Lucene search

K
nvd[email protected]NVD:CVE-2022-34228
HistoryJul 15, 2022 - 4:15 p.m.

CVE-2022-34228

2022-07-1516:15:13
CWE-824
web.nvd.nist.gov
adobe acrobat reader
arbitrary code execution
uninitialized pointer vulnerability

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

EPSS

0.004

Percentile

74.4%

Adobe Acrobat Reader versions 22.001.20142 (and earlier), 20.005.30334 (and earlier) and 17.012.30229 (and earlier) are affected by an Access of Uninitialized Pointer vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Affected configurations

NVD
Node
adobeacrobat_dcRange15.008.2008222.001.20142continuous
OR
adobeacrobat_reader_dcRange15.008.2008222.001.20142continuous
AND
applemacosMatch-
OR
microsoftwindowsMatch-
Node
adobeacrobatRange20.001.3000520.005.30334classic
OR
adobeacrobat_readerRange20.001.3000520.005.30334classic
AND
microsoftwindowsMatch-
Node
adobeacrobatRange20.001.3000520.005.30331classic
OR
adobeacrobat_readerRange20.001.3000520.005.30331classic
AND
applemacosMatch-
Node
adobeacrobatRange17.011.3005917.012.30229classic
OR
adobeacrobat_readerRange17.011.3005917.012.30229classic
AND
microsoftwindowsMatch-
Node
adobeacrobatRange17.011.3005917.012.30227classic
OR
adobeacrobat_readerRange17.011.3005917.012.30227classic
AND
applemacosMatch-

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

EPSS

0.004

Percentile

74.4%