CVE-2021-21074: Adobe Animate out-of-bounds read vulnerability
First published: Tue Mar 09 2021(Updated: )
Adobe Animate version 21.0.3 (and earlier) is affected by an Out-of-bounds Read vulnerability. An unauthenticated attacker could leverage this vulnerability to disclose sensitive information in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Credit: psirt@adobe.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Adobe Animate | <=21.0.3 | |
| Microsoft Windows |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the vulnerability ID for this Adobe Animate vulnerability?
The vulnerability ID for this Adobe Animate vulnerability is CVE-2021-21074.
What is the severity of CVE-2021-21074?
The severity of CVE-2021-21074 is high with a CVSS score of 7.1.
How does CVE-2021-21074 affect Adobe Animate?
CVE-2021-21074 affects Adobe Animate versions 21.0.3 and earlier.
What is the impact of CVE-2021-21074?
The impact of CVE-2021-21074 is that an unauthenticated attacker could exploit the vulnerability to disclose sensitive information in the context of the current user.
Is there a fix available for CVE-2021-21074?
Yes, Adobe has released a security update to address the CVE-2021-21074 vulnerability. It is recommended to update to the latest version of Adobe Animate.
- collector/nvd-index
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/remedy
- agent/weakness
- agent/severity
- agent/author
- agent/title
- agent/last-modified-date
- agent/references
- agent/tags
- agent/description
- agent/event
- agent/first-publish-date
- vendor/adobe
- canonical/adobe animate
- version/adobe animate/21.0.3
- vendor/microsoft
- canonical/microsoft windows