Search

Find a vulnerability

Search criteria

    142 vulnerabilities found for digital_editions by adobe

    CVE-2023-21582 (GCVE-0-2023-21582)

    Vulnerability from nvd – Published: 2023-04-12 00:00 – Updated: 2025-03-05 19:10
    VLAI
    Title
    ZDI-CAN-18255: Adobe Digital Editions PDF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
    Summary
    Adobe Digital Editions version 4.5.11.187303 (and earlier) is affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-787 - Out-of-bounds Write (CWE-787)
    Assigner
    Impacted products
    Vendor Product Version
    Adobe Digital Editions Affected: unspecified , ≤ 4.5.11.187303 (custom)
    Affected: unspecified , ≤ None (custom)
    Create a notification for this product.
    Date Public
    2023-04-11 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T09:44:01.367Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://helpx.adobe.com/security/products/Digital-Editions/apsb23-04.html"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-21582",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-03-05T18:40:46.720658Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-03-05T19:10:27.839Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Digital Editions",
              "vendor": "Adobe",
              "versions": [
                {
                  "lessThanOrEqual": "4.5.11.187303",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "None",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "datePublic": "2023-04-11T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Adobe Digital Editions version 4.5.11.187303 (and earlier) is affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-787",
                  "description": "Out-of-bounds Write (CWE-787)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-04-12T00:00:00.000Z",
            "orgId": "078d4453-3bcd-4900-85e6-15281da43538",
            "shortName": "adobe"
          },
          "references": [
            {
              "url": "https://helpx.adobe.com/security/products/Digital-Editions/apsb23-04.html"
            }
          ],
          "source": {
            "discovery": "EXTERNAL"
          },
          "title": "ZDI-CAN-18255: Adobe Digital Editions PDF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
        "assignerShortName": "adobe",
        "cveId": "CVE-2023-21582",
        "datePublished": "2023-04-12T00:00:00.000Z",
        "dateReserved": "2022-12-01T00:00:00.000Z",
        "dateUpdated": "2025-03-05T19:10:27.839Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2021-39828 (GCVE-0-2021-39828)

    Vulnerability from nvd – Published: 2021-09-27 15:43 – Updated: 2025-04-23 19:27
    VLAI
    Title
    Adobe Digital Editions Installer flaw leads to Local Privilege Escalation
    Summary
    Adobe Digital Editions 4.5.11.187646 (and earlier) are affected by a privilege escalation vulnerability in the Digital Editions installer. An authenticated attacker could leverage this vulnerability to escalate privileges. User interaction is required before product installation to abuse this vulnerability.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-379 - Creation of Temporary File in Directory with Incorrect Permissions (CWE-379)
    Assigner
    References
    Impacted products
    Vendor Product Version
    Adobe Digital Editions Affected: unspecified , ≤ 4.5.11.187646 (custom)
    Affected: unspecified , ≤ None (custom)
    Create a notification for this product.
    Date Public
    2021-09-14 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T02:20:33.291Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://helpx.adobe.com/security/products/Digital-Editions/apsb21-80.html"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2021-39828",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-04-23T13:16:38.081984Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-04-23T19:27:15.236Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Digital Editions",
              "vendor": "Adobe",
              "versions": [
                {
                  "lessThanOrEqual": "4.5.11.187646",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "None",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "datePublic": "2021-09-14T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Adobe Digital Editions 4.5.11.187646 (and earlier) are affected by a privilege escalation vulnerability in the Digital Editions installer. An authenticated attacker could leverage this vulnerability to escalate privileges. User interaction is required before product installation to abuse this vulnerability."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "NONE",
                "baseScore": 5.8,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:N",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-379",
                  "description": "Creation of Temporary File in Directory with Incorrect Permissions (CWE-379)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2021-09-27T15:43:26.000Z",
            "orgId": "078d4453-3bcd-4900-85e6-15281da43538",
            "shortName": "adobe"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://helpx.adobe.com/security/products/Digital-Editions/apsb21-80.html"
            }
          ],
          "source": {
            "discovery": "EXTERNAL"
          },
          "title": "Adobe Digital Editions Installer flaw leads to Local Privilege Escalation",
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@adobe.com",
              "DATE_PUBLIC": "2021-09-14T23:00:00.000Z",
              "ID": "CVE-2021-39828",
              "STATE": "PUBLIC",
              "TITLE": "Adobe Digital Editions Installer flaw leads to Local Privilege Escalation"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Digital Editions",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c=",
                                "version_value": "4.5.11.187646"
                              },
                              {
                                "version_affected": "\u003c=",
                                "version_value": "None"
                              },
                              {
                                "version_affected": "\u003c=",
                                "version_value": "None"
                              },
                              {
                                "version_affected": "\u003c=",
                                "version_value": "None"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Adobe"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Adobe Digital Editions 4.5.11.187646 (and earlier) are affected by a privilege escalation vulnerability in the Digital Editions installer. An authenticated attacker could leverage this vulnerability to escalate privileges. User interaction is required before product installation to abuse this vulnerability."
                }
              ]
            },
            "impact": {
              "cvss": {
                "attackComplexity": "Low",
                "attackVector": "Local",
                "availabilityImpact": "None",
                "baseScore": 5.8,
                "baseSeverity": "Medium",
                "confidentialityImpact": "High",
                "integrityImpact": "High",
                "privilegesRequired": "High",
                "scope": "Unchanged",
                "userInteraction": "Required",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:N",
                "version": "3.1"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Creation of Temporary File in Directory with Incorrect Permissions (CWE-379)"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://helpx.adobe.com/security/products/Digital-Editions/apsb21-80.html",
                  "refsource": "MISC",
                  "url": "https://helpx.adobe.com/security/products/Digital-Editions/apsb21-80.html"
                }
              ]
            },
            "source": {
              "discovery": "EXTERNAL"
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
        "assignerShortName": "adobe",
        "cveId": "CVE-2021-39828",
        "datePublished": "2021-09-27T15:43:26.854Z",
        "dateReserved": "2021-08-23T00:00:00.000Z",
        "dateUpdated": "2025-04-23T19:27:15.236Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2021-39827 (GCVE-0-2021-39827)

    Vulnerability from nvd – Published: 2021-09-27 15:42 – Updated: 2024-09-17 02:47
    VLAI
    Title
    Adobe Digital Editions Installer flaw leads to Arbitrary File System Write
    Summary
    Adobe Digital Editions 4.5.11.187646 (and earlier) are affected by an arbitrary file write vulnerability in the Digital Editions installer. An authenticated attacker could leverage this vulnerability to write an arbitrary file to the system. User interaction is required before product installation to abuse this vulnerability.
    CWE
    • CWE-379 - Creation of Temporary File in Directory with Incorrect Permissions (CWE-379)
    Assigner
    References
    Impacted products
    Vendor Product Version
    Adobe Digital Editions Affected: unspecified , ≤ 4.5.11.187646 (custom)
    Affected: unspecified , ≤ None (custom)
    Create a notification for this product.
    Date Public
    2021-09-14 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T02:20:33.373Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://helpx.adobe.com/security/products/Digital-Editions/apsb21-80.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Digital Editions",
              "vendor": "Adobe",
              "versions": [
                {
                  "lessThanOrEqual": "4.5.11.187646",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "None",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "datePublic": "2021-09-14T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Adobe Digital Editions 4.5.11.187646 (and earlier) are affected by an arbitrary file write vulnerability in the Digital Editions installer. An authenticated attacker could leverage this vulnerability to write an arbitrary file to the system. User interaction is required before product installation to abuse this vulnerability."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 6.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-379",
                  "description": "Creation of Temporary File in Directory with Incorrect Permissions (CWE-379)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2021-09-27T15:42:59.000Z",
            "orgId": "078d4453-3bcd-4900-85e6-15281da43538",
            "shortName": "adobe"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://helpx.adobe.com/security/products/Digital-Editions/apsb21-80.html"
            }
          ],
          "source": {
            "discovery": "EXTERNAL"
          },
          "title": "Adobe Digital Editions Installer flaw leads to Arbitrary File System Write",
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@adobe.com",
              "DATE_PUBLIC": "2021-09-14T23:00:00.000Z",
              "ID": "CVE-2021-39827",
              "STATE": "PUBLIC",
              "TITLE": "Adobe Digital Editions Installer flaw leads to Arbitrary File System Write"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Digital Editions",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c=",
                                "version_value": "4.5.11.187646"
                              },
                              {
                                "version_affected": "\u003c=",
                                "version_value": "None"
                              },
                              {
                                "version_affected": "\u003c=",
                                "version_value": "None"
                              },
                              {
                                "version_affected": "\u003c=",
                                "version_value": "None"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Adobe"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Adobe Digital Editions 4.5.11.187646 (and earlier) are affected by an arbitrary file write vulnerability in the Digital Editions installer. An authenticated attacker could leverage this vulnerability to write an arbitrary file to the system. User interaction is required before product installation to abuse this vulnerability."
                }
              ]
            },
            "impact": {
              "cvss": {
                "attackComplexity": "Low",
                "attackVector": "Local",
                "availabilityImpact": "High",
                "baseScore": 6.5,
                "baseSeverity": "Medium",
                "confidentialityImpact": "High",
                "integrityImpact": "High",
                "privilegesRequired": "High",
                "scope": "Unchanged",
                "userInteraction": "Required",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H",
                "version": "3.1"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Creation of Temporary File in Directory with Incorrect Permissions (CWE-379)"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://helpx.adobe.com/security/products/Digital-Editions/apsb21-80.html",
                  "refsource": "MISC",
                  "url": "https://helpx.adobe.com/security/products/Digital-Editions/apsb21-80.html"
                }
              ]
            },
            "source": {
              "discovery": "EXTERNAL"
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
        "assignerShortName": "adobe",
        "cveId": "CVE-2021-39827",
        "datePublished": "2021-09-27T15:42:59.801Z",
        "dateReserved": "2021-08-23T00:00:00.000Z",
        "dateUpdated": "2024-09-17T02:47:12.086Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2021-39826 (GCVE-0-2021-39826)

