CVE-2021-28638

Name of the Vulnerable Software and Affected Versions Adobe Acrobat Reader DC versions 2017.011.30197 through 2021.005.20054 Adobe Acrobat 2017 (affected versions not specified) Adobe Acrobat 2020 (affected versions not specified) Adobe Acrobat Document Cloud (affected versions not specified)

Description The issue is related to heap-based buffer overflow errors in dynamic memory, which can be exploited by a remote attacker to impact the integrity, availability, and confidentiality of information. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction, where a victim must open a malicious file.

Recommendations For Adobe Acrobat Reader DC versions 2017.011.30197 through 2021.005.20054, update to a version later than 2021.005.20054 to resolve the issue. For Adobe Acrobat 2017, Adobe Acrobat 2020, and Adobe Acrobat Document Cloud, at the moment, there is no information about a newer version that contains a fix for this vulnerability.