Lucene search
SoiaxZDI-22-1430HistoryOct 14, 2022 - 12:00 a.m.
Adobe Acrobat Reader DC JP2 File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
2022-10-1400:00:00
soiax
www.zerodayinitiative.com
15
adobe
acrobat reader
jp2
file parsing
information disclosure
vulnerability
remote attackers
sensitive information
user interaction
malicious page
allocated buffer
0.003 Low
EPSS
Percentile
68.5%
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Adobe Acrobat Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JP2 images. Crafted data in a JP2 image can trigger a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process.
Related
cvelist
cvelist
prion
prion
Design/Logic Flaw
2022-10-14 20:15:00
nvd
nvd
CVE-2022-38449
2022-10-14 20:15:15
checkpoint_advisories
checkpoint_advisories
Adobe Acrobat and Reader Out-of-bounds Read (APSB22-46: CVE-2022-38449
2022-10-18 00:00:00
cve
cve
CVE-2022-38449
2022-10-14 20:15:15
openvas
openvas
Adobe Acrobat DC Continuous Security Update (APSB22-46) - Windows
2022-10-13 00:00:00
Adobe Reader DC Continuous Security Update (APSB22-46) - Windows
2022-10-13 00:00:00
Adobe Acrobat Classic 2020 Security Update (APSB22-46) - Windows
2022-10-13 00:00:00
nessus
nessus
adobe
adobe
APSB22-46: Security updates available for Acrobat Reader
2022-10-11 00:00:00
kaspersky
kaspersky
KLA20009 Multiple vulnerabilities in Adobe Acrobat and Adobe Acrobat Reader
2022-10-11 00:00:00