VYPR

XMP Toolkit SDK

by Adobe Inc.

CVEs (6)

  • CVE-2021-42532HigMay 2, 2022
    risk 0.51cvss 7.8epss 0.04

    XMP Toolkit SDK version 2021.07 (and earlier) is affected by a stack-based buffer overflow vulnerability potentially resulting in arbitrary code execution in the context of the current user. Exploitation requires user interaction in that a victim must open a crafted file.

  • CVE-2021-42531HigMay 2, 2022
    risk 0.51cvss 7.8epss 0.04

    XMP Toolkit SDK version 2021.07 (and earlier) is affected by a stack-based buffer overflow vulnerability potentially resulting in arbitrary code execution in the context of the current user. Exploitation requires user interaction in that a victim must open a crafted file.

  • CVE-2021-42530HigMay 2, 2022
    risk 0.51cvss 7.8epss 0.04

    XMP Toolkit SDK version 2021.07 (and earlier) is affected by a stack-based buffer overflow vulnerability potentially resulting in arbitrary code execution in the context of the current user. Exploitation requires user interaction in that a victim must open a crafted file.

  • CVE-2021-42529HigMay 2, 2022
    risk 0.51cvss 7.8epss 0.04

    XMP Toolkit SDK version 2021.07 (and earlier) is affected by a stack-based buffer overflow vulnerability potentially resulting in arbitrary code execution in the context of the current user. Exploitation requires user interaction in that a victim must open a crafted file.

  • CVE-2021-39847HigSep 1, 2021
    risk 0.51cvss 7.8epss 0.05

    XMP Toolkit SDK version 2020.1 (and earlier) is affected by a stack-based buffer overflow vulnerability potentially resulting in arbitrary code execution in the context of the current user. Exploitation requires user interaction in that a victim must open a crafted file.

  • CVE-2021-40716MedSep 29, 2021
    risk 0.36cvss 5.5epss 0.02

    XMP Toolkit SDK versions 2021.07 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user…