CVE-2021-43753Use After Free in Adobe Lightroom

CWE-416Use After Free3 documents3 sources
Severity
7.8HIGHNVD
EPSS
0.1%
top 69.23%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Adobe LightroomAdobe Lightroom Desktop
Timeline
PublishedSep 7

Description

Adobe Lightroom versions 4.4 (and earlier) are affected by a use-after-free vulnerability in the processing of parsing TIF files that could result in privilege escalation. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages2 packages

NVDadobe/lightroom< 5.1

🔴Vulnerability Details

2
GHSA
GHSA-8cm5-g2j6-fh65: Adobe Lightroom versions 42023-09-07
CVEList
Adobe Lightroom TIF File Parsing Use-After-Free Information Disclosure Vulnerability2023-09-07
CVE-2021-43753 — Use After Free in Adobe Lightroom | cvebase