WARNING: THIS SITE IS A MIRROR OF GITHUB.COM / IT CANNOT LOGIN OR REGISTER ACCOUNTS / THE CONTENTS ARE PROVIDED AS-IS / THIS SITE ASSUMES NO RESPONSIBILITY FOR ANY DISPLAYED CONTENT OR LINKS / IF YOU FOUND SOMETHING MAY NOT GOOD FOR EVERYONE, CONTACT ADMIN AT ilovescratch@foxmail.com
You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
{{ message }}
Adobe InDesign versions 16.4 (and earlier) are affected...
High severity
Unreviewed
Published
Nov 17, 2021
to the GitHub Advisory Database
•
Updated Feb 1, 2023
Adobe InDesign versions 16.4 (and earlier) are affected by a Buffer Overflow vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer.
Learn more on MITRE.
CVE ID
CVE-2021-42731
GHSA ID
GHSA-wqw8-8r4w-rccx
Source code
No known source code
Dependabot alerts are not supported on this advisory because it does not have a package from a supported ecosystem with an affected and fixed version.
Adobe InDesign versions 16.4 (and earlier) are affected by a Buffer Overflow vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
References