Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
References
Link | Resource |
---|---|
https://helpx.adobe.com/security/products/acrobat/apsb22-16.html | Vendor Advisory |
Configurations
Configuration 1 (hide)
AND |
|
Configuration 2 (hide)
AND |
|
Configuration 3 (hide)
AND |
|
Configuration 4 (hide)
AND |
|
Information
Published : 2022-05-11 11:15
Updated : 2022-05-20 08:03
NVD link : CVE-2022-28258
Mitre link : CVE-2022-28258
JSON object : View
CWE
CWE-125
Out-of-bounds Read
Products Affected
microsoft
- windows
adobe
- acrobat
- acrobat_reader_dc
- acrobat_reader
- acrobat_dc
apple
- macos