多款Adobe产品资源管理错误漏洞
Adobe Acrobat是一套PDF文件编辑和转换工具。Adobe Reader是一套PDF文档阅读软件。
一、漏洞分析
公开日期:2022-12-13
漏洞编号:CNVD-2022-87166/CVE-2022-34227
危害等级:高危
漏洞描述:多款Adobe产品存在资源管理错误漏洞,该漏洞源于处理PDF文件时出现释放后重用错误而存在的,攻击者利用该漏洞在系统上执行代码或导致应用程序崩溃。
二、漏洞影响产品
Adobe Acrobat DC Continuous(Windows & macOS)<=22.001.20142
Adobe Acrobat Reader DC Continuous(Windows & macOS)<=22.001.20142
Adobe Acrobat 2020 Classic 2020(Windows)<=20.005.30334
Adobe Acrobat 2020 Classic 2020(macOS)<=20.005.30331
Adobe Acrobat 2017 Classic 2017(Windows)<=17.012.30229
Adobe Acrobat 2017 Classic 2017(macOS)<=20.005.30331
Adobe Acrobat Reader 2020 Classic 2020(Windows)<=20.005.30334
Adobe Acrobat Reader 2020 Classic 2020(macOS)<=20.005.30331
Adobe Acrobat Reader 2017 Classic 2017(macOS)<=17.012.30227
Adobe Acrobat Reader 2017 Classic 2017(Windows)<=17.012.30229
三、漏洞处置建议
用户可参考如下厂商提供的安全补丁以修复该漏洞:
https://helpx.adobe.com/security/products/acrobat/apsb22-32.html/
