Home

CVE-2021-40737

Description

Adobe Audition version 14.4 (and earlier) is affected by a Null pointer dereference vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-service in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Risk Information

Base Score
5.5
MODERATE
Vector
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
EPSS Score
Exploitation Probability
0.41

Associated Vulnerability

VulnerabilityOS Platform
Multiple Vulnerabilities are affected in Adobe Audition 14.4.1Windows
Multiple Vulnerabilities are affected in Adobe Audition 21.9Windows
Multiple vulnerabilities are fixed in Adobe Audition for Mac 14.4.2Mac
Multiple vulnerabilities are fixed in Adobe Audition for Mac 22.0Mac

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234