1.5.8

CVSS 0.0 - NONE

Attack vector

UNKNOWN

Attack complexity

UNKNOWN

Privileges required

UNKNOWN

Confidentiality impact

UNKNOWN

Integrity impact

UNKNOWN

Availability impact

UNKNOWN

adobe

CWE-787

NVD

Published: 2021-12-20

Updated: 2024-11-21

Summary

Adobe Premiere Rush version 1.5.16 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious M4A file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability.

Vulnerable Configurations

Part	Description	Count
Application	Adobe Adobe Premiere Rush 1.5.8 Adobe Premiere Rush 1.5.12 Adobe Premiere Rush 1.5.16	3
OS	Microsoft Microsoft Windows -	1

Common Weakness Enumeration (CWE)

CWE-787 - Out-of-bounds Write

References

https://helpx.adobe.com/security/products/premiere_rush/apsb21-101.html
https://helpx.adobe.com/security/products/premiere_rush/apsb21-101.html