CVE-2021-39820

Summary

Adobe InDesign versions 16.3 (and earlier), and 16.3.1 (and earlier) is affected by an Out-of-bounds Write vulnerability due to insecure handling of a malicious TIFF file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability.

Affected Software

VendorProductVersion RangeStatus
AdobeInDesign0 <= 16.3.2affected

Weaknesses

  • CWE-787: Out-of-bounds Write (CWE-787)

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References