1. Home
  2. CVE Database
  3. CVE-2021-44712
MEDIUM · 5.5

CVE-2021-44712

Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (and earlier) and 17.011.30204 (and earlier) are affected by an Access of Memory Location After End of Buffer vulnerability that coul...

Vulnerability Description

Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (and earlier) and 17.011.30204 (and earlier) are affected by an Access of Memory Location After End of Buffer vulnerability that could lead to application denial-of-service. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

CVSS Score

5.5

MEDIUM

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality
NONE
Integrity
NONE
Availability
HIGH

Affected Products

VendorProductVersions
AdobeAcrobat Dc>= 15.008.20082, <= 21.007.20099
AdobeAcrobat Reader Dc>= 15.008.20082, <= 21.007.20099
MicrosoftWindows-
AdobeAcrobat>= 17.011.30059, <= 17.011.30204
AdobeAcrobat Reader>= 17.011.30059, <= 17.011.30204
AppleMacos-

Related Weaknesses (CWE)

CWE-788CWE-119

References

FAQ

What is CVE-2021-44712?

CVE-2021-44712 is a vulnerability with a CVSS score of 5.5 (MEDIUM). Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (and earlier) and 17.011.30204 (and earlier) are affected by an Access of Memory Location After End of Buffer vulnerability that coul...

How severe is CVE-2021-44712?

CVE-2021-44712 has been rated MEDIUM with a CVSS base score of 5.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2021-44712?

Check the references section above for vendor advisories and patch information. Affected products include: Adobe Acrobat Dc, Adobe Acrobat Reader Dc, Microsoft Windows, Adobe Acrobat, Adobe Acrobat Reader.