CVE-2022-28837

Name of the Vulnerable Software and Affected Versions Adobe Acrobat Pro DC versions 22.001.2011x and earlier Adobe Acrobat Pro DC versions 20.005.3033x and earlier Adobe Acrobat Pro DC versions 17.012.3022x and earlier

Description A use-after-free issue could lead to the disclosure of sensitive memory. This could allow an attacker to bypass mitigations such as Address Space Layout Randomization (ASLR). The exploitation of this issue requires user interaction, where a victim must open a malicious file, potentially leading to memory leak.

Recommendations For Adobe Acrobat Pro DC versions 22.001.2011x and earlier, update to a version later than 22.001.2011x to resolve the issue. For Adobe Acrobat Pro DC versions 20.005.3033x and earlier, update to a version later than 20.005.3033x to resolve the issue. For Adobe Acrobat Pro DC versions 17.012.3022x and earlier, update to a version later than 17.012.3022x to resolve the issue. As a temporary workaround, consider avoiding the opening of files from untrusted sources to minimize the risk of exploitation.