Vulnerability Details CVE-2021-21006
Adobe Photoshop version 22.1 (and earlier) is affected by a heap buffer overflow vulnerability when handling a specially crafted font file. Successful exploitation could lead to arbitrary code execution. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.081
EPSS Ranking 91.8%
CVSS Severity
CVSS v3 Score 8.6
CVSS v2 Score 6.8
References
Products affected by CVE-2021-21006
-
cpe:2.3:a:adobe:photoshop:-
-
cpe:2.3:a:adobe:photoshop:10.0
-
cpe:2.3:a:adobe:photoshop:10.0.1
-
cpe:2.3:a:adobe:photoshop:11.0
-
cpe:2.3:a:adobe:photoshop:11.0.1
-
cpe:2.3:a:adobe:photoshop:11.0.2
-
cpe:2.3:a:adobe:photoshop:11.0.4
-
cpe:2.3:a:adobe:photoshop:12.0.0
-
cpe:2.3:a:adobe:photoshop:12.0.1
-
cpe:2.3:a:adobe:photoshop:12.0.2
-
cpe:2.3:a:adobe:photoshop:12.0.3
-
cpe:2.3:a:adobe:photoshop:12.0.4
-
cpe:2.3:a:adobe:photoshop:15.0
-
cpe:2.3:a:adobe:photoshop:15.2.2
-
cpe:2.3:a:adobe:photoshop:16.0
-
cpe:2.3:a:adobe:photoshop:16.1
-
cpe:2.3:a:adobe:photoshop:17.0
-
cpe:2.3:a:adobe:photoshop:17.0.1
-
cpe:2.3:a:adobe:photoshop:18.0
-
cpe:2.3:a:adobe:photoshop:18.0.1
-
cpe:2.3:a:adobe:photoshop:18.1.0
-
cpe:2.3:a:adobe:photoshop:18.1.1
-
cpe:2.3:a:adobe:photoshop:19.0.0
-
cpe:2.3:a:adobe:photoshop:2.5
-
cpe:2.3:a:adobe:photoshop:21.2
-
cpe:2.3:a:adobe:photoshop:21.2.1
-
cpe:2.3:a:adobe:photoshop:21.2.4
-
cpe:2.3:a:adobe:photoshop:21.2.5
-
cpe:2.3:a:adobe:photoshop:21.2.6
-
cpe:2.3:a:adobe:photoshop:22.0
-
cpe:2.3:a:adobe:photoshop:22.1
-
cpe:2.3:a:adobe:photoshop:3.0
-
cpe:2.3:a:adobe:photoshop:4.0
-
cpe:2.3:a:adobe:photoshop:5.0
-
cpe:2.3:a:adobe:photoshop:6.0
-
cpe:2.3:a:adobe:photoshop:6.0.1
-
cpe:2.3:a:adobe:photoshop:7.0
-
cpe:2.3:a:adobe:photoshop:7.0.1
-
cpe:2.3:a:adobe:photoshop:8.0
-
cpe:2.3:a:adobe:photoshop:9.0
-
cpe:2.3:a:adobe:photoshop:9.0.1
-
cpe:2.3:a:adobe:photoshop:9.0.2
-
cpe:2.3:o:apple:macos:-
-
cpe:2.3:o:microsoft:windows:-