Request a Demo
Rewterz
Rewterz Threat Alert – Hackers Exploiting Log4j Vulnerability to drop Khonsari Ransomware
December 15, 2021
Rewterz
Rewterz Threat Advisory – CVE-2021-44023 – Trend Micro Security consumer family products
December 15, 2021

Rewterz Threat Advisory – Multiple Adobe Premiere Rush Vulnerabilities

Severity

Medium

Analysis Summary

CVE-2021-43750 

Adobe Premiere Rush is vulnerable to a denial of service, caused by a NULL pointer dereference. By persuading a victim to open a specially-crafted file, an attacker could exploit this vulnerability to cause a denial of service.

CVE-2021-43749 

Adobe Premiere Rush is vulnerable to a denial of service, caused by a NULL pointer dereference. By persuading a victim to open a specially-crafted file, an attacker could exploit this vulnerability to cause a denial of service.

CVE-2021-43748 

Adobe Premiere Rush is vulnerable to a denial of service, caused by a NULL pointer dereference. By persuading a victim to open a specially-crafted file, an attacker could exploit this vulnerability to cause a denial of service.

CVE-2021-43747 

Adobe Premiere Rush could allow a remote attacker to execute arbitrary code on the system, caused by access of memory location after end of buffer. By persuading a victim to open a specially-crafted file, an attacker could exploit this vulnerability to execute arbitrary code on the system.

CVE-2021-43746 

Adobe Premiere Rush could allow a remote attacker to execute arbitrary code on the system, caused by improper input validation. By persuading a victim to open a specially-crafted file, an attacker could exploit this vulnerability to execute arbitrary code on the system.

CVE-2021-43030 

Adobe Premiere Rush could allow a remote attacker to gain elevated privileges on the system, caused by access of uninitialized pointer. By persuading a victim to open a specially-crafted file, an attacker could exploit this vulnerability to gain elevated privileges on the system.

CVE-2021-43029 

Adobe Premiere Rush could allow a remote attacker to execute arbitrary code on the system, caused by access of memory location after end of buffer. By persuading a victim to open a specially-crafted file, an attacker could exploit this vulnerability to execute arbitrary code on the system.

CVE-2021-43028 

Adobe Premiere Rush could allow a remote attacker to execute arbitrary code on the system, caused by access of memory location after end of buffer. By persuading a victim to open a specially-crafted file, an attacker could exploit this vulnerability to execute arbitrary code on the system.

CVE-2021-43026 

Adobe Premiere Rush could allow a remote attacker to execute arbitrary code on the system, caused by access of memory location after end of buffer. By persuading a victim to open a specially-crafted file, an attacker could exploit this vulnerability to execute arbitrary code on the system.

CVE-2021-43025 

Adobe Premiere Rush could allow a remote attacker to execute arbitrary code on the system, caused by access of memory location after end of buffer. By persuading a victim to open a specially-crafted file, an attacker could exploit this vulnerability to execute arbitrary code on the system.

CVE-2021-43024 

Adobe Premiere Rush is vulnerable to a denial of service, caused by access of memory location after end of buffer. By persuading a victim to open a specially-crafted file, an attacker could exploit this vulnerability to cause a denial of service

CVE-2021-43023 

Adobe Premiere Rush could allow a remote attacker to execute arbitrary code on the system, caused by access of memory location after end of buffer. By persuading a victim to open a specially-crafted file, an attacker could exploit this vulnerability to execute arbitrary code on the system.

CVE-2021-43022 

Adobe Premiere Rush could allow a remote attacker to execute arbitrary code on the system, caused by access of memory location after end of buffer. By persuading a victim to open a specially-crafted file, an attacker could exploit this vulnerability to execute arbitrary code on the system.

CVE-2021-43021 

Adobe Premiere Rush could allow a remote attacker to execute arbitrary code on the system, caused by access of memory location after end of buffer. By persuading a victim to open a specially-crafted file, an attacker could exploit this vulnerability to execute arbitrary code on the system.

CVE-2021-40784 

Adobe Premiere Rush could allow a remote attacker to execute arbitrary code on the system, caused by access of memory location after end of buffer. By persuading a victim to open a specially-crafted file, an attacker could exploit this vulnerability to execute arbitrary code on the system.

CVE-2021-40783 

Adobe Premiere Rush could allow a remote attacker to execute arbitrary code on the system, caused by access of memory location after end of buffer. By persuading a victim to open a specially-crafted file, an attacker could exploit this vulnerability to execute arbitrary code on the system.

Impact

  • Denial of Service
  • Code Execution
  • Privilege Escalation

Affected Vendors

Adobe

Affected Products

  • Adobe Premiere Rush 1.5.16

Remediation

Refer to Adobe Security Advisory for patch, upgrade or suggested workaround information.

https://helpx.adobe.com/security/products/premiere_rush/apsb21-101.html