CVE-2021-42734: Adobe Photoshop TIF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
First published: Thu Sep 07 2023(Updated: )
Adobe Photoshop version 22.5.1 and earlier versions are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Credit: psirt@adobe.com psirt@adobe.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Adobe Photoshop | <=22.5.1 | |
| Apple macOS | ||
| Microsoft Windows |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the vulnerability ID for this vulnerability?
The vulnerability ID for this vulnerability is CVE-2021-42734.
What is the severity level of CVE-2021-42734?
The severity level of CVE-2021-42734 is medium.
Which software versions are affected by CVE-2021-42734?
Adobe Photoshop version 22.5.1 and earlier versions are affected by CVE-2021-42734.
What is the risk associated with CVE-2021-42734?
CVE-2021-42734 can lead to disclosure of sensitive memory and bypassing of mitigations such as ASLR.
Is user interaction required to exploit CVE-2021-42734?
Yes, user interaction is required to exploit CVE-2021-42734.
- collector/nvd-api
- collector/nvd-index
- agent/author
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/references
- agent/title
- agent/severity
- agent/weakness
- agent/tags
- agent/first-publish-date
- agent/description
- agent/event
- vendor/adobe
- canonical/adobe photoshop
- version/adobe photoshop/22.5.1
- vendor/apple
- canonical/apple macos
- vendor/microsoft
- canonical/microsoft windows