CVE-2022-24091 Acrobat DC versions 20.004.30017, 21.007.20099, and earlier are all affected by a out-of-bounds write vulnerability that could let attacker execute arbitrary code on the current user.

An attacker could leverage social engineering to convince a victim to open a malicious file. In some cases, it may be possible for an attacker to leverage infected macros. Macros are code snippets that are commonly used in Microsoft Office files. Vulnerabilities in these types of files are often exploited with malicious macros. An attacker could leverage social engineering to convince a victim to open a malicious file. In some cases, it may be possible for an attacker to leverage infected macros. Macros are code snippets that are commonly used in Microsoft Office files. Vulnerabilities in these types of files are often exploited with malicious macros. It is recommended that users update their versions of Adobe Reader to the latest version.

Adobe Reader and Acrobat Software

Adobe Reader and Acrobat Software are vulnerable to attacks that could result in the execution of malicious code. Users should update their versions of Adobe Reader to the latest version.

Other Information

In addition to the advisory, it is recommended that users update their versions of Adobe Reader to the latest version.

Timeline

Published on: 03/18/2022 18:15:00 UTC
Last modified on: 03/25/2022 19:48:00 UTC

References

• https://helpx.adobe.com/security/products/acrobat/apsb22-01.html
• https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-24091