First published: Mon May 02 2022(Updated: )
XMP Toolkit SDK version 2021.07 (and earlier) is affected by a stack-based buffer overflow vulnerability potentially resulting in arbitrary code execution in the context of the current user. Exploitation requires user interaction in that a victim must open a crafted file.
Credit: psirt@adobe.com
Affected Software | Affected Version | How to fix |
---|---|---|
Adobe XMP Toolkit | <=2021.07 | |
Debian Linux | =10.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2021-42532 has been rated as a critical vulnerability due to its potential for arbitrary code execution.
To fix CVE-2021-42532, update to the latest version of Adobe XMP Toolkit SDK that addresses the vulnerability.
CVE-2021-42532 affects Adobe XMP Toolkit SDK versions up to 2021.07 and Debian Linux version 10.0.
Yes, exploitation of CVE-2021-42532 requires user interaction to open a specially crafted file.
CVE-2021-42532 is classified as a stack-based buffer overflow vulnerability.