Описание
XMP Toolkit SDK versions 2020.1 (and earlier) are affected by a use-after-free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | released | 2.4.5-2ubuntu0.1 |
| devel | not-affected | 2.6.1-2 |
| esm-infra/bionic | released | 2.4.5-2ubuntu0.1 |
| esm-infra/focal | released | 2.5.1-1ubuntu0.1 |
| esm-infra/xenial | needed | |
| focal | released | 2.5.1-1ubuntu0.1 |
| impish | released | 2.5.2-1ubuntu0.21.10.1 |
| jammy | released | 2.5.2-1ubuntu0.22.04.1 |
| kinetic | not-affected | 2.6.1-2 |
| lunar | not-affected | 2.6.1-2 |
Показывать по
EPSS
9.3 Critical
CVSS2
7.8 High
CVSS3
Связанные уязвимости
XMP Toolkit SDK versions 2020.1 (and earlier) are affected by a use-after-free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
XMP Toolkit SDK versions 2020.1 (and earlier) are affected by a use-af ...
XMP Toolkit SDK versions 2020.1 (and earlier) are affected by a use-after-free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Уязвимость программного обеспечения создания метаданных, обработки и обмена набором стандартов Adobe XMP-Toolkit-SDK, связанная с ошибками переполнения буфера в динамической памяти, позволяющая нарушителю вызвать отказ в обслуживании
EPSS
9.3 Critical
CVSS2
7.8 High
CVSS3