Last Modified: Jan. 18, 2023
Adobe Acrobat Reader versions 22.003.20282 (and earlier), 22.003.20281 (and earlier) and 20.005.30418 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Tweets last week: 2
Remaining steady
Yahoo results: 3310000
Strongly raising
Current EPSS Score: 0.01714
Remaining steady
Reddit Posts: 5
Remaining steady
Github Repos: 3
Remaining steady
Found exploits:
Attack Vector: Local
Attack Complexity: Low
Privileges Required: None
User Interaction: Required
Scope: Unchanged
Confidentiality: High
Integrity: High
Availability: High
Base Score: 7.8
Exploitability Score:
1.8
Impact Score: 5.9
CVSS V3: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CWE-416
<?xml version="1.0" ?>
<set operator="and"/>
<?xml version="1.0" ?>
<set operator="and">
<prop key="program_influence" value="input"/>
</set>