CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  Take a third party risk management course for FREE
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Adobe » Animate » * * * * : Security Vulnerabilities

Cpe Name:cpe:2.3:a:adobe:animate:*:*:*:*:*:*:*:*
Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2021-42271 787 Exec Code 2021-11-18 2021-11-18
9.3
None Remote Medium Not required Complete Complete Complete
Adobe Animate version 21.0.9 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious BMP file.
2 CVE-2021-42270 787 Exec Code 2021-11-18 2021-11-18
9.3
None Remote Medium Not required Complete Complete Complete
Adobe Animate version 21.0.9 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious BMP file.
3 CVE-2021-42269 416 Exec Code 2021-11-18 2021-11-18
9.3
None Remote Medium Not required Complete Complete Complete
Adobe Animate version 21.0.9 (and earlier) are affected by a use-after-free vulnerability in the processing of a malformed FLA file that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
4 CVE-2021-42268 476 2021-11-18 2021-11-18
4.3
None Remote Medium Not required None None Partial
Adobe Animate version 21.0.9 (and earlier) is affected by a Null pointer dereference vulnerability when parsing a specially crafted FLA file. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-service in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
5 CVE-2021-42267 119 Exec Code Overflow Mem. Corr. 2021-11-18 2021-11-18
9.3
None Remote Medium Not required Complete Complete Complete
Adobe Animate version 21.0.9 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious FLA file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability.
6 CVE-2021-42266 119 Exec Code Overflow Mem. Corr. 2021-11-18 2022-04-25
9.3
None Remote Medium Not required Complete Complete Complete
Adobe Animate version 21.0.9 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious FLA file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability.
7 CVE-2021-21073 125 2021-03-12 2021-03-16
5.8
None Remote Medium Not required Partial None Partial
Adobe Animate version 21.0.3 (and earlier) is affected by an Out-of-bounds Read vulnerability. An unauthenticated attacker could leverage this vulnerability to disclose sensitive information in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
8 CVE-2016-7866 119 Exec Code Overflow Mem. Corr. 2016-12-15 2018-10-09
10.0
None Remote Low Not required Complete Complete Complete
Adobe Animate versions 15.2.1.95 and earlier have an exploitable memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution.
Total number of vulnerabilities : 8   Page : 1 (This Page)
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.