    Vulnerability from nvd – Published: 2021-09-27 15:42 – Updated: 2024-09-17 01:16
    VLAI
    Title
    Adobe Digital Editions Command Execution Vulnerability
    Summary
    Adobe Digital Editions 4.5.11.187646 (and earlier) are affected by an arbitrary command execution vulnerability. An authenticated attacker could leverage this vulnerability to execute arbitrary commands. User interaction is required to abuse this vulnerability in that a user must open a maliciously crafted .epub file.
    CWE
    • CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') (CWE-78)
    Assigner
    References
    Impacted products
    Vendor Product Version
    Adobe Digital Editions Affected: unspecified , ≤ 4.5.11.187646 (custom)
    Affected: unspecified , ≤ None (custom)
    Create a notification for this product.
    Date Public
    2021-09-14 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T02:20:33.322Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://helpx.adobe.com/security/products/Digital-Editions/apsb21-80.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Digital Editions",
              "vendor": "Adobe",
              "versions": [
                {
                  "lessThanOrEqual": "4.5.11.187646",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "None",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "datePublic": "2021-09-14T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Adobe Digital Editions 4.5.11.187646 (and earlier) are affected by an arbitrary command execution vulnerability. An authenticated attacker could leverage this vulnerability to execute arbitrary commands. User interaction is required to abuse this vulnerability in that a user must open a maliciously crafted .epub file."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 8.6,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-78",
                  "description": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027) (CWE-78)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2021-09-27T15:42:17.000Z",
            "orgId": "078d4453-3bcd-4900-85e6-15281da43538",
            "shortName": "adobe"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://helpx.adobe.com/security/products/Digital-Editions/apsb21-80.html"
            }
          ],
          "source": {
            "discovery": "EXTERNAL"
          },
          "title": "Adobe Digital Editions Command Execution Vulnerability",
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@adobe.com",
              "DATE_PUBLIC": "2021-09-14T23:00:00.000Z",
              "ID": "CVE-2021-39826",
              "STATE": "PUBLIC",
              "TITLE": "Adobe Digital Editions Command Execution Vulnerability"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Digital Editions",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c=",
                                "version_value": "4.5.11.187646"
                              },
                              {
                                "version_affected": "\u003c=",
                                "version_value": "None"
                              },
                              {
                                "version_affected": "\u003c=",
                                "version_value": "None"
                              },
                              {
                                "version_affected": "\u003c=",
                                "version_value": "None"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Adobe"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Adobe Digital Editions 4.5.11.187646 (and earlier) are affected by an arbitrary command execution vulnerability. An authenticated attacker could leverage this vulnerability to execute arbitrary commands. User interaction is required to abuse this vulnerability in that a user must open a maliciously crafted .epub file."
                }
              ]
            },
            "impact": {
              "cvss": {
                "attackComplexity": "Low",
                "attackVector": "Local",
                "availabilityImpact": "High",
                "baseScore": 8.6,
                "baseSeverity": "High",
                "confidentialityImpact": "High",
                "integrityImpact": "High",
                "privilegesRequired": "None",
                "scope": "Changed",
                "userInteraction": "Required",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
                "version": "3.1"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027) (CWE-78)"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://helpx.adobe.com/security/products/Digital-Editions/apsb21-80.html",
                  "refsource": "MISC",
                  "url": "https://helpx.adobe.com/security/products/Digital-Editions/apsb21-80.html"
                }
              ]
            },
            "source": {
              "discovery": "EXTERNAL"
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
        "assignerShortName": "adobe",
        "cveId": "CVE-2021-39826",
        "datePublished": "2021-09-27T15:42:17.137Z",
        "dateReserved": "2021-08-23T00:00:00.000Z",
        "dateUpdated": "2024-09-17T01:16:02.309Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2021-21100 (GCVE-0-2021-21100)

    Vulnerability from nvd – Published: 2021-04-15 13:51 – Updated: 2025-04-23 19:42
    VLAI
    Title
    Adobe Digital Editions Arbitrary file system write vulnerability
    Summary
    Adobe Digital Editions version 4.5.11.187245 (and earlier) is affected by a Privilege Escalation vulnerability during installation. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary file system write in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-379 - Creation of Temporary File in Directory with Incorrect Permissions (CWE-379)
    Assigner
    References
    Impacted products
    Vendor Product Version
    Adobe Digital Editions Affected: unspecified , ≤ 4.5.11.187245 (custom)
    Affected: unspecified , ≤ None (custom)
    Create a notification for this product.
    Date Public
    2021-04-13 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T18:01:13.275Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://helpx.adobe.com/security/products/Digital-Editions/apsb21-26.html"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2021-21100",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-04-23T13:19:24.332536Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-04-23T19:42:18.061Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Digital Editions",
              "vendor": "Adobe",
              "versions": [
                {
                  "lessThanOrEqual": "4.5.11.187245",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "None",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "datePublic": "2021-04-13T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Adobe Digital Editions version 4.5.11.187245 (and earlier) is affected by a Privilege Escalation vulnerability during installation. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary file system write in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-379",
                  "description": "Creation of Temporary File in Directory with Incorrect Permissions (CWE-379)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2021-04-15T13:51:28.000Z",
            "orgId": "078d4453-3bcd-4900-85e6-15281da43538",
            "shortName": "adobe"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://helpx.adobe.com/security/products/Digital-Editions/apsb21-26.html"
            }
          ],
          "source": {
            "discovery": "EXTERNAL"
          },
          "title": "Adobe Digital Editions Arbitrary file system write vulnerability",
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@adobe.com",
              "DATE_PUBLIC": "2021-04-13T23:00:00.000Z",
              "ID": "CVE-2021-21100",
              "STATE": "PUBLIC",
              "TITLE": "Adobe Digital Editions Arbitrary file system write vulnerability"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Digital Editions",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c=",
                                "version_value": "4.5.11.187245"
                              },
                              {
                                "version_affected": "\u003c=",
                                "version_value": "None"
                              },
                              {
                                "version_affected": "\u003c=",
                                "version_value": "None"
                              },
                              {
                                "version_affected": "\u003c=",
                                "version_value": "None"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Adobe"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Adobe Digital Editions version 4.5.11.187245 (and earlier) is affected by a Privilege Escalation vulnerability during installation. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary file system write in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
                }
              ]
            },
            "impact": {
              "cvss": {
                "attackComplexity": "None",
                "attackVector": "None",
                "availabilityImpact": "None",
                "baseScore": 7.8,
                "baseSeverity": "High",
                "confidentialityImpact": "None",
                "integrityImpact": "None",
                "privilegesRequired": "None",
                "scope": "None",
                "userInteraction": "None",
                "vectorString": "AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
                "version": "3.1"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Creation of Temporary File in Directory with Incorrect Permissions (CWE-379)"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://helpx.adobe.com/security/products/Digital-Editions/apsb21-26.html",
                  "refsource": "MISC",
                  "url": "https://helpx.adobe.com/security/products/Digital-Editions/apsb21-26.html"
                }
              ]
            },
            "source": {
              "discovery": "EXTERNAL"
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
        "assignerShortName": "adobe",
        "cveId": "CVE-2021-21100",
        "datePublished": "2021-04-15T13:51:28.016Z",
        "dateReserved": "2020-12-18T00:00:00.000Z",
        "dateUpdated": "2025-04-23T19:42:18.061Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2020-3798 (GCVE-0-2020-3798)

    Vulnerability from nvd – Published: 2020-06-26 20:09 – Updated: 2024-08-04 07:44
    VLAI
    Summary
    Adobe Digital Editions versions 4.5.11.187212 and below have a file enumeration (host or local network) vulnerability. Successful exploitation could lead to information disclosure.
    Severity
    No CVSS data available.
    CWE
    • File enumeration (host or local network)
    Assigner
    References
    Impacted products
    Vendor Product Version
    Adobe Adobe Digital Editions Affected: 4.5.11.187212 and below versions
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T07:44:50.894Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://helpx.adobe.com/security/products/Digital-Editions/apsb20-23.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Adobe Digital Editions",
              "vendor": "Adobe",
              "versions": [
                {
                  "status": "affected",
                  "version": "4.5.11.187212 and below versions"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Adobe Digital Editions versions 4.5.11.187212 and below have a file enumeration (host or local network) vulnerability. Successful exploitation could lead to information disclosure."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "File enumeration (host or local network)",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2020-06-26T20:09:33.000Z",
            "orgId": "078d4453-3bcd-4900-85e6-15281da43538",
            "shortName": "adobe"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://helpx.adobe.com/security/products/Digital-Editions/apsb20-23.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@adobe.com",
              "ID": "CVE-2020-3798",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Adobe Digital Editions",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "4.5.11.187212 and below versions"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Adobe"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Adobe Digital Editions versions 4.5.11.187212 and below have a file enumeration (host or local network) vulnerability. Successful exploitation could lead to information disclosure."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "File enumeration (host or local network)"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://helpx.adobe.com/security/products/Digital-Editions/apsb20-23.html",
                  "refsource": "CONFIRM",
                  "url": "https://helpx.adobe.com/security/products/Digital-Editions/apsb20-23.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
        "assignerShortName": "adobe",
        "cveId": "CVE-2020-3798",
        "datePublished": "2020-06-26T20:09:33.000Z",
        "dateReserved": "2019-12-17T00:00:00.000Z",
        "dateUpdated": "2024-08-04T07:44:50.894Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2020-3760 (GCVE-0-2020-3760)

