CVE-2021-44740

Name of the Vulnerable Software and Affected Versions Adobe Acrobat versions prior to 2020 Adobe Acrobat Reader versions prior to 2020 Adobe Acrobat 2017 Adobe Acrobat Reader 2017 Adobe Acrobat 2020 versions prior to 21.007.20099 Adobe Acrobat Reader 2020 versions prior to 21.007.20099 Adobe Acrobat Reader DC versions prior to 21.007.20099 Adobe Acrobat Reader DC version 20.004.30017 and earlier Adobe Acrobat Reader DC version 17.011.30204 and earlier Foxit PDF Reader version 11.1.0.52543

Description The issue is related to a null pointer dereference vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-service in the context of the current user. Exploitation of this issue requires user interaction, where a victim must open a malicious file.

Recommendations For Adobe Acrobat 2017, update to a version later than 2017 to resolve the issue. For Adobe Acrobat Reader 2017, update to a version later than 2017 to resolve the issue. For Adobe Acrobat 2020, update to version 21.007.20099 or later to resolve the issue. For Adobe Acrobat Reader 2020, update to version 21.007.20099 or later to resolve the issue. For Adobe Acrobat Reader DC version 20.004.30017 and earlier, update to version 21.007.20099 or later to resolve the issue. For Adobe Acrobat Reader DC version 17.011.30204 and earlier, update to version 21.007.20099 or later to resolve the issue. For Foxit PDF Reader version 11.1.0.52543, update to a version later than 11.1.0.52543 to resolve the issue. As a temporary workaround, consider avoiding the use of specially crafted files to minimize the risk of exploitation.