CVE-2021-35992: Adobe Bridge PostScript Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
First published: Tue Jul 13 2021(Updated: )
Adobe Bridge version 11.0.2 (and earlier) is affected by an Out-of-bounds Read vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to disclose sensitive memory information in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Credit: psirt@adobe.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Adobe Bridge CC | <=11.0.2 | |
| Microsoft Windows Operating System |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the severity of CVE-2021-35992?
CVE-2021-35992 has a moderate severity rating due to the potential for an attacker to disclose sensitive information.
How do I fix CVE-2021-35992?
To fix CVE-2021-35992, users should update Adobe Bridge to version 11.0.3 or later.
Who is affected by CVE-2021-35992?
CVE-2021-35992 affects users of Adobe Bridge version 11.0.2 and earlier.
What type of vulnerability is CVE-2021-35992?
CVE-2021-35992 is classified as an Out-of-bounds Read vulnerability.
What could an attacker achieve by exploiting CVE-2021-35992?
An attacker exploiting CVE-2021-35992 could potentially disclose sensitive memory information of the affected user.
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/references
- agent/title
- agent/severity
- agent/weakness
- agent/author
- agent/last-modified-date
- agent/description
- agent/first-publish-date
- agent/event
- agent/source
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/adobe
- canonical/adobe bridge cc
- version/adobe bridge cc/11.0.2
- vendor/microsoft
- canonical/microsoft windows operating system