CVE-2021-44742

Name of the Vulnerable Software and Affected Versions Adobe Acrobat versions prior to 21.007.20099 Adobe Acrobat Reader versions prior to 21.007.20099 Adobe Acrobat 2017 versions prior to 17.011.30204 Adobe Acrobat Reader 2017 versions prior to 17.011.30204 Adobe Acrobat 2020 versions prior to 20.004.30017 Adobe Acrobat Reader 2020 versions prior to 20.004.30017

Description The issue is related to an out-of-bounds read vulnerability in memory when parsing a crafted file, which could result in a read past the end of an allocated memory structure. This could allow an attacker to execute code in the context of the current user by leveraging this vulnerability. Exploitation requires user interaction, where a victim must open a malicious file. The vulnerability can also lead to a memory leak.

Recommendations For Adobe Acrobat versions prior to 21.007.20099, update to version 21.007.20099 or later. For Adobe Acrobat Reader versions prior to 21.007.20099, update to version 21.007.20099 or later. For Adobe Acrobat 2017 versions prior to 17.011.30204, update to version 17.011.30204 or later. For Adobe Acrobat Reader 2017 versions prior to 17.011.30204, update to version 17.011.30204 or later. For Adobe Acrobat 2020 versions prior to 20.004.30017, update to version 20.004.30017 or later. For Adobe Acrobat Reader 2020 versions prior to 20.004.30017, update to version 20.004.30017 or later. As a temporary workaround, consider avoiding the use of crafted PDF files until the issue is resolved.