Acrobat Reader DC version 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
2024-12-19T00:15:05.727
2025-01-10T21:45:25.627
Analyzed
CVSSv3.1: 5.5 (MEDIUM)
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Application | adobe | acrobat | < 17.012.30229 | Yes |
| Application | adobe | acrobat | < 20.005.30334 | Yes |
| Application | adobe | acrobat_dc | < 22.001.20117 | Yes |
| Application | adobe | acrobat_reader | < 17.012.30229 | Yes |
| Application | adobe | acrobat_reader | < 20.005.30334 | Yes |
| Application | adobe | acrobat_reader_dc | < 22.001.20117 | Yes |
| Operating System | microsoft | windows | - | No |
| Application | adobe | acrobat | < 17.012.30227 | Yes |
| Application | adobe | acrobat | < 20.005.30331 | Yes |
| Application | adobe | acrobat_dc | < 22.001.20112 | Yes |
| Application | adobe | acrobat_reader | < 17.012.30227 | Yes |
| Application | adobe | acrobat_reader | < 20.005.30331 | Yes |
| Application | adobe | acrobat_reader_dc | < 22.001.20112 | Yes |
| Operating System | apple | macos | - | No |