    Vulnerability from nvd – Published: 2020-02-13 15:55 – Updated: 2024-08-04 07:44
    VLAI
    Summary
    Adobe Digital Editions versions 4.5.10 and below have a command injection vulnerability. Successful exploitation could lead to arbitrary code execution.
    Severity
    No CVSS data available.
    CWE
    • Command Injection
    Assigner
    References
    Impacted products
    Vendor Product Version
    Adobe Adobe Digital Editions Affected: 4.5.10 and below versions
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T07:44:50.558Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://helpx.adobe.com/security/products/Digital-Editions/apsb20-07.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Adobe Digital Editions",
              "vendor": "Adobe",
              "versions": [
                {
                  "status": "affected",
                  "version": "4.5.10 and below versions"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Adobe Digital Editions versions 4.5.10 and below have a command injection vulnerability. Successful exploitation could lead to arbitrary code execution."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Command Injection",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2020-02-13T15:55:04.000Z",
            "orgId": "078d4453-3bcd-4900-85e6-15281da43538",
            "shortName": "adobe"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://helpx.adobe.com/security/products/Digital-Editions/apsb20-07.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@adobe.com",
              "ID": "CVE-2020-3760",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Adobe Digital Editions",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "4.5.10 and below versions"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Adobe"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Adobe Digital Editions versions 4.5.10 and below have a command injection vulnerability. Successful exploitation could lead to arbitrary code execution."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Command Injection"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://helpx.adobe.com/security/products/Digital-Editions/apsb20-07.html",
                  "refsource": "CONFIRM",
                  "url": "https://helpx.adobe.com/security/products/Digital-Editions/apsb20-07.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
        "assignerShortName": "adobe",
        "cveId": "CVE-2020-3760",
        "datePublished": "2020-02-13T15:55:04.000Z",
        "dateReserved": "2019-12-17T00:00:00.000Z",
        "dateUpdated": "2024-08-04T07:44:50.558Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2020-3759 (GCVE-0-2020-3759)

    Vulnerability from nvd – Published: 2020-02-13 15:55 – Updated: 2024-08-04 07:44
    VLAI
    Summary
    Adobe Digital Editions versions 4.5.10 and below have a buffer errors vulnerability. Successful exploitation could lead to information disclosure.
    Severity
    No CVSS data available.
    CWE
    • Buffer Errors
    Assigner
    References
    Impacted products
    Vendor Product Version
    Adobe Adobe Digital Editions Affected: 4.5.10 and below versions
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T07:44:50.375Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://helpx.adobe.com/security/products/Digital-Editions/apsb20-07.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Adobe Digital Editions",
              "vendor": "Adobe",
              "versions": [
                {
                  "status": "affected",
                  "version": "4.5.10 and below versions"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Adobe Digital Editions versions 4.5.10 and below have a buffer errors vulnerability. Successful exploitation could lead to information disclosure."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Buffer Errors",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2020-02-13T15:55:10.000Z",
            "orgId": "078d4453-3bcd-4900-85e6-15281da43538",
            "shortName": "adobe"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://helpx.adobe.com/security/products/Digital-Editions/apsb20-07.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@adobe.com",
              "ID": "CVE-2020-3759",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Adobe Digital Editions",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "4.5.10 and below versions"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Adobe"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Adobe Digital Editions versions 4.5.10 and below have a buffer errors vulnerability. Successful exploitation could lead to information disclosure."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Buffer Errors"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://helpx.adobe.com/security/products/Digital-Editions/apsb20-07.html",
                  "refsource": "CONFIRM",
                  "url": "https://helpx.adobe.com/security/products/Digital-Editions/apsb20-07.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
        "assignerShortName": "adobe",
        "cveId": "CVE-2020-3759",
        "datePublished": "2020-02-13T15:55:10.000Z",
        "dateReserved": "2019-12-17T00:00:00.000Z",
        "dateUpdated": "2024-08-04T07:44:50.375Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2019-7095 (GCVE-0-2019-7095)

    Vulnerability from nvd – Published: 2019-05-24 18:48 – Updated: 2024-08-04 20:38
    VLAI
    Summary
    Adobe Digital Editions versions 4.5.10.185749 and below have a heap overflow vulnerability. Successful exploitation could lead to arbitrary code execution.
    Severity
    No CVSS data available.
    CWE
    • Heap Overflow
    Assigner
    References
    Impacted products
    Vendor Product Version
    Adobe Adobe Digital Editions Affected: 4.5.10.185749 and below versions
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T20:38:33.231Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://helpx.adobe.com/security/products/Digital-Editions/apsb19-16.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Adobe Digital Editions",
              "vendor": "Adobe",
              "versions": [
                {
                  "status": "affected",
                  "version": "4.5.10.185749 and below versions"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Adobe Digital Editions versions 4.5.10.185749 and below have a heap overflow vulnerability. Successful exploitation could lead to arbitrary code execution."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Heap Overflow",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2019-05-24T18:48:11.000Z",
            "orgId": "078d4453-3bcd-4900-85e6-15281da43538",
            "shortName": "adobe"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://helpx.adobe.com/security/products/Digital-Editions/apsb19-16.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@adobe.com",
              "ID": "CVE-2019-7095",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Adobe Digital Editions",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "4.5.10.185749 and below versions"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Adobe"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Adobe Digital Editions versions 4.5.10.185749 and below have a heap overflow vulnerability. Successful exploitation could lead to arbitrary code execution."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Heap Overflow"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://helpx.adobe.com/security/products/Digital-Editions/apsb19-16.html",
                  "refsource": "CONFIRM",
                  "url": "https://helpx.adobe.com/security/products/Digital-Editions/apsb19-16.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
        "assignerShortName": "adobe",
        "cveId": "CVE-2019-7095",
        "datePublished": "2019-05-24T18:48:11.000Z",
        "dateReserved": "2019-01-28T00:00:00.000Z",
        "dateUpdated": "2024-08-04T20:38:33.231Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2018-12817 (GCVE-0-2018-12817)

    Vulnerability from nvd – Published: 2019-01-18 17:00 – Updated: 2024-08-05 08:45
    VLAI
    Summary
    Adobe Digital Editions versions 4.5.9 and below have an out of bounds read vulnerability. Successful exploitation could lead to information disclosure.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2019-01-18 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T08:45:02.470Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://helpx.adobe.com/security/products/Digital-Editions/apsb19-04.html"
              },
              {
                "name": "106472",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/106472"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2019-01-18T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Adobe Digital Editions versions 4.5.9 and below have an out of bounds read vulnerability. Successful exploitation could lead to information disclosure."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2019-01-19T10:57:02.000Z",
            "orgId": "078d4453-3bcd-4900-85e6-15281da43538",
            "shortName": "adobe"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://helpx.adobe.com/security/products/Digital-Editions/apsb19-04.html"
            },
            {
              "name": "106472",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/106472"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@adobe.com",
              "ID": "CVE-2018-12817",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Adobe Digital Editions versions 4.5.9 and below have an out of bounds read vulnerability. Successful exploitation could lead to information disclosure."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://helpx.adobe.com/security/products/Digital-Editions/apsb19-04.html",
                  "refsource": "CONFIRM",
                  "url": "https://helpx.adobe.com/security/products/Digital-Editions/apsb19-04.html"
                },
                {
                  "name": "106472",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/106472"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
        "assignerShortName": "adobe",
        "cveId": "CVE-2018-12817",
        "datePublished": "2019-01-18T17:00:00.000Z",
        "dateReserved": "2018-06-25T00:00:00.000Z",
        "dateUpdated": "2024-08-05T08:45:02.470Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2018-12823 (GCVE-0-2018-12823)

    Vulnerability from nvd – Published: 2018-10-17 18:00 – Updated: 2024-08-05 08:45
    VLAI
    Summary
    Adobe Digital Editions versions 4.5.8 and below have a heap overflow vulnerability. Successful exploitation could lead to arbitrary code execution.
    Severity
    No CVSS data available.
    CWE
    • Heap overflow
    Assigner
    References
    Impacted products
    Vendor Product Version
    Adobe Adobe Digital Editions Affected: 4.5.8 and below versions
    Create a notification for this product.
    Date Public
    2018-10-09 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T08:45:02.191Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://helpx.adobe.com/security/products/Digital-Editions/apsb18-27.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Adobe Digital Editions",
              "vendor": "Adobe",
              "versions": [
                {
                  "status": "affected",
                  "version": "4.5.8 and below versions"
                }
              ]
            }
          ],
          "datePublic": "2018-10-09T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Adobe Digital Editions versions 4.5.8 and below have a heap overflow vulnerability. Successful exploitation could lead to arbitrary code execution."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Heap overflow",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-17T17:57:01.000Z",
            "orgId": "078d4453-3bcd-4900-85e6-15281da43538",
            "shortName": "adobe"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://helpx.adobe.com/security/products/Digital-Editions/apsb18-27.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@adobe.com",
              "ID": "CVE-2018-12823",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Adobe Digital Editions",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "4.5.8 and below versions"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Adobe"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Adobe Digital Editions versions 4.5.8 and below have a heap overflow vulnerability. Successful exploitation could lead to arbitrary code execution."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Heap overflow"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://helpx.adobe.com/security/products/Digital-Editions/apsb18-27.html",
                  "refsource": "CONFIRM",
                  "url": "https://helpx.adobe.com/security/products/Digital-Editions/apsb18-27.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
        "assignerShortName": "adobe",
        "cveId": "CVE-2018-12823",
        "datePublished": "2018-10-17T18:00:00.000Z",
        "dateReserved": "2018-06-25T00:00:00.000Z",
        "dateUpdated": "2024-08-05T08:45:02.191Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2018-12822 (GCVE-0-2018-12822)

