CVE-2023-44323

2023-10-3015:15:40

CWE-416

[email protected]

web.nvd.nist.gov

124

cve-2023-44323

adobe acrobat

edge

use after free

vulnerability

nvd

security

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

AI Score

Confidence

High

EPSS

0.001

Percentile

19.4%

JSON

Adobe Acrobat for Edge version 118.0.2088.46 (and earlier) is affected by a Use After Free vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-service in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Affected configurations

Vulners

NVD

Node

adobeacrobatRange≤118.0.2088.46edge

VendorProductVersionCPE
adobeacrobat*cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
adobe	acrobat	*	cpe:2.3:a:adobe:acrobat::::::::

CNA Affected

[
  {
    "defaultStatus": "affected",
    "product": "Acrobat for Edge",
    "vendor": "Adobe",
    "versions": [
      {
        "lessThanOrEqual": "118.0.2088.46",
        "status": "affected",
        "version": "0",
        "versionType": "semver"
      }
    ]
  }
]