Vulnerabilities > CVE-2021-21057 - NULL Pointer Dereference vulnerability in Adobe products

047910
CVSS 6.6 - MEDIUM
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
LOW
Integrity impact
LOW
Availability impact
HIGH
local
low complexity
adobe
CWE-476
NVD
Published: 2021-02-11
Updated: 2021-09-08

Summary

Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by a null pointer dereference vulnerability when parsing a specially crafted PDF file. An unauthenticated attacker could leverage this vulnerability to achieve denial of service in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Vulnerable Configurations

Part Description Count
Application
Adobe
175
OS
Apple
1
OS
Microsoft
1

Common Weakness Enumeration (CWE)

References