CVE-2021-44714
Summary
| CVE | CVE-2021-44714 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2022-01-14 20:15:00 UTC |
| Updated | 2022-01-21 20:55:00 UTC |
| Description | Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (and earlier) and 17.011.30204 (and earlier) are affected by a Violation of Secure Design Principles that could lead to a Security feature bypass. Acrobat Reader DC displays a warning message when a user clicks on a PDF file, which could be used by an attacker to mislead the user. In affected versions, this warning message does not include custom protocols when used by the sender. User interaction is required to abuse this vulnerability as they would need to click 'allow' on the warning message of a malicious file. |
Risk And Classification
Problem Types: NVD-CWE-Other
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Adobe | Acrobat | All | All | All | All |
| Application | Adobe | Acrobat | All | All | All | All |
| Application | Adobe | Acrobat Dc | All | All | All | All |
| Application | Adobe | Acrobat Reader | All | All | All | All |
| Application | Adobe | Acrobat Reader | All | All | All | All |
| Application | Adobe | Acrobat Reader Dc | All | All | All | All |
| Operating System | Apple | Macos | - | All | All | All |
| Operating System | Microsoft | Windows | - | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| Adobe Security Bulletin | MISC | helpx.adobe.com | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
Legacy QID Mappings
- 376233 Adobe Security Update for Adobe Acrobat and Adobe Reader (APSB22-01)