Vulnerabilities > CVE-2021-39846 - Out-of-bounds Write vulnerability in Adobe products

047910
CVSS 6.1 - MEDIUM
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
LOW
Availability impact
HIGH
local
low complexity
adobe
CWE-787

Summary

Acrobat Reader DC versions 2021.005.20060 (and earlier), 2020.004.30006 (and earlier) and 2017.011.30199 (and earlier) are affected by a stack overflow vulnerability due to insecure handling of a crafted PDF file, potentially resulting in memory corruption in the context of the current user. Exploitation requires user interaction in that a victim must open a crafted PDF file in Acrobat Reader.

Vulnerable Configurations

Part Description Count
Application
Adobe
188
OS
Apple
1
OS
Microsoft
1

Common Weakness Enumeration (CWE)