CVE-2022-35672

Name of the Vulnerable Software and Affected Versions Adobe Acrobat Reader versions 22.001.20085 and earlier Adobe Acrobat Reader versions 20.005.30314 and earlier Adobe Acrobat Reader versions 17.012.30205 and earlier

Description The issue is caused by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Recommendations For Adobe Acrobat Reader version 22.001.20085 and earlier, update to a version later than 22.001.20085 to resolve the issue. For Adobe Acrobat Reader version 20.005.30314 and earlier, update to a version later than 20.005.30314 to resolve the issue. For Adobe Acrobat Reader version 17.012.30205 and earlier, update to a version later than 17.012.30205 to resolve the issue. As a temporary workaround, consider avoiding the use of Adobe Acrobat Reader to open files from untrusted sources until a patch is available.