CVE-2022-34237
5.5
Vector
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
Exploitability: 1.8 / Impact: 3.6
Source: psirt@adobe.com (Secondary)
Description
Adobe Acrobat Reader versions 22.001.20142 (and earlier), 20.005.30334 (and earlier) and 17.012.30229 (and earlier) are affected by a Use After Free vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file..
Affected (10)
Products: Adobe: Acrobat Dc, Acrobat Reader Dc, Acrobat, Acrobat Reader
Configuration A
| Vulnerable Software | Affected Versions |
|---|---|
| From 15.008.20082 to 22.001.20142 | |
| From 15.008.20082 to 22.001.20142 |
Configuration B
| Vulnerable Software | Affected Versions |
|---|---|
| From 20.001.30005 to 20.005.30334 | |
| From 20.001.30005 to 20.005.30334 |
Configuration C
| Vulnerable Software | Affected Versions |
|---|---|
| From 20.001.30005 to 20.005.30331 | |
| From 20.001.30005 to 20.005.30331 |
Configuration D
| Vulnerable Software | Affected Versions |
|---|---|
| From 17.011.30059 to 17.012.30229 | |
| From 17.011.30059 to 17.012.30229 |
| Running on/with | Platform Versions |
|---|---|
Microsoft Windows | All versions |
Configuration E
| Vulnerable Software | Affected Versions |
|---|---|
| From 17.011.30059 to 17.012.30227 | |
| From 17.011.30059 to 17.012.30227 |
| Running on/with | Platform Versions |
|---|---|
Apple Macos | All versions |
References (2)
Source: psirt@adobe.com
Release NotesVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Release NotesVendor Advisory
Timeline
No history available yet.