Adobe has released security updates for its products causing Boundary Condition problem.
CVE-2021-21056 — Adobe Framemaker
Adobe has released a security update for Adobe Framemaker. The specific flaw exists within the parsing of PDF files. Crafted data in a PDF file can trigger a read past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process.
However, this vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe FrameMaker.
Follow Us on: Twitter, Instagram, Facebook to get the latest security news!
But, User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
However, Successful exploitation of this vulnerability can lead to arbitrary code execution on the system with the privileges of the victim or cause the application to crash resulting in a dos condition.
Also, This update addresses a critical vulnerability as caused due to Boundary Condition problem.
| Vulnerability Rating: | CVSS v3.0 |
| Base Score: | 8.4 |
| Base Metrics: | CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
| Vulnerability Rating: | CVSS v2.0 |
| Base Score: | 7.2 |
| Base Metrics: | CVSS:2.0/AV:L/AC:L/AU:N/C:C/I:C/A:C |
Affected Versions
The vulnerable products include:
| Product | Version | Platform |
|---|---|---|
| Adobe Framemaker | 2019.0.8 and below | Windows |
Solution
Adobe categorizes these updates with the following priority ratings and recommends users update their installation to the newest version:
| Product | Version | Platform | Priority |
| Adobe Framemaker | 2020.0.2 | Windows | 3 |
Leave A Comment