Описание
XMP Toolkit SDK version 2020.1 (and earlier) is affected by an Improper Input Validation vulnerability potentially resulting in arbitrary code execution in the context of the current user. Exploitation requires user interaction in that a victim must open a crafted file.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | released | 2.4.5-2ubuntu0.1 |
| devel | not-affected | 2.6.1-2 |
| esm-infra/bionic | released | 2.4.5-2ubuntu0.1 |
| esm-infra/focal | released | 2.5.1-1ubuntu0.1 |
| esm-infra/xenial | needed | |
| focal | released | 2.5.1-1ubuntu0.1 |
| impish | released | 2.5.2-1ubuntu0.21.10.1 |
| jammy | released | 2.5.2-1ubuntu0.22.04.1 |
| kinetic | not-affected | 2.6.1-2 |
| lunar | not-affected | 2.6.1-2 |
Показывать по
EPSS
9.3 Critical
CVSS2
7.8 High
CVSS3
Связанные уязвимости
XMP Toolkit SDK version 2020.1 (and earlier) is affected by an Improper Input Validation vulnerability potentially resulting in arbitrary code execution in the context of the current user. Exploitation requires user interaction in that a victim must open a crafted file.
XMP Toolkit SDK version 2020.1 (and earlier) is affected by an Imprope ...
XMP Toolkit SDK version 2020.1 (and earlier) is affected by an Improper Input Validation vulnerability potentially resulting in arbitrary code execution in the context of the current user. Exploitation requires user interaction in that a victim must open a crafted file.
Уязвимость программного обеспечения создания метаданных, обработки и обмена набором стандартов Adobe XMP-Toolkit-SDK, связанная с недостаточной проверкой вводимых данных, позволяющая нарушителю выполнить произвольный код
EPSS
9.3 Critical
CVSS2
7.8 High
CVSS3