Lucene search

AdobeCVE-2021-44712

HistoryJan 14, 2022 - 8:15 p.m.

CVE-2021-44712

2022-01-1420:15:12

CWE-119

CWE-788

adobe

web.nvd.nist.gov

cve-2021-44712

acrobat reader

memory location

buffer

vulnerability

dos

nvd

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

AI Score

4.9

Confidence

High

EPSS

0.001

Percentile

30.0%

JSON

Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (and earlier) and 17.011.30204 (and earlier) are affected by an Access of Memory Location After End of Buffer vulnerability that could lead to application denial-of-service. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Affected configurations

Nvd

Vulners

Node

adobeacrobat_dcRange15.008.20082–21.007.20099continuous

adobeacrobat_reader_dcRange15.008.20082–21.007.20099continuous

AND

microsoftwindowsMatch-

Node

adobeacrobatRange17.011.30059–17.011.30204classic

adobeacrobatRange20.001.30005–20.004.30017classic

adobeacrobat_readerRange17.011.30059–17.011.30204classic

adobeacrobat_readerRange20.001.30005–20.004.30017classic

AND

applemacosMatch-

microsoftwindowsMatch-

Node

adobeacrobat_dcRange15.008.20082–21.007.20099continuous

adobeacrobat_reader_dcRange15.008.20082–21.007.20099continuous

AND

applemacosMatch-

VendorProductVersionCPE
adobeacrobat_dc*cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*
adobeacrobat_reader_dc*cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*
microsoftwindows-cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
adobeacrobat*cpe:2.3:a:adobe:acrobat:*:*:*:*:classic:*:*:*
adobeacrobat_reader*cpe:2.3:a:adobe:acrobat_reader:*:*:*:*:classic:*:*:*
applemacos-cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
adobe	acrobat_dc	*	cpe:2.3:a:adobe:acrobat_dc:::::continuous:::*
adobe	acrobat_reader_dc	*	cpe:2.3:a:adobe:acrobat_reader_dc:::::continuous:::*
microsoft	windows	-	cpe:2.3:o:microsoft:windows:-:::::::*
adobe	acrobat	*	cpe:2.3:a:adobe:acrobat:::::classic:::*
adobe	acrobat_reader	*	cpe:2.3:a:adobe:acrobat_reader:::::classic:::*
apple	macos	-	cpe:2.3:o:apple:macos:-:::::::*

CNA Affected

[
  {
    "product": "Acrobat Reader",
    "vendor": "Adobe",
    "versions": [
      {
        "lessThanOrEqual": "21.007.20099",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      },
      {
        "lessThanOrEqual": "20.004.30017",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      },
      {
        "lessThanOrEqual": "17.011.30204",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      },
      {
        "lessThanOrEqual": "None",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  }
]