    Vulnerability from nvd – Published: 2018-10-17 18:00 – Updated: 2024-08-05 08:45
    VLAI
    Summary
    Adobe Digital Editions versions 4.5.8 and below have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution.
    Severity
    No CVSS data available.
    CWE
    • Use after free
    Assigner
    References
    Impacted products
    Vendor Product Version
    Adobe Adobe Digital Editions Affected: 4.5.8 and below versions
    Create a notification for this product.
    Date Public
    2018-10-09 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T08:45:01.967Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://helpx.adobe.com/security/products/Digital-Editions/apsb18-27.html"
              },
              {
                "name": "105533",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/105533"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Adobe Digital Editions",
              "vendor": "Adobe",
              "versions": [
                {
                  "status": "affected",
                  "version": "4.5.8 and below versions"
                }
              ]
            }
          ],
          "datePublic": "2018-10-09T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Adobe Digital Editions versions 4.5.8 and below have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Use after free",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-18T09:57:01.000Z",
            "orgId": "078d4453-3bcd-4900-85e6-15281da43538",
            "shortName": "adobe"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://helpx.adobe.com/security/products/Digital-Editions/apsb18-27.html"
            },
            {
              "name": "105533",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/105533"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@adobe.com",
              "ID": "CVE-2018-12822",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Adobe Digital Editions",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "4.5.8 and below versions"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Adobe"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Adobe Digital Editions versions 4.5.8 and below have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Use after free"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://helpx.adobe.com/security/products/Digital-Editions/apsb18-27.html",
                  "refsource": "CONFIRM",
                  "url": "https://helpx.adobe.com/security/products/Digital-Editions/apsb18-27.html"
                },
                {
                  "name": "105533",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/105533"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
        "assignerShortName": "adobe",
        "cveId": "CVE-2018-12822",
        "datePublished": "2018-10-17T18:00:00.000Z",
        "dateReserved": "2018-06-25T00:00:00.000Z",
        "dateUpdated": "2024-08-05T08:45:01.967Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2018-12821 (GCVE-0-2018-12821)

    Vulnerability from nvd – Published: 2018-10-17 18:00 – Updated: 2024-08-05 08:45
    VLAI
    Summary
    Adobe Digital Editions versions 4.5.8 and below have an out of bounds read vulnerability. Successful exploitation could lead to information disclosure.
    Severity
    No CVSS data available.
    CWE
    • Out of bounds read
    Assigner
    References
    Impacted products
    Vendor Product Version
    Adobe Adobe Digital Editions Affected: 4.5.8 and below versions
    Create a notification for this product.
    Date Public
    2018-10-09 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T08:45:02.263Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://helpx.adobe.com/security/products/Digital-Editions/apsb18-27.html"
              },
              {
                "name": "105532",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/105532"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Adobe Digital Editions",
              "vendor": "Adobe",
              "versions": [
                {
                  "status": "affected",
                  "version": "4.5.8 and below versions"
                }
              ]
            }
          ],
          "datePublic": "2018-10-09T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Adobe Digital Editions versions 4.5.8 and below have an out of bounds read vulnerability. Successful exploitation could lead to information disclosure."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Out of bounds read",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-18T09:57:01.000Z",
            "orgId": "078d4453-3bcd-4900-85e6-15281da43538",
            "shortName": "adobe"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://helpx.adobe.com/security/products/Digital-Editions/apsb18-27.html"
            },
            {
              "name": "105532",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/105532"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@adobe.com",
              "ID": "CVE-2018-12821",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Adobe Digital Editions",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "4.5.8 and below versions"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Adobe"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Adobe Digital Editions versions 4.5.8 and below have an out of bounds read vulnerability. Successful exploitation could lead to information disclosure."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Out of bounds read"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://helpx.adobe.com/security/products/Digital-Editions/apsb18-27.html",
                  "refsource": "CONFIRM",
                  "url": "https://helpx.adobe.com/security/products/Digital-Editions/apsb18-27.html"
                },
                {
                  "name": "105532",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/105532"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
        "assignerShortName": "adobe",
        "cveId": "CVE-2018-12821",
        "datePublished": "2018-10-17T18:00:00.000Z",
        "dateReserved": "2018-06-25T00:00:00.000Z",
        "dateUpdated": "2024-08-05T08:45:02.263Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2018-12820 (GCVE-0-2018-12820)

    Vulnerability from nvd – Published: 2018-10-17 18:00 – Updated: 2024-08-05 08:45
    VLAI
    Summary
    Adobe Digital Editions versions 4.5.8 and below have an out of bounds read vulnerability. Successful exploitation could lead to information disclosure.
    Severity
    No CVSS data available.
    CWE
    • Out of bounds read
    Assigner
    References
    Impacted products
    Vendor Product Version
    Adobe Adobe Digital Editions Affected: 4.5.8 and below versions
    Create a notification for this product.
    Date Public
    2018-10-09 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T08:45:02.163Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://helpx.adobe.com/security/products/Digital-Editions/apsb18-27.html"
              },
              {
                "name": "105532",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/105532"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Adobe Digital Editions",
              "vendor": "Adobe",
              "versions": [
                {
                  "status": "affected",
                  "version": "4.5.8 and below versions"
                }
              ]
            }
          ],
          "datePublic": "2018-10-09T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Adobe Digital Editions versions 4.5.8 and below have an out of bounds read vulnerability. Successful exploitation could lead to information disclosure."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Out of bounds read",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-18T09:57:01.000Z",
            "orgId": "078d4453-3bcd-4900-85e6-15281da43538",
            "shortName": "adobe"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://helpx.adobe.com/security/products/Digital-Editions/apsb18-27.html"
            },
            {
              "name": "105532",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/105532"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@adobe.com",
              "ID": "CVE-2018-12820",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Adobe Digital Editions",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "4.5.8 and below versions"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Adobe"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Adobe Digital Editions versions 4.5.8 and below have an out of bounds read vulnerability. Successful exploitation could lead to information disclosure."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Out of bounds read"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://helpx.adobe.com/security/products/Digital-Editions/apsb18-27.html",
                  "refsource": "CONFIRM",
                  "url": "https://helpx.adobe.com/security/products/Digital-Editions/apsb18-27.html"
                },
                {
                  "name": "105532",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/105532"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
        "assignerShortName": "adobe",
        "cveId": "CVE-2018-12820",
        "datePublished": "2018-10-17T18:00:00.000Z",
        "dateReserved": "2018-06-25T00:00:00.000Z",
        "dateUpdated": "2024-08-05T08:45:02.163Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2018-12819 (GCVE-0-2018-12819)

    Vulnerability from nvd – Published: 2018-10-17 18:00 – Updated: 2024-08-05 08:45
    VLAI
    Summary
    Adobe Digital Editions versions 4.5.8 and below have an out of bounds read vulnerability. Successful exploitation could lead to information disclosure.
    Severity
    No CVSS data available.
    CWE
    • Out of bounds read
    Assigner
    References
    Impacted products
    Vendor Product Version
    Adobe Adobe Digital Editions Affected: 4.5.8 and below versions
    Create a notification for this product.
    Date Public
    2018-10-09 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T08:45:02.097Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://helpx.adobe.com/security/products/Digital-Editions/apsb18-27.html"
              },
              {
                "name": "105532",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/105532"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Adobe Digital Editions",
              "vendor": "Adobe",
              "versions": [
                {
                  "status": "affected",
                  "version": "4.5.8 and below versions"
                }
              ]
            }
          ],
          "datePublic": "2018-10-09T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Adobe Digital Editions versions 4.5.8 and below have an out of bounds read vulnerability. Successful exploitation could lead to information disclosure."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Out of bounds read",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-18T09:57:01.000Z",
            "orgId": "078d4453-3bcd-4900-85e6-15281da43538",
            "shortName": "adobe"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://helpx.adobe.com/security/products/Digital-Editions/apsb18-27.html"
            },
            {
              "name": "105532",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/105532"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@adobe.com",
              "ID": "CVE-2018-12819",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Adobe Digital Editions",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "4.5.8 and below versions"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Adobe"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Adobe Digital Editions versions 4.5.8 and below have an out of bounds read vulnerability. Successful exploitation could lead to information disclosure."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Out of bounds read"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://helpx.adobe.com/security/products/Digital-Editions/apsb18-27.html",
                  "refsource": "CONFIRM",
                  "url": "https://helpx.adobe.com/security/products/Digital-Editions/apsb18-27.html"
                },
                {
                  "name": "105532",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/105532"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
        "assignerShortName": "adobe",
        "cveId": "CVE-2018-12819",
        "datePublished": "2018-10-17T18:00:00.000Z",
        "dateReserved": "2018-06-25T00:00:00.000Z",
        "dateUpdated": "2024-08-05T08:45:02.097Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2018-12818 (GCVE-0-2018-12818)

