CVE-2022-28248

Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
References
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

AND
OR cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*
cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*
OR cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
OR cpe:2.3:a:adobe:acrobat:*:*:*:*:classic:*:*:*
cpe:2.3:a:adobe:acrobat_reader:*:*:*:*:classic:*:*:*
OR cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
OR cpe:2.3:a:adobe:acrobat_reader:*:*:*:*:classic:*:*:*
cpe:2.3:a:adobe:acrobat:*:*:*:*:classic:*:*:*
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
OR cpe:2.3:a:adobe:acrobat_reader:*:*:*:*:classic:*:*:*
cpe:2.3:a:adobe:acrobat:*:*:*:*:classic:*:*:*
cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*

Information

Published : 2022-05-11 11:15

Updated : 2022-05-20 05:46


NVD link : CVE-2022-28248

Mitre link : CVE-2022-28248


JSON object : View

CWE
CWE-125

Out-of-bounds Read

Advertisement

dedicated server usa

Products Affected

microsoft

  • windows

adobe

  • acrobat
  • acrobat_reader_dc
  • acrobat_reader
  • acrobat_dc

apple

  • macos