CVE-2021-39826

Summary

Adobe Digital Editions 4.5.11.187646 (and earlier) are affected by an arbitrary command execution vulnerability. An authenticated attacker could leverage this vulnerability to execute arbitrary commands. User interaction is required to abuse this vulnerability in that a user must open a maliciously crafted .epub file.

Affected Software

VendorProductVersion RangeStatus
AdobeDigital Editionsunspecified <= 4.5.11.187646affected
AdobeDigital Editionsunspecified <= Noneaffected

Weaknesses

  • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') (CWE-78)

ADP Enrichment

CVE Program Container

Additional References

References