    Vulnerability from nvd – Published: 2018-10-17 18:00 – Updated: 2024-08-05 08:45
    VLAI
    Summary
    Adobe Digital Editions versions 4.5.8 and below have an out of bounds read vulnerability. Successful exploitation could lead to information disclosure.
    Severity
    No CVSS data available.
    CWE
    • Out of bounds read
    Assigner
    References
    Impacted products
    Vendor Product Version
    Adobe Adobe Digital Editions Affected: 4.5.8 and below versions
    Create a notification for this product.
    Date Public
    2018-10-09 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T08:45:01.481Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://helpx.adobe.com/security/products/Digital-Editions/apsb18-27.html"
              },
              {
                "name": "105532",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/105532"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Adobe Digital Editions",
              "vendor": "Adobe",
              "versions": [
                {
                  "status": "affected",
                  "version": "4.5.8 and below versions"
                }
              ]
            }
          ],
          "datePublic": "2018-10-09T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Adobe Digital Editions versions 4.5.8 and below have an out of bounds read vulnerability. Successful exploitation could lead to information disclosure."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Out of bounds read",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-18T09:57:01.000Z",
            "orgId": "078d4453-3bcd-4900-85e6-15281da43538",
            "shortName": "adobe"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://helpx.adobe.com/security/products/Digital-Editions/apsb18-27.html"
            },
            {
              "name": "105532",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/105532"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@adobe.com",
              "ID": "CVE-2018-12818",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Adobe Digital Editions",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "4.5.8 and below versions"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Adobe"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Adobe Digital Editions versions 4.5.8 and below have an out of bounds read vulnerability. Successful exploitation could lead to information disclosure."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Out of bounds read"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://helpx.adobe.com/security/products/Digital-Editions/apsb18-27.html",
                  "refsource": "CONFIRM",
                  "url": "https://helpx.adobe.com/security/products/Digital-Editions/apsb18-27.html"
                },
                {
                  "name": "105532",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/105532"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
        "assignerShortName": "adobe",
        "cveId": "CVE-2018-12818",
        "datePublished": "2018-10-17T18:00:00.000Z",
        "dateReserved": "2018-06-25T00:00:00.000Z",
        "dateUpdated": "2024-08-05T08:45:01.481Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2018-12816 (GCVE-0-2018-12816)

    Vulnerability from nvd – Published: 2018-10-17 18:00 – Updated: 2024-08-05 08:45
    VLAI
    Summary
    Adobe Digital Editions versions 4.5.8 and below have an out of bounds read vulnerability. Successful exploitation could lead to information disclosure.
    Severity
    No CVSS data available.
    CWE
    • Out of bounds read
    Assigner
    References
    Impacted products
    Vendor Product Version
    Adobe Adobe Digital Editions Affected: 4.5.8 and below versions
    Create a notification for this product.
    Date Public
    2018-10-09 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T08:45:02.023Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://helpx.adobe.com/security/products/Digital-Editions/apsb18-27.html"
              },
              {
                "name": "105532",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/105532"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Adobe Digital Editions",
              "vendor": "Adobe",
              "versions": [
                {
                  "status": "affected",
                  "version": "4.5.8 and below versions"
                }
              ]
            }
          ],
          "datePublic": "2018-10-09T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Adobe Digital Editions versions 4.5.8 and below have an out of bounds read vulnerability. Successful exploitation could lead to information disclosure."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Out of bounds read",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-18T09:57:01.000Z",
            "orgId": "078d4453-3bcd-4900-85e6-15281da43538",
            "shortName": "adobe"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://helpx.adobe.com/security/products/Digital-Editions/apsb18-27.html"
            },
            {
              "name": "105532",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/105532"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@adobe.com",
              "ID": "CVE-2018-12816",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Adobe Digital Editions",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "4.5.8 and below versions"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Adobe"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Adobe Digital Editions versions 4.5.8 and below have an out of bounds read vulnerability. Successful exploitation could lead to information disclosure."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Out of bounds read"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://helpx.adobe.com/security/products/Digital-Editions/apsb18-27.html",
                  "refsource": "CONFIRM",
                  "url": "https://helpx.adobe.com/security/products/Digital-Editions/apsb18-27.html"
                },
                {
                  "name": "105532",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/105532"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
        "assignerShortName": "adobe",
        "cveId": "CVE-2018-12816",
        "datePublished": "2018-10-17T18:00:00.000Z",
        "dateReserved": "2018-06-25T00:00:00.000Z",
        "dateUpdated": "2024-08-05T08:45:02.023Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2018-12814 (GCVE-0-2018-12814)

    Vulnerability from nvd – Published: 2018-10-17 18:00 – Updated: 2024-08-05 08:45
    VLAI
    Summary
    Adobe Digital Editions versions 4.5.8 and below have a heap overflow vulnerability. Successful exploitation could lead to arbitrary code execution.
    Severity
    No CVSS data available.
    CWE
    • Heap overflow
    Assigner
    References
    Impacted products
    Vendor Product Version
    Adobe Adobe Digital Editions Affected: 4.5.8 and below versions
    Create a notification for this product.
    Date Public
    2018-10-09 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T08:45:02.338Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://helpx.adobe.com/security/products/Digital-Editions/apsb18-27.html"
              },
              {
                "name": "105536",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/105536"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Adobe Digital Editions",
              "vendor": "Adobe",
              "versions": [
                {
                  "status": "affected",
                  "version": "4.5.8 and below versions"
                }
              ]
            }
          ],
          "datePublic": "2018-10-09T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Adobe Digital Editions versions 4.5.8 and below have a heap overflow vulnerability. Successful exploitation could lead to arbitrary code execution."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Heap overflow",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-18T09:57:01.000Z",
            "orgId": "078d4453-3bcd-4900-85e6-15281da43538",
            "shortName": "adobe"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://helpx.adobe.com/security/products/Digital-Editions/apsb18-27.html"
            },
            {
              "name": "105536",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/105536"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@adobe.com",
              "ID": "CVE-2018-12814",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Adobe Digital Editions",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "4.5.8 and below versions"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Adobe"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Adobe Digital Editions versions 4.5.8 and below have a heap overflow vulnerability. Successful exploitation could lead to arbitrary code execution."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Heap overflow"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://helpx.adobe.com/security/products/Digital-Editions/apsb18-27.html",
                  "refsource": "CONFIRM",
                  "url": "https://helpx.adobe.com/security/products/Digital-Editions/apsb18-27.html"
                },
                {
                  "name": "105536",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/105536"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
        "assignerShortName": "adobe",
        "cveId": "CVE-2018-12814",
        "datePublished": "2018-10-17T18:00:00.000Z",
        "dateReserved": "2018-06-25T00:00:00.000Z",
        "dateUpdated": "2024-08-05T08:45:02.338Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2018-12813 (GCVE-0-2018-12813)

    Vulnerability from nvd – Published: 2018-10-17 18:00 – Updated: 2024-08-05 08:45
    VLAI
    Summary
    Adobe Digital Editions versions 4.5.8 and below have a heap overflow vulnerability. Successful exploitation could lead to arbitrary code execution.
    Severity
    No CVSS data available.
    CWE
    • Heap overflow
    Assigner
    References
    Impacted products
    Vendor Product Version
    Adobe Adobe Digital Editions Affected: 4.5.8 and below versions
    Create a notification for this product.
    Date Public
    2018-10-09 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T08:45:02.127Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://helpx.adobe.com/security/products/Digital-Editions/apsb18-27.html"
              },
              {
                "name": "105536",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/105536"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Adobe Digital Editions",
              "vendor": "Adobe",
              "versions": [
                {
                  "status": "affected",
                  "version": "4.5.8 and below versions"
                }
              ]
            }
          ],
          "datePublic": "2018-10-09T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Adobe Digital Editions versions 4.5.8 and below have a heap overflow vulnerability. Successful exploitation could lead to arbitrary code execution."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Heap overflow",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-18T09:57:01.000Z",
            "orgId": "078d4453-3bcd-4900-85e6-15281da43538",
            "shortName": "adobe"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://helpx.adobe.com/security/products/Digital-Editions/apsb18-27.html"
            },
            {
              "name": "105536",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/105536"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@adobe.com",
              "ID": "CVE-2018-12813",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Adobe Digital Editions",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "4.5.8 and below versions"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Adobe"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Adobe Digital Editions versions 4.5.8 and below have a heap overflow vulnerability. Successful exploitation could lead to arbitrary code execution."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Heap overflow"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://helpx.adobe.com/security/products/Digital-Editions/apsb18-27.html",
                  "refsource": "CONFIRM",
                  "url": "https://helpx.adobe.com/security/products/Digital-Editions/apsb18-27.html"
                },
                {
                  "name": "105536",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/105536"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
        "assignerShortName": "adobe",
        "cveId": "CVE-2018-12813",
        "datePublished": "2018-10-17T18:00:00.000Z",
        "dateReserved": "2018-06-25T00:00:00.000Z",
        "dateUpdated": "2024-08-05T08:45:02.127Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-21582 (GCVE-0-2023-21582)

