Your submission was sent successfully! Close

CVE-2021-36064

Published: 1 September 2021

XMP Toolkit version 2020.1 (and earlier) is affected by a Buffer Underflow vulnerability which could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Notes

AuthorNote
mdeslaur
fixed in adobe's 2021.07 code drop
Priority

Medium

CVSS 3 base score: 7.8

Status

Package Release Status
exempi
Launchpad, Ubuntu, Debian
bionic
Released (2.4.5-2ubuntu0.1)
focal
Released (2.5.1-1ubuntu0.1)
impish
Released (2.5.2-1ubuntu0.21.10.1)
jammy
Released (2.5.2-1ubuntu0.22.04.1)
upstream
Released (2.6.0-1)
xenial Needs triage

Patches:
upstream: https://cgit.freedesktop.org/exempi/commit/?h=adobe-sdk&id=6a002707a50fc7b10001b5d627fd2528ca64ce5f