CVE-2021-42733: Null Pointer Dereference
First published: Mon Nov 22 2021(Updated: )
Adobe Bridge version 11.1.1 (and earlier) is affected by a Null pointer dereference vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-service in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Credit: psirt@adobe.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Adobe Bridge | <11.1.2 | |
| Microsoft Windows |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is CVE-2021-42733?
CVE-2021-42733 is a null pointer dereference vulnerability in Adobe Bridge version 11.1.1 (and earlier) that can lead to a denial-of-service attack.
How does CVE-2021-42733 affect Adobe Bridge?
CVE-2021-42733 affects Adobe Bridge version 11.1.1 (and earlier) by causing a null pointer dereference vulnerability when parsing a specially crafted file, which can be exploited by an unauthenticated attacker to achieve a denial-of-service attack.
What is the severity of CVE-2021-42733?
The severity of CVE-2021-42733 is rated as medium with a severity value of 5.5.
How can CVE-2021-42733 be fixed?
To fix CVE-2021-42733, it is recommended to update Adobe Bridge to version 11.1.2 or later, as specified in the Adobe security bulletin APSB21-94.
Is Microsoft Windows affected by CVE-2021-42733?
No, Microsoft Windows is not vulnerable to CVE-2021-42733.