漏洞标题
"XMP Toolkit SDK 在 PostScriptSupport::ConvertToDate 中溢出读漏洞可能导致信息泄漏"
漏洞描述信息
XMP Toolkit SDK中的PostScriptSupport::ConvertToDate函数存在越界读取漏洞,可能导致信息泄露。
CVSS信息
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
漏洞类别
N/A
漏洞标题
XMP Toolkit SDK Out-of-bounds Read Vulnerability In PostScriptSupport::ConvertToDate Could Lead To Information Exposure
漏洞描述信息
XMP Toolkit SDK versions 2020.1 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of arbitrary memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVSS信息
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
漏洞类别
跨界内存读
漏洞标题
Adobe XMP Toolkit SDK 缓冲区错误漏洞
漏洞描述信息
Adobe XMP Toolkit SDK是美国奥多比(Adobe)公司的一种标签技术,允许您将有关文件的数据(称为元数据)嵌入到文件本身中。 Adobe XMP Toolkit SDK 存在缓冲区错误漏洞,攻击者可以利用此漏洞触发任意代码执行。
CVSS信息
N/A
漏洞类别
缓冲区错误