    Vulnerability from cvelistv5 – Published: 2023-04-12 00:00 – Updated: 2025-03-05 19:10
    VLAI
    Title
    ZDI-CAN-18255: Adobe Digital Editions PDF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
    Summary
    Adobe Digital Editions version 4.5.11.187303 (and earlier) is affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-787 - Out-of-bounds Write (CWE-787)
    Assigner
    Impacted products
    Vendor Product Version
    Adobe Digital Editions Affected: unspecified , ≤ 4.5.11.187303 (custom)
    Affected: unspecified , ≤ None (custom)
    Create a notification for this product.
    Date Public
    2023-04-11 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T09:44:01.367Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://helpx.adobe.com/security/products/Digital-Editions/apsb23-04.html"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-21582",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-03-05T18:40:46.720658Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-03-05T19:10:27.839Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Digital Editions",
              "vendor": "Adobe",
              "versions": [
                {
                  "lessThanOrEqual": "4.5.11.187303",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "None",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "datePublic": "2023-04-11T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Adobe Digital Editions version 4.5.11.187303 (and earlier) is affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-787",
                  "description": "Out-of-bounds Write (CWE-787)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-04-12T00:00:00.000Z",
            "orgId": "078d4453-3bcd-4900-85e6-15281da43538",
            "shortName": "adobe"
          },
          "references": [
            {
              "url": "https://helpx.adobe.com/security/products/Digital-Editions/apsb23-04.html"
            }
          ],
          "source": {
            "discovery": "EXTERNAL"
          },
          "title": "ZDI-CAN-18255: Adobe Digital Editions PDF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
        "assignerShortName": "adobe",
        "cveId": "CVE-2023-21582",
        "datePublished": "2023-04-12T00:00:00.000Z",
        "dateReserved": "2022-12-01T00:00:00.000Z",
        "dateUpdated": "2025-03-05T19:10:27.839Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2021-39828 (GCVE-0-2021-39828)

    Vulnerability from cvelistv5 – Published: 2021-09-27 15:43 – Updated: 2025-04-23 19:27
    VLAI
    Title
    Adobe Digital Editions Installer flaw leads to Local Privilege Escalation
    Summary
    Adobe Digital Editions 4.5.11.187646 (and earlier) are affected by a privilege escalation vulnerability in the Digital Editions installer. An authenticated attacker could leverage this vulnerability to escalate privileges. User interaction is required before product installation to abuse this vulnerability.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-379 - Creation of Temporary File in Directory with Incorrect Permissions (CWE-379)
    Assigner
    References
    Impacted products
    Vendor Product Version
    Adobe Digital Editions Affected: unspecified , ≤ 4.5.11.187646 (custom)
    Affected: unspecified , ≤ None (custom)
    Create a notification for this product.
    Date Public
    2021-09-14 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T02:20:33.291Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://helpx.adobe.com/security/products/Digital-Editions/apsb21-80.html"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2021-39828",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-04-23T13:16:38.081984Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-04-23T19:27:15.236Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Digital Editions",
              "vendor": "Adobe",
              "versions": [
                {
                  "lessThanOrEqual": "4.5.11.187646",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "None",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "datePublic": "2021-09-14T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Adobe Digital Editions 4.5.11.187646 (and earlier) are affected by a privilege escalation vulnerability in the Digital Editions installer. An authenticated attacker could leverage this vulnerability to escalate privileges. User interaction is required before product installation to abuse this vulnerability."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "NONE",
                "baseScore": 5.8,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:N",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-379",
                  "description": "Creation of Temporary File in Directory with Incorrect Permissions (CWE-379)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2021-09-27T15:43:26.000Z",
            "orgId": "078d4453-3bcd-4900-85e6-15281da43538",
            "shortName": "adobe"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://helpx.adobe.com/security/products/Digital-Editions/apsb21-80.html"
            }
          ],
          "source": {
            "discovery": "EXTERNAL"
          },
          "title": "Adobe Digital Editions Installer flaw leads to Local Privilege Escalation",
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@adobe.com",
              "DATE_PUBLIC": "2021-09-14T23:00:00.000Z",
              "ID": "CVE-2021-39828",
              "STATE": "PUBLIC",
              "TITLE": "Adobe Digital Editions Installer flaw leads to Local Privilege Escalation"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Digital Editions",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c=",
                                "version_value": "4.5.11.187646"
                              },
                              {
                                "version_affected": "\u003c=",
                                "version_value": "None"
                              },
                              {
                                "version_affected": "\u003c=",
                                "version_value": "None"
                              },
                              {
                                "version_affected": "\u003c=",
                                "version_value": "None"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Adobe"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Adobe Digital Editions 4.5.11.187646 (and earlier) are affected by a privilege escalation vulnerability in the Digital Editions installer. An authenticated attacker could leverage this vulnerability to escalate privileges. User interaction is required before product installation to abuse this vulnerability."
                }
              ]
            },
            "impact": {
              "cvss": {
                "attackComplexity": "Low",
                "attackVector": "Local",
                "availabilityImpact": "None",
                "baseScore": 5.8,
                "baseSeverity": "Medium",
                "confidentialityImpact": "High",
                "integrityImpact": "High",
                "privilegesRequired": "High",
                "scope": "Unchanged",
                "userInteraction": "Required",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:N",
                "version": "3.1"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Creation of Temporary File in Directory with Incorrect Permissions (CWE-379)"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://helpx.adobe.com/security/products/Digital-Editions/apsb21-80.html",
                  "refsource": "MISC",
                  "url": "https://helpx.adobe.com/security/products/Digital-Editions/apsb21-80.html"
                }
              ]
            },
            "source": {
              "discovery": "EXTERNAL"
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
        "assignerShortName": "adobe",
        "cveId": "CVE-2021-39828",
        "datePublished": "2021-09-27T15:43:26.854Z",
        "dateReserved": "2021-08-23T00:00:00.000Z",
        "dateUpdated": "2025-04-23T19:27:15.236Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2021-39827 (GCVE-0-2021-39827)

    Vulnerability from cvelistv5 – Published: 2021-09-27 15:42 – Updated: 2024-09-17 02:47
    VLAI
    Title
    Adobe Digital Editions Installer flaw leads to Arbitrary File System Write
    Summary
    Adobe Digital Editions 4.5.11.187646 (and earlier) are affected by an arbitrary file write vulnerability in the Digital Editions installer. An authenticated attacker could leverage this vulnerability to write an arbitrary file to the system. User interaction is required before product installation to abuse this vulnerability.
    CWE
    • CWE-379 - Creation of Temporary File in Directory with Incorrect Permissions (CWE-379)
    Assigner
    References
    Impacted products
    Vendor Product Version
    Adobe Digital Editions Affected: unspecified , ≤ 4.5.11.187646 (custom)
    Affected: unspecified , ≤ None (custom)
    Create a notification for this product.
    Date Public
    2021-09-14 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T02:20:33.373Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://helpx.adobe.com/security/products/Digital-Editions/apsb21-80.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Digital Editions",
              "vendor": "Adobe",
              "versions": [
                {
                  "lessThanOrEqual": "4.5.11.187646",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "None",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "datePublic": "2021-09-14T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Adobe Digital Editions 4.5.11.187646 (and earlier) are affected by an arbitrary file write vulnerability in the Digital Editions installer. An authenticated attacker could leverage this vulnerability to write an arbitrary file to the system. User interaction is required before product installation to abuse this vulnerability."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 6.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-379",
                  "description": "Creation of Temporary File in Directory with Incorrect Permissions (CWE-379)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2021-09-27T15:42:59.000Z",
            "orgId": "078d4453-3bcd-4900-85e6-15281da43538",
            "shortName": "adobe"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://helpx.adobe.com/security/products/Digital-Editions/apsb21-80.html"
            }
          ],
          "source": {
            "discovery": "EXTERNAL"
          },
          "title": "Adobe Digital Editions Installer flaw leads to Arbitrary File System Write",
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@adobe.com",
              "DATE_PUBLIC": "2021-09-14T23:00:00.000Z",
              "ID": "CVE-2021-39827",
              "STATE": "PUBLIC",
              "TITLE": "Adobe Digital Editions Installer flaw leads to Arbitrary File System Write"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Digital Editions",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c=",
                                "version_value": "4.5.11.187646"
                              },
                              {
                                "version_affected": "\u003c=",
                                "version_value": "None"
                              },
                              {
                                "version_affected": "\u003c=",
                                "version_value": "None"
                              },
                              {
                                "version_affected": "\u003c=",
                                "version_value": "None"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Adobe"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Adobe Digital Editions 4.5.11.187646 (and earlier) are affected by an arbitrary file write vulnerability in the Digital Editions installer. An authenticated attacker could leverage this vulnerability to write an arbitrary file to the system. User interaction is required before product installation to abuse this vulnerability."
                }
              ]
            },
            "impact": {
              "cvss": {
                "attackComplexity": "Low",
                "attackVector": "Local",
                "availabilityImpact": "High",
                "baseScore": 6.5,
                "baseSeverity": "Medium",
                "confidentialityImpact": "High",
                "integrityImpact": "High",
                "privilegesRequired": "High",
                "scope": "Unchanged",
                "userInteraction": "Required",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H",
                "version": "3.1"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Creation of Temporary File in Directory with Incorrect Permissions (CWE-379)"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://helpx.adobe.com/security/products/Digital-Editions/apsb21-80.html",
                  "refsource": "MISC",
                  "url": "https://helpx.adobe.com/security/products/Digital-Editions/apsb21-80.html"
                }
              ]
            },
            "source": {
              "discovery": "EXTERNAL"
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
        "assignerShortName": "adobe",
        "cveId": "CVE-2021-39827",
        "datePublished": "2021-09-27T15:42:59.801Z",
        "dateReserved": "2021-08-23T00:00:00.000Z",
        "dateUpdated": "2024-09-17T02:47:12.086Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2021-39826 (GCVE-0-2021-39826)

