What is the severity of CVE-2021-44711?

CVE-2021-44711 is assessed as a critical vulnerability that could lead to arbitrary code execution.

How do I fix CVE-2021-44711?

To fix CVE-2021-44711, upgrade to the latest version of Adobe Acrobat Reader DC or Adobe Acrobat that addresses this vulnerability.

What versions are affected by CVE-2021-44711?

CVE-2021-44711 affects Adobe Acrobat Reader DC versions prior to 21.007.20099, and Adobe Acrobat versions prior to 20.004.30017 and 17.011.30204.

What type of attack can exploit CVE-2021-44711?

CVE-2021-44711 can be exploited through an Integer Overflow or Wraparound vulnerability to execute arbitrary code.

Who is affected by CVE-2021-44711?

Users of Adobe Acrobat Reader DC and Adobe Acrobat prior to the specified patched versions on Windows and macOS are affected by CVE-2021-44711.

Vulnerability/
CVE-2021-44711

critical

9.3

CWE

190

14/1/2022

16/9/2024

CVE-2021-44711: Adobe Acrobat Reader DC annotation gestures integer overflow vulnerability

First published: Fri Jan 14 2022(Updated: )

Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (and earlier) and 17.011.30204 (and earlier) are affected by an Integer Overflow or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Credit: psirt@adobe.com

Affected Software	Affected Version	How to fix
Adobe Acrobat Reader DC	>=15.008.20082<=21.007.20099
Adobe Acrobat Reader	>=15.008.20082<=21.007.20099
Microsoft Windows Operating System
Adobe Acrobat Reader	>=17.011.30059<=17.011.30204
Adobe Acrobat Reader	>=20.001.30005<=20.004.30017
Adobe Acrobat Reader Notification Manager	>=17.011.30059<=17.011.30204
Adobe Acrobat Reader Notification Manager	>=20.001.30005<=20.004.30017
macOS

Never miss a vulnerability like this again

Reference Links

https://helpx.adobe.com/security/products/acrobat/apsb22-01.html

Frequently Asked Questions

What is the severity of CVE-2021-44711?
CVE-2021-44711 is assessed as a critical vulnerability that could lead to arbitrary code execution.
How do I fix CVE-2021-44711?
To fix CVE-2021-44711, upgrade to the latest version of Adobe Acrobat Reader DC or Adobe Acrobat that addresses this vulnerability.
What versions are affected by CVE-2021-44711?
CVE-2021-44711 affects Adobe Acrobat Reader DC versions prior to 21.007.20099, and Adobe Acrobat versions prior to 20.004.30017 and 17.011.30204.
What type of attack can exploit CVE-2021-44711?
CVE-2021-44711 can be exploited through an Integer Overflow or Wraparound vulnerability to execute arbitrary code.
Who is affected by CVE-2021-44711?
Users of Adobe Acrobat Reader DC and Adobe Acrobat prior to the specified patched versions on Windows and macOS are affected by CVE-2021-44711.

agent/type
agent/weakness
agent/author
agent/references
agent/description
agent/severity
agent/title
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/first-publish-date
agent/event
agent/source
agent/tags
agent/softwarecombine
collector/nvd-index
agent/software-canonical-lookup-request
vendor/adobe
canonical/adobe acrobat reader dc
version/adobe acrobat reader dc/15.008.20082
version/adobe acrobat reader dc/21.007.20099
canonical/adobe acrobat reader
version/adobe acrobat reader/15.008.20082
version/adobe acrobat reader/21.007.20099
vendor/microsoft
canonical/microsoft windows operating system
version/adobe acrobat reader/17.011.30059
version/adobe acrobat reader/17.011.30204
version/adobe acrobat reader/20.001.30005
version/adobe acrobat reader/20.004.30017
canonical/adobe acrobat reader notification manager
version/adobe acrobat reader notification manager/17.011.30059
version/adobe acrobat reader notification manager/17.011.30204
version/adobe acrobat reader notification manager/20.001.30005
version/adobe acrobat reader notification manager/20.004.30017
vendor/apple
canonical/macos