CVE-2021-42730: Adobe Bridge Memory Corruption could lead to Arbitrary code execution
First published: Wed Mar 16 2022(Updated: )
Adobe Bridge version 11.1.1 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious PSD file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability.
Credit: psirt@adobe.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Adobe Bridge | <=11.1.1 | |
| Microsoft Windows |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the vulnerability ID that affects Adobe Bridge?
The vulnerability ID that affects Adobe Bridge is CVE-2021-42730.
What is the severity of CVE-2021-42730?
The severity of CVE-2021-42730 is high with a CVSS score of 7.8.
How does CVE-2021-42730 affect Adobe Bridge?
CVE-2021-42730 affects Adobe Bridge by causing a memory corruption vulnerability due to insecure handling of a malicious PSD file.
What is the potential impact of CVE-2021-42730?
The potential impact of CVE-2021-42730 is arbitrary code execution in the context of the current user.
Is user interaction required to exploit CVE-2021-42730?
Yes, user interaction is required to exploit CVE-2021-42730.
How can I fix CVE-2021-42730 in Adobe Bridge version 11.1.1?
To fix CVE-2021-42730 in Adobe Bridge version 11.1.1, you should update to a newer version of Adobe Bridge that addresses this vulnerability.
- collector/nvd-index
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/references
- agent/remedy
- agent/author
- agent/title
- agent/severity
- agent/weakness
- agent/tags
- agent/first-publish-date
- agent/description
- agent/event
- vendor/adobe
- canonical/adobe bridge
- version/adobe bridge/11.1.1
- vendor/microsoft
- canonical/microsoft windows