CVE-2021-42731 | SynScan

Vulnerability Database

289,697

Total vulnerabilities in the database

CVE-2021-42731

Adobe InDesign versions 16.4 (and earlier) are affected by a Buffer Overflow vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Published: Nov 16, 2021
Updated: Apr 14, 2023
CVE: CVE-2021-42731
Severity: High
Exploit:

CVSS v3:

Severity: High
Score: 7.8
AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CVSS v2:

Severity: High
Score: 9.3
AV:N/AC:M/Au:N/C:C/I:C/A:C

CWEs:

CWE-120

Affected Software
References

Software	From	Fixed in
adobe / indesign	-	16.4.x

https://helpx.adobe.com/security/products/indesign/apsb21-107.html