Vulnerability CVE-2021-39827

Vulnerability CVE-2021-39827

Published: 2021-09-27

Description:

Adobe Digital Editions 4.5.11.187646 (and earlier) are affected by an arbitrary file write vulnerability in the Digital Editions installer. An authenticated attacker could leverage this vulnerability to write an arbitrary file to the system. User interaction is required before product installation to abuse this vulnerability.

Type:

CWE-379

(Creation of Temporary File in Directory with Incorrect Permissions)

CVSS2 => (AV:N/AC:M/Au:N/C:P/I:P/A:P)

CVSS Base Score	Impact Subscore	Exploitability Subscore
6.8/10	6.4/10	8.6/10

Exploit range	Attack complexity	Authentication
Remote	Medium	No required
Confidentiality impact	Integrity impact	Availability impact
Partial	Partial	Partial

References:

https://helpx.adobe.com/security/products/Digital-Editions/apsb21-80.html

Copyright 2024, cxsecurity.com