Acrobat Reader DC version 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Metrics
Affected Vendors & Products
References
History
Thu, 19 Dec 2024 17:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
Wed, 18 Dec 2024 23:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | Acrobat Reader DC version 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |
Title | Acrobat Reader | Out-of-bounds Read (CWE-125) | |
Weaknesses | CWE-125 | |
References |
| |
Metrics |
cvssV3_1
|
MITRE
Status: PUBLISHED
Assigner: adobe
Published: 2024-12-18T23:23:08.432Z
Updated: 2024-12-19T16:39:49.563Z
Reserved: 2022-10-31T16:22:11.209Z
Link: CVE-2022-44515
Vulnrichment
Updated: 2024-12-19T16:26:38.171Z
NVD
Status : Received
Published: 2024-12-19T00:15:05.567
Modified: 2024-12-19T00:15:05.567
Link: CVE-2022-44515
Redhat
No data.