Acrobat Reader DC versions 22.001.20085 (and earlier), 20...
High severity
Unreviewed
Published
May 12, 2022
to the GitHub Advisory Database
•
Updated Feb 1, 2023
Description
Published by the National Vulnerability Database
May 11, 2022
Published to the GitHub Advisory Database
May 12, 2022
Last updated
Feb 1, 2023
Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) is affected by the use of a variable that has not been initialized when processing of embedded fonts, potentially resulting in arbitrary code execution in the context of the current user. Exploitation requires user interaction in that a victim must open a crafted .pdf file
References