CVE-2021-42738— Adobe Prelude MXF File Parsing Memory Corruption Arbitrary Code Execution

CVSS 7.8 · High EPSS 1.80% · P83 Updated Apr 29, 2025

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2021-42738

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

Adobe Prelude MXF File Parsing Memory Corruption Arbitrary Code Execution

Source: NVD (National Vulnerability Database)

Vulnerability Description

Adobe Prelude version 10.1 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious MXF file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required in that the victim must open a specially crafted file to exploit this vulnerability.

Source: NVD (National Vulnerability Database)

CVSS Information

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Source: NVD (National Vulnerability Database)

Vulnerability Type

在缓冲区结束位置之后访问内存

Source: NVD (National Vulnerability Database)

Vulnerability Title

Adobe Prelude 缓冲区错误漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

Adobe Prelude是美国奥多比（Adobe）公司的一套视频素材编辑剪辑工具。该产品能够对视频素材进行剪辑、排序和注释等。 Adobe Prelude存在安全漏洞，该漏洞成功的利用可能导致任意代码执行、内存泄漏和应用程序拒绝服务。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
Adobe	Prelude	unspecified ~ 10.1	-

II. Public POCs for CVE-2021-42738

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2021-42738

请登录查看更多情报信息。

Same Patch Batch · Adobe · 2021-11-22 · 12 CVEs total

CVE-2021-42727	7.8 HIGH	Adobe Bridge Buffer Overflow Arbitrary code execution
CVE-2021-43015	7.8 HIGH	Adobe InCopy GIF File Parsing Memory Corruption Arbitrary Code Execution
CVE-2021-42737	7.8 HIGH	Adobe Prelude WAV File Parsing Memory Corruption Arbitrary Code Execution
CVE-2021-40770	7.8 HIGH	Adobe Prelude M4A File Parsing Memory Corruption Arbitrary Code Execution
CVE-2021-43016	5.5 MEDIUM	Adobe InCopy NULL Pointer Dereference Application Denial of Service
CVE-2021-42733	5.5 MEDIUM	Adobe Bridge NULL Pointer Dereference could lead to Application denial-of-service
CVE-2021-40774	5.5 MEDIUM	Adobe Prelude NULL Pointer Dereference Application Denial of Service
CVE-2021-40773	5.5 MEDIUM	Adobe Prelude NULL Pointer Dereference Application Denial of Service
CVE-2021-40775		Adobe Prelude SVG File Parsing Memory Corruption Arbitrary Code Execution
CVE-2021-40772		Adobe Prelude M4A File Parsing Memory Corruption Arbitrary Code Execution
CVE-2021-40771		Adobe Prelude WAV File Parsing Memory Corruption Arbitrary Code Execution

IV. Related Vulnerabilities

Same product: Prelude

Same vendor: Adobe

Same weakness: CWE-788

V. Comments for CVE-2021-42738

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2021-42738— Adobe Prelude MXF File Parsing Memory Corruption Arbitrary Code Execution

I. Basic Information for CVE-2021-42738

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2021-42738

III. Intelligence Information for CVE-2021-42738

Same Patch Batch · Adobe · 2021-11-22 · 12 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2021-42738

Leave a comment