CVE-2021-39850— Adobe Acrobat Reader DC Null Pointer Dereference Could Lead To Application Denial-of-Service

CVSS 5.5 · Medium EPSS 1.01% · P77 Updated Feb 25, 2026

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2021-39850

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

Adobe Acrobat Reader DC Null Pointer Dereference Could Lead To Application Denial-of-Service

Source: NVD (National Vulnerability Database)

Vulnerability Description

Acrobat Reader DC versions 2021.005.20060 (and earlier), 2020.004.30006 (and earlier) and 2017.011.30199 (and earlier) are affected by a Null pointer dereference vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-service in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Source: NVD (National Vulnerability Database)

CVSS Information

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Source: NVD (National Vulnerability Database)

Vulnerability Type

空指针解引用

Source: NVD (National Vulnerability Database)

Vulnerability Title

Adobe Acrobat和Adobe Reader 代码问题漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

Adobe Acrobat和Adobe Reader都是美国奥多比（Adobe）公司的产品。Adobe Acrobat是一套PDF文件编辑和转换工具。Adobe Reader是一套PDF文档阅读软件。 Adobe Acrobat 和 Reader存在代码问题漏洞，该漏洞源于NULL 指针取消引用错误。远程攻击者可以诱使受害者打开特制文件并执行拒绝服务 (DoS) 攻击。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
Adobe	Acrobat Reader	unspecified ~ DC 2021 July	-

II. Public POCs for CVE-2021-39850

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2021-39850

请登录查看更多情报信息。

Same Patch Batch · Adobe · 2021-09-29 · 41 CVEs total

CVE-2021-39831	7.8 HIGH	Adobe FrameMaker PDF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
CVE-2021-39863	7.8 HIGH	Adobe Acrobat Reader DC Heap-based Buffer Overflow Vulnerability Could Lead To Arbitrary C
CVE-2021-40715	7.8 HIGH	Adobe Premiere Pro 2021 EXR File Parsing Leads to Memory Corruption
CVE-2021-39843	7.8 HIGH	Adobe Acrobat Reader XObject Out-of-Bound Write Vulnerability
CVE-2021-40708	7.3 HIGH	Adobe Genuine Service Installer Privilege Escalation