CVE-2021-44712

MEDIUM

Adobe Acrobat DC < 21.007.20099 - Memory Corruption

Title source: rule

Description

Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (and earlier) and 17.011.30204 (and earlier) are affected by an Access of Memory Location After End of Buffer vulnerability that could lead to application denial-of-service. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

References (1)

[Vendor Advisory] https://helpx.adobe.com/security/products/acrobat/apsb22-01.html

Scores

CVSS v3 5.5

EPSS 0.0049

EPSS Percentile 65.6%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Details

CWE

CWE-119 CWE-788

Status published

Products (4)

adobe/acrobat 17.011.30059 - 17.011.30204

adobe/acrobat_dc 15.008.20082 - 21.007.20099

adobe/acrobat_reader 17.011.30059 - 17.011.30204

adobe/acrobat_reader_dc 15.008.20082 - 21.007.20099

Published Jan 14, 2022

Tracked Since Feb 18, 2026