VYPR
Unrated severityNVD Advisory· Published Jun 15, 2022· Updated Apr 23, 2025

Adobe InDesign Memory Corruption Vulnerability Could Lead to Arbitrary Code Execution

CVE-2021-39820

Description

Adobe InDesign versions 16.3 (and earlier), and 16.3.1 (and earlier) is affected by an Out-of-bounds Write vulnerability due to insecure handling of a malicious TIFF file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability.

Affected products

2
  • Adobe Inc./Indesignllm-fuzzy2 versions
    <=16.3, <=16.3.1+ 1 more
    • (no CPE)range: <=16.3, <=16.3.1
    • (no CPE)range: 0

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.