5.5

CVE-2025-47111

Acrobat Reader versions 24.001.30235, 20.005.30763, 25.001.20521 and earlier are affected by a NULL Pointer Dereference vulnerability that could lead to application denial-of-service. An attacker could exploit this vulnerability to crash the application, causing a disruption in service. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD
This information is available to logged-in users.
Data is provided by the National Vulnerability Database (NVD)
AdobeAcrobat Dc SwEditioncontinuous Version < 25.001.20531
   MicrosoftWindows Version-
AdobeAcrobat Reader Dc SwEditioncontinuous Version < 25.001.20531
   MicrosoftWindows Version-
AdobeAcrobat Dc SwEditioncontinuous Version < 25.001.20529
   ApplemacOS Version-
AdobeAcrobat Reader Dc SwEditioncontinuous Version < 25.001.20529
   ApplemacOS Version-
AdobeAcrobat SwEditionclassic Version >= 20.0 < 20.005.30774
   ApplemacOS Version-
   MicrosoftWindows Version-
AdobeAcrobat SwEditionclassic Version >= 24.0.0 < 24.001.30254
   ApplemacOS Version-
   MicrosoftWindows Version-
AdobeAcrobat Reader SwEditionclassic Version >= 20.0 < 20.005.30774
   ApplemacOS Version-
   MicrosoftWindows Version-
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Type Source Score Percentile
EPSS FIRST.org 0.02% 0.047
CVSS Metriken
Source Base Score Exploit Score Impact Score Vector string
psirt@adobe.com 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CWE-476 NULL Pointer Dereference

The product dereferences a pointer that it expects to be valid but is NULL.