Lucene search

K
cve[email protected]CVE-2022-27802
HistoryMay 11, 2022 - 6:15 p.m.

CVE-2022-27802

2022-05-1118:15:00
CWE-416
web.nvd.nist.gov
67
4
acrobat reader
cve-2022-27802
vulnerability
use-after-free
arbitrary code execution
nvd
security advisory

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.1 Low

EPSS

Percentile

94.8%

Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability in the processing of annotations that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Social References

More

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.1 Low

EPSS

Percentile

94.8%