CVE-2021-46816 - NVD | ByteOS Network

NVD Vulnerability Details :

CVE-2021-46816

Analyzed

More Info Official Page

Source-psirt@adobe.com

Published At-13 Jun, 2022 | 13:15

Updated At-30 Jun, 2022 | 15:30

Adobe Premiere Pro version 15.4 (and earlier) are affected by a memory corruption vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious M4A file.

Metrics

Type	Version	Base score	Base severity	Vector
Primary	3.1	7.8	HIGH	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Primary	2.0	6.8	MEDIUM	AV:N/AC:M/Au:N/C:P/I:P/A:P

Type: Primary

Version: 3.1

Base score: 7.8

Base severity: HIGH

Vector:

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Type: Primary

Version: 2.0

Base score: 6.8

Base severity: MEDIUM

Vector:

AV:N/AC:M/Au:N/C:P/I:P/A:P

CPE Matches

>>macos>>-

cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*

Microsoft Corporation

cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*

>>premiere_pro>>Versions before 15.4.1(exclusive)

cpe:2.3:a:adobe:premiere_pro:*:*:*:*:*:*:*:*

Weaknesses

CWE ID	Type	Source
CWE-787	Primary	nvd@nist.gov
CWE-787	Secondary	psirt@adobe.com

CWE ID: CWE-787

Type: Primary

Source: nvd@nist.gov

CWE ID: CWE-787

Type: Secondary

Source: psirt@adobe.com

References

Hyperlink	Source	Resource
https://helpx.adobe.com/security/products/premiere_pro/apsb21-67.html	psirt@adobe.com	Vendor Advisory

Hyperlink: https://helpx.adobe.com/security/products/premiere_pro/apsb21-67.html

Source: psirt@adobe.com

Resource:

Vendor Advisory