Bulletin ID
Security Updates Available for Adobe Bridge | APSB21-53
Bulletin ID |
Date Published |
Priority |
---|---|---|
APSB21-53 |
July 13, 2021 |
3 |
Product |
Version |
Platform |
---|---|---|
Adobe Bridge |
11.0.2 and earlier versions |
Windows |
Adobe categorizes these updates with the following priority ratings and recommends users update their installation to the newest version via the Creative Cloud desktop app's update mechanism. For more information, please reference this help page.
Product |
Version |
Platform |
Priority |
Availability |
---|---|---|---|---|
Adobe Bridge |
11.1 |
Windows and macOS |
3 |
Vulnerability Category |
Vulnerability Impact |
Severity |
CVSS base score |
CVE Numbers |
|
---|---|---|---|---|---|
Heap-based Buffer Overflow (CWE-122) |
Arbitrary code execution |
Critical |
7.8 |
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
CVE-2021-28624 |
Out-of-bounds Read (CWE-125) |
Arbitrary file system read |
Moderate |
3.3 |
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N |
CVE-2021-35992 |
Improper Input Validation (CWE-20) |
Arbitrary code execution |
Critical |
7.8 |
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
CVE-2021-35991 |
Out-of-bounds Write (CWE-787) |
Arbitrary code execution |
Critical |
7.8 |
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
CVE-2021-35989 CVE-2021-35990 |
Adobe would like to thank the following researchers for reporting these issues and for working with Adobe to help protect our customers:
August 20, 2021: Added N-1 version details under the solution section.
For more information, visit https://helpx.adobe.com/security.html , or email PSIRT@adobe.com
Sign in to your account