Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (and earlier) and 17.011.30204 (and earlier) are affected by a heap overflow vulnerability due to insecure handling of a crafted file, potentially resulting in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
2022-01-14T20:15:12.760
2024-11-21T06:31:26.130
Modified
CVSSv3.1: 7.8 (HIGH)
AV:N/AC:M/Au:N/C:C/I:C/A:C
8.6
10.0
Type | Vendor | Product | Version/Range | Vulnerable? |
---|---|---|---|---|
Application | adobe | acrobat_dc | ≤ 21.007.20099 | Yes |
Application | adobe | acrobat_reader_dc | ≤ 21.007.20099 | Yes |
Operating System | microsoft | windows | - | No |
Application | adobe | acrobat | ≤ 17.011.30204 | Yes |
Application | adobe | acrobat | ≤ 20.004.30017 | Yes |
Application | adobe | acrobat_reader | ≤ 17.011.30204 | Yes |
Application | adobe | acrobat_reader | ≤ 20.004.30017 | Yes |
Operating System | apple | macos | - | No |
Operating System | microsoft | windows | - | No |
Application | adobe | acrobat_dc | ≤ 21.007.20099 | Yes |
Application | adobe | acrobat_reader_dc | ≤ 21.007.20099 | Yes |
Operating System | apple | macos | - | No |