media files. If a user or automated system were tricked into opening a specially crafted file, a remote attacker could cause Exempi to stop responding or crash, resulting in a denial of service, or possibly execute arbitrary code.
Ubuntu Security Notice 5483-1 - It was discovered that Exempi incorrectly handled certain media files. If a user or automated system were tricked into opening a specially crafted file, a remote attacker could cause Exempi to stop responding or crash, resulting in a denial of service, or possibly execute arbitrary code.
Ubuntu Security Notice 5483-1 - It was discovered that Exempi incorrectly handled certain media files. If a user or automated system were tricked into opening a specially crafted file, a remote attacker could cause Exempi to stop responding or crash, resulting in a denial of service, or possibly execute arbitrary code.
Ubuntu Security Notice 5483-1 - It was discovered that Exempi incorrectly handled certain media files. If a user or automated system were tricked into opening a specially crafted file, a remote attacker could cause Exempi to stop responding or crash, resulting in a denial of service, or possibly execute arbitrary code.
Ubuntu Security Notice 5483-1 - It was discovered that Exempi incorrectly handled certain media files. If a user or automated system were tricked into opening a specially crafted file, a remote attacker could cause Exempi to stop responding or crash, resulting in a denial of service, or possibly execute arbitrary code.
Ubuntu Security Notice 5483-1 - It was discovered that Exempi incorrectly handled certain media files. If a user or automated system were tricked into opening a specially crafted file, a remote attacker could cause Exempi to stop responding or crash, resulting in a denial of service, or possibly execute arbitrary code.
Ubuntu Security Notice 5483-1 - It was discovered that Exempi incorrectly handled certain media files. If a user or automated system were tricked into opening a specially crafted file, a remote attacker could cause Exempi to stop responding or crash, resulting in a denial of service, or possibly execute arbitrary code.
XMP Toolkit version 2020.1 (and earlier) is affected by a null pointer dereference vulnerability that could result in leaking data from certain memory locations and causing a local denial of service in the context of the current user. User interaction is required to exploit this vulnerability in that the victim will need to open a specially crafted MXF file.