First published: Wed Jul 12 2023(Updated: )
Adobe Media Encoder versions 22.0, 15.4.2 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious MOV file.
Credit: psirt@adobe.com psirt@adobe.com
Affected Software | Affected Version | How to fix |
---|---|---|
Adobe Media Encoder | <15.4.3 | |
Adobe Media Encoder | =22.0 | |
Apple macOS | ||
Microsoft Windows |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The severity of CVE-2021-43760 is medium (5.5).
Adobe Media Encoder versions 22.0 and 15.4.2 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory.
An attacker could leverage CVE-2021-43760 to bypass mitigations such as ASLR and potentially disclose sensitive memory.
Yes, exploitation of CVE-2021-43760 requires user interaction.
You can find more information about CVE-2021-43760 at the following reference: [link](https://helpx.adobe.com/security/products/media-encoder/apsb21-118.html)