    Vulnerability from cvelistv5 – Published: 2021-09-27 15:42 – Updated: 2024-09-17 01:16
    VLAI
    Title
    Adobe Digital Editions Command Execution Vulnerability
    Summary
    Adobe Digital Editions 4.5.11.187646 (and earlier) are affected by an arbitrary command execution vulnerability. An authenticated attacker could leverage this vulnerability to execute arbitrary commands. User interaction is required to abuse this vulnerability in that a user must open a maliciously crafted .epub file.
    CWE
    • CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') (CWE-78)
    Assigner
    References
    Impacted products
    Vendor Product Version
    Adobe Digital Editions Affected: unspecified , ≤ 4.5.11.187646 (custom)
    Affected: unspecified , ≤ None (custom)
    Create a notification for this product.
    Date Public
    2021-09-14 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T02:20:33.322Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://helpx.adobe.com/security/products/Digital-Editions/apsb21-80.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Digital Editions",
              "vendor": "Adobe",
              "versions": [
                {
                  "lessThanOrEqual": "4.5.11.187646",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "None",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "datePublic": "2021-09-14T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Adobe Digital Editions 4.5.11.187646 (and earlier) are affected by an arbitrary command execution vulnerability. An authenticated attacker could leverage this vulnerability to execute arbitrary commands. User interaction is required to abuse this vulnerability in that a user must open a maliciously crafted .epub file."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 8.6,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-78",
                  "description": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027) (CWE-78)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2021-09-27T15:42:17.000Z",
            "orgId": "078d4453-3bcd-4900-85e6-15281da43538",
            "shortName": "adobe"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://helpx.adobe.com/security/products/Digital-Editions/apsb21-80.html"
            }
          ],
          "source": {
            "discovery": "EXTERNAL"
          },
          "title": "Adobe Digital Editions Command Execution Vulnerability",
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@adobe.com",
              "DATE_PUBLIC": "2021-09-14T23:00:00.000Z",
              "ID": "CVE-2021-39826",
              "STATE": "PUBLIC",
              "TITLE": "Adobe Digital Editions Command Execution Vulnerability"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Digital Editions",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c=",
                                "version_value": "4.5.11.187646"
                              },
                              {
                                "version_affected": "\u003c=",
                                "version_value": "None"
                              },
                              {
                                "version_affected": "\u003c=",
                                "version_value": "None"
                              },
                              {
                                "version_affected": "\u003c=",
                                "version_value": "None"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Adobe"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Adobe Digital Editions 4.5.11.187646 (and earlier) are affected by an arbitrary command execution vulnerability. An authenticated attacker could leverage this vulnerability to execute arbitrary commands. User interaction is required to abuse this vulnerability in that a user must open a maliciously crafted .epub file."
                }
              ]
            },
            "impact": {
              "cvss": {
                "attackComplexity": "Low",
                "attackVector": "Local",
                "availabilityImpact": "High",
                "baseScore": 8.6,
                "baseSeverity": "High",
                "confidentialityImpact": "High",
                "integrityImpact": "High",
                "privilegesRequired": "None",
                "scope": "Changed",
                "userInteraction": "Required",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
                "version": "3.1"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027) (CWE-78)"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://helpx.adobe.com/security/products/Digital-Editions/apsb21-80.html",
                  "refsource": "MISC",
                  "url": "https://helpx.adobe.com/security/products/Digital-Editions/apsb21-80.html"
                }
              ]
            },
            "source": {
              "discovery": "EXTERNAL"
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
        "assignerShortName": "adobe",
        "cveId": "CVE-2021-39826",
        "datePublished": "2021-09-27T15:42:17.137Z",
        "dateReserved": "2021-08-23T00:00:00.000Z",
        "dateUpdated": "2024-09-17T01:16:02.309Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2021-21100 (GCVE-0-2021-21100)

    Vulnerability from cvelistv5 – Published: 2021-04-15 13:51 – Updated: 2025-04-23 19:42
    VLAI
    Title
    Adobe Digital Editions Arbitrary file system write vulnerability
    Summary
    Adobe Digital Editions version 4.5.11.187245 (and earlier) is affected by a Privilege Escalation vulnerability during installation. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary file system write in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-379 - Creation of Temporary File in Directory with Incorrect Permissions (CWE-379)
    Assigner
    References
    Impacted products
    Vendor Product Version
    Adobe Digital Editions Affected: unspecified , ≤ 4.5.11.187245 (custom)
    Affected: unspecified , ≤ None (custom)
    Create a notification for this product.
    Date Public
    2021-04-13 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T18:01:13.275Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://helpx.adobe.com/security/products/Digital-Editions/apsb21-26.html"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2021-21100",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-04-23T13:19:24.332536Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-04-23T19:42:18.061Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Digital Editions",
              "vendor": "Adobe",
              "versions": [
                {
                  "lessThanOrEqual": "4.5.11.187245",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "None",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "datePublic": "2021-04-13T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Adobe Digital Editions version 4.5.11.187245 (and earlier) is affected by a Privilege Escalation vulnerability during installation. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary file system write in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-379",
                  "description": "Creation of Temporary File in Directory with Incorrect Permissions (CWE-379)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2021-04-15T13:51:28.000Z",
            "orgId": "078d4453-3bcd-4900-85e6-15281da43538",
            "shortName": "adobe"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://helpx.adobe.com/security/products/Digital-Editions/apsb21-26.html"
            }
          ],
          "source": {
            "discovery": "EXTERNAL"
          },
          "title": "Adobe Digital Editions Arbitrary file system write vulnerability",
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@adobe.com",
              "DATE_PUBLIC": "2021-04-13T23:00:00.000Z",
              "ID": "CVE-2021-21100",
              "STATE": "PUBLIC",
              "TITLE": "Adobe Digital Editions Arbitrary file system write vulnerability"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Digital Editions",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c=",
                                "version_value": "4.5.11.187245"
                              },
                              {
                                "version_affected": "\u003c=",
                                "version_value": "None"
                              },
                              {
                                "version_affected": "\u003c=",
                                "version_value": "None"
                              },
                              {
                                "version_affected": "\u003c=",
                                "version_value": "None"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Adobe"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Adobe Digital Editions version 4.5.11.187245 (and earlier) is affected by a Privilege Escalation vulnerability during installation. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary file system write in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
                }
              ]
            },
            "impact": {
              "cvss": {
                "attackComplexity": "None",
                "attackVector": "None",
                "availabilityImpact": "None",
                "baseScore": 7.8,
                "baseSeverity": "High",
                "confidentialityImpact": "None",
                "integrityImpact": "None",
                "privilegesRequired": "None",
                "scope": "None",
                "userInteraction": "None",
                "vectorString": "AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
                "version": "3.1"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Creation of Temporary File in Directory with Incorrect Permissions (CWE-379)"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://helpx.adobe.com/security/products/Digital-Editions/apsb21-26.html",
                  "refsource": "MISC",
                  "url": "https://helpx.adobe.com/security/products/Digital-Editions/apsb21-26.html"
                }
              ]
            },
            "source": {
              "discovery": "EXTERNAL"
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
        "assignerShortName": "adobe",
        "cveId": "CVE-2021-21100",
        "datePublished": "2021-04-15T13:51:28.016Z",
        "dateReserved": "2020-12-18T00:00:00.000Z",
        "dateUpdated": "2025-04-23T19:42:18.061Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2020-3798 (GCVE-0-2020-3798)

    Vulnerability from cvelistv5 – Published: 2020-06-26 20:09 – Updated: 2024-08-04 07:44
    VLAI
    Summary
    Adobe Digital Editions versions 4.5.11.187212 and below have a file enumeration (host or local network) vulnerability. Successful exploitation could lead to information disclosure.
    Severity
    No CVSS data available.
    CWE
    • File enumeration (host or local network)
    Assigner
    References
    Impacted products
    Vendor Product Version
    Adobe Adobe Digital Editions Affected: 4.5.11.187212 and below versions
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T07:44:50.894Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://helpx.adobe.com/security/products/Digital-Editions/apsb20-23.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Adobe Digital Editions",
              "vendor": "Adobe",
              "versions": [
                {
                  "status": "affected",
                  "version": "4.5.11.187212 and below versions"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Adobe Digital Editions versions 4.5.11.187212 and below have a file enumeration (host or local network) vulnerability. Successful exploitation could lead to information disclosure."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "File enumeration (host or local network)",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2020-06-26T20:09:33.000Z",
            "orgId": "078d4453-3bcd-4900-85e6-15281da43538",
            "shortName": "adobe"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://helpx.adobe.com/security/products/Digital-Editions/apsb20-23.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@adobe.com",
              "ID": "CVE-2020-3798",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Adobe Digital Editions",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "4.5.11.187212 and below versions"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Adobe"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Adobe Digital Editions versions 4.5.11.187212 and below have a file enumeration (host or local network) vulnerability. Successful exploitation could lead to information disclosure."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "File enumeration (host or local network)"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://helpx.adobe.com/security/products/Digital-Editions/apsb20-23.html",
                  "refsource": "CONFIRM",
                  "url": "https://helpx.adobe.com/security/products/Digital-Editions/apsb20-23.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
        "assignerShortName": "adobe",
        "cveId": "CVE-2020-3798",
        "datePublished": "2020-06-26T20:09:33.000Z",
        "dateReserved": "2019-12-17T00:00:00.000Z",
        "dateUpdated": "2024-08-04T07:44:50.894Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2020-3759 (GCVE-0-2020-3759)

