CVE-2022-30656

Name of the Vulnerable Software and Affected Versions Adobe InCopy versions 17.2 and earlier Adobe InCopy versions 16.4.1 and earlier

Description The issue is related to an out-of-bounds write vulnerability in the PDF file processing handler of Adobe InCopy. This could result in arbitrary code execution in the context of the current user. Exploitation requires user interaction, where a victim must open a malicious file. The vulnerability is associated with the processing of specially crafted data in a PDF file.

Recommendations For Adobe InCopy versions 17.2 and earlier, update to a version later than 17.2 to resolve the issue. For Adobe InCopy versions 16.4.1 and earlier, update to a version later than 16.4.1 to resolve the issue. As a temporary workaround, consider avoiding the use of PDF files from untrusted sources until a patch is available.