CVE-2022-44517: 
Adobe Acrobat Reader Continuous vulnerability analysis and mitigation

CVE-2022-44517 is an out-of-bounds read vulnerability affecting Adobe Acrobat Reader DC. The vulnerability impacts multiple versions including 22.001.20085 (and earlier), 20.005.3031x (and earlier), and 17.012.30205 (and earlier). This security flaw was disclosed and addressed in Adobe's security bulletin APSB22-16 released in April 2022 (Adobe Security).

The vulnerability is classified as an out-of-bounds read (CWE-125) that occurs when parsing a crafted file, potentially resulting in a read past the end of an allocated memory structure. It has been assigned a CVSS v3.1 base score of 5.5 (Important) with the vector: AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N (Adobe Security).

When exploited, this vulnerability could allow an attacker to bypass security mitigations such as ASLR (Address Space Layout Randomization). The successful exploitation requires user interaction, specifically requiring a victim to open a malicious file (CVE Mitre).

Adobe has released security updates to address this vulnerability. Users are recommended to update their software installations to the latest versions through the Help > Check for Updates menu option or by downloading the full installer from the Acrobat Reader Download Center. IT administrators in managed environments can deploy updates via preferred methodologies such as AIP-GPO, bootstrapper, SCUP/SCCM for Windows, or Apple Remote Desktop and SSH for macOS (Adobe Security).