    Vulnerability from cvelistv5 – Published: 2020-02-13 15:55 – Updated: 2024-08-04 07:44
    VLAI
    Summary
    Adobe Digital Editions versions 4.5.10 and below have a buffer errors vulnerability. Successful exploitation could lead to information disclosure.
    Severity
    No CVSS data available.
    CWE
    • Buffer Errors
    Assigner
    References
    Impacted products
    Vendor Product Version
    Adobe Adobe Digital Editions Affected: 4.5.10 and below versions
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T07:44:50.375Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://helpx.adobe.com/security/products/Digital-Editions/apsb20-07.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Adobe Digital Editions",
              "vendor": "Adobe",
              "versions": [
                {
                  "status": "affected",
                  "version": "4.5.10 and below versions"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Adobe Digital Editions versions 4.5.10 and below have a buffer errors vulnerability. Successful exploitation could lead to information disclosure."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Buffer Errors",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2020-02-13T15:55:10.000Z",
            "orgId": "078d4453-3bcd-4900-85e6-15281da43538",
            "shortName": "adobe"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://helpx.adobe.com/security/products/Digital-Editions/apsb20-07.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@adobe.com",
              "ID": "CVE-2020-3759",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Adobe Digital Editions",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "4.5.10 and below versions"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Adobe"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Adobe Digital Editions versions 4.5.10 and below have a buffer errors vulnerability. Successful exploitation could lead to information disclosure."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Buffer Errors"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://helpx.adobe.com/security/products/Digital-Editions/apsb20-07.html",
                  "refsource": "CONFIRM",
                  "url": "https://helpx.adobe.com/security/products/Digital-Editions/apsb20-07.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
        "assignerShortName": "adobe",
        "cveId": "CVE-2020-3759",
        "datePublished": "2020-02-13T15:55:10.000Z",
        "dateReserved": "2019-12-17T00:00:00.000Z",
        "dateUpdated": "2024-08-04T07:44:50.375Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2020-3760 (GCVE-0-2020-3760)

    Vulnerability from cvelistv5 – Published: 2020-02-13 15:55 – Updated: 2024-08-04 07:44
    VLAI
    Summary
    Adobe Digital Editions versions 4.5.10 and below have a command injection vulnerability. Successful exploitation could lead to arbitrary code execution.
    Severity
    No CVSS data available.
    CWE
    • Command Injection
    Assigner
    References
    Impacted products
    Vendor Product Version
    Adobe Adobe Digital Editions Affected: 4.5.10 and below versions
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T07:44:50.558Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://helpx.adobe.com/security/products/Digital-Editions/apsb20-07.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Adobe Digital Editions",
              "vendor": "Adobe",
              "versions": [
                {
                  "status": "affected",
                  "version": "4.5.10 and below versions"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Adobe Digital Editions versions 4.5.10 and below have a command injection vulnerability. Successful exploitation could lead to arbitrary code execution."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Command Injection",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2020-02-13T15:55:04.000Z",
            "orgId": "078d4453-3bcd-4900-85e6-15281da43538",
            "shortName": "adobe"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://helpx.adobe.com/security/products/Digital-Editions/apsb20-07.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@adobe.com",
              "ID": "CVE-2020-3760",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Adobe Digital Editions",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "4.5.10 and below versions"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Adobe"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Adobe Digital Editions versions 4.5.10 and below have a command injection vulnerability. Successful exploitation could lead to arbitrary code execution."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Command Injection"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://helpx.adobe.com/security/products/Digital-Editions/apsb20-07.html",
                  "refsource": "CONFIRM",
                  "url": "https://helpx.adobe.com/security/products/Digital-Editions/apsb20-07.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
        "assignerShortName": "adobe",
        "cveId": "CVE-2020-3760",
        "datePublished": "2020-02-13T15:55:04.000Z",
        "dateReserved": "2019-12-17T00:00:00.000Z",
        "dateUpdated": "2024-08-04T07:44:50.558Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2019-7095 (GCVE-0-2019-7095)

    Vulnerability from cvelistv5 – Published: 2019-05-24 18:48 – Updated: 2024-08-04 20:38
    VLAI
    Summary
    Adobe Digital Editions versions 4.5.10.185749 and below have a heap overflow vulnerability. Successful exploitation could lead to arbitrary code execution.
    Severity
    No CVSS data available.
    CWE
    • Heap Overflow
    Assigner
    References
    Impacted products
    Vendor Product Version
    Adobe Adobe Digital Editions Affected: 4.5.10.185749 and below versions
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T20:38:33.231Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://helpx.adobe.com/security/products/Digital-Editions/apsb19-16.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Adobe Digital Editions",
              "vendor": "Adobe",
              "versions": [
                {
                  "status": "affected",
                  "version": "4.5.10.185749 and below versions"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Adobe Digital Editions versions 4.5.10.185749 and below have a heap overflow vulnerability. Successful exploitation could lead to arbitrary code execution."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Heap Overflow",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2019-05-24T18:48:11.000Z",
            "orgId": "078d4453-3bcd-4900-85e6-15281da43538",
            "shortName": "adobe"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://helpx.adobe.com/security/products/Digital-Editions/apsb19-16.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@adobe.com",
              "ID": "CVE-2019-7095",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Adobe Digital Editions",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "4.5.10.185749 and below versions"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Adobe"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Adobe Digital Editions versions 4.5.10.185749 and below have a heap overflow vulnerability. Successful exploitation could lead to arbitrary code execution."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Heap Overflow"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://helpx.adobe.com/security/products/Digital-Editions/apsb19-16.html",
                  "refsource": "CONFIRM",
                  "url": "https://helpx.adobe.com/security/products/Digital-Editions/apsb19-16.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
        "assignerShortName": "adobe",
        "cveId": "CVE-2019-7095",
        "datePublished": "2019-05-24T18:48:11.000Z",
        "dateReserved": "2019-01-28T00:00:00.000Z",
        "dateUpdated": "2024-08-04T20:38:33.231Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2018-12817 (GCVE-0-2018-12817)

    Vulnerability from cvelistv5 – Published: 2019-01-18 17:00 – Updated: 2024-08-05 08:45
    VLAI
    Summary
    Adobe Digital Editions versions 4.5.9 and below have an out of bounds read vulnerability. Successful exploitation could lead to information disclosure.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2019-01-18 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T08:45:02.470Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://helpx.adobe.com/security/products/Digital-Editions/apsb19-04.html"
              },
              {
                "name": "106472",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/106472"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2019-01-18T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Adobe Digital Editions versions 4.5.9 and below have an out of bounds read vulnerability. Successful exploitation could lead to information disclosure."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2019-01-19T10:57:02.000Z",
            "orgId": "078d4453-3bcd-4900-85e6-15281da43538",
            "shortName": "adobe"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://helpx.adobe.com/security/products/Digital-Editions/apsb19-04.html"
            },
            {
              "name": "106472",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/106472"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@adobe.com",
              "ID": "CVE-2018-12817",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Adobe Digital Editions versions 4.5.9 and below have an out of bounds read vulnerability. Successful exploitation could lead to information disclosure."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://helpx.adobe.com/security/products/Digital-Editions/apsb19-04.html",
                  "refsource": "CONFIRM",
                  "url": "https://helpx.adobe.com/security/products/Digital-Editions/apsb19-04.html"
                },
                {
                  "name": "106472",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/106472"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
        "assignerShortName": "adobe",
        "cveId": "CVE-2018-12817",
        "datePublished": "2019-01-18T17:00:00.000Z",
        "dateReserved": "2018-06-25T00:00:00.000Z",
        "dateUpdated": "2024-08-05T08:45:02.470Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2018-12822 (GCVE-0-2018-12822)

    Vulnerability from cvelistv5 – Published: 2018-10-17 18:00 – Updated: 2024-08-05 08:45
    VLAI
    Summary
    Adobe Digital Editions versions 4.5.8 and below have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution.
    Severity
    No CVSS data available.
    CWE
    • Use after free
    Assigner
    References
    Impacted products
    Vendor Product Version
    Adobe Adobe Digital Editions Affected: 4.5.8 and below versions
    Create a notification for this product.
    Date Public
    2018-10-09 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T08:45:01.967Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://helpx.adobe.com/security/products/Digital-Editions/apsb18-27.html"
              },
              {
                "name": "105533",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/105533"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Adobe Digital Editions",
              "vendor": "Adobe",
              "versions": [
                {
                  "status": "affected",
                  "version": "4.5.8 and below versions"
                }
              ]
            }
          ],
          "datePublic": "2018-10-09T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Adobe Digital Editions versions 4.5.8 and below have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Use after free",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-18T09:57:01.000Z",
            "orgId": "078d4453-3bcd-4900-85e6-15281da43538",
            "shortName": "adobe"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://helpx.adobe.com/security/products/Digital-Editions/apsb18-27.html"
            },
            {
              "name": "105533",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/105533"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@adobe.com",
              "ID": "CVE-2018-12822",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Adobe Digital Editions",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "4.5.8 and below versions"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Adobe"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Adobe Digital Editions versions 4.5.8 and below have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Use after free"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://helpx.adobe.com/security/products/Digital-Editions/apsb18-27.html",
                  "refsource": "CONFIRM",
                  "url": "https://helpx.adobe.com/security/products/Digital-Editions/apsb18-27.html"
                },
                {
                  "name": "105533",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/105533"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
        "assignerShortName": "adobe",
        "cveId": "CVE-2018-12822",
        "datePublished": "2018-10-17T18:00:00.000Z",
        "dateReserved": "2018-06-25T00:00:00.000Z",
        "dateUpdated": "2024-08-05T08:45:01.967Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }