CVE-2021-36046 in Adobe and Debian Products
Published on September 1, 2021
XMP Toolkit SDK TIFF_MemoryReader::SortIFD function Memory Corruption
Weakness Type
Access of Memory Location After End of Buffer
The software reads or writes to a buffer using an index or pointer that references a memory location after the end of the buffer. This typically occurs when a pointer or its index is decremented to a position before the buffer; when pointer arithmetic results in a position before the buffer; or when a negative index is used, which generates a position before the buffer.
Products Associated with CVE-2021-36046
stack.watch emails you whenever new vulnerabilities are published in Adobe Xmp Toolkit Software Development Kit or Debian Linux. Just hit a watch button to start following.
Affected Versions
Adobe XMP Toolkit:- Version unspecified, <= 2020.1 is affected.
- Version unspecified, <= None is affected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.