QID 376589

Date Published: 2022-05-16

QID 376589: Adobe Framemaker Multiple Vulnerabilities (APSB22-27)

Adobe FrameMaker is a document processor designed for writing and editing large or complex documents, including structured documents.

CVE-2021-28596 - Arbitrary Code Execution

CVE-2022-28821 - Arbitrary Code Execution

CVE-2022-28822 - Arbitrary Code Execution

CVE-2022-28823 - Arbitrary Code Execution

CVE-2022-28824 - Arbitrary Code Execution

CVE-2022-28825 - Arbitrary Code Execution

CVE-2022-28826 - Arbitrary Code Execution

CVE-2022-28826 - Arbitrary Code Execution

CVE-2022-28828 - Arbitrary Code Execution

CVE-2022-28829 - Arbitrary Code Execution

CVE-2022-28830 - Memory Leak

Affected Versions:
Adobe Framemaker 2019 Release Update 8 and earlier
Adobe Framemaker 2020 Release Update 4 and earlier. QID Detection Logic:(Authenticated)
This QID detects file versions of Adobe Framemaker (FrameMaker.exe).

Successful exploitation could lead to arbitrary code execution and memory leak.

  • CVSS V3 rated as High - 7.8 severity.
  • CVSS V2 rated as High - 7.5 severity.
  • Solution
    Please visit APSB22-27 for more details.
    Software Advisories
    Advisory ID Software Component Link
    apsb22-27 URL Logo helpx.adobe.com/security/products/framemaker/apsb22-27.html