CVE-2021-39821

Summary

Adobe InDesign versions 16.3 (and earlier), and 16.3.1 (and earlier) are affected by an out-of-bounds read vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious TIF file.

Affected Software

VendorProductVersion RangeStatus
AdobeInDesignunspecified <= 16.3affected
AdobeInDesignunspecified <= 16.3.2affected
AdobeInDesignunspecified <= Noneaffected

Weaknesses

  • CWE-125: Out-of-bounds Read (CWE-125)

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References