CVE-2021-39832

Name of the Vulnerable Software and Affected Versions Adobe Framemaker versions 2019 Update 8 and earlier Adobe Framemaker versions 2020 Release Update 2 and earlier

Description The issue is related to a memory corruption vulnerability due to insecure handling of a malicious PDF file, potentially resulting in arbitrary code execution in the context of the current user. This can be exploited when a user interacts with the malicious file. The vulnerability is also described as a buffer overflow in memory, which can allow a remote attacker to execute arbitrary code in the context of the current user.

Recommendations For Adobe Framemaker versions 2019 Update 8 and earlier, update to a version later than Update 8 to resolve the issue. For Adobe Framemaker versions 2020 Release Update 2 and earlier, update to a version later than Update 2 to resolve the issue. As a temporary workaround, consider avoiding the use of PDF files from untrusted sources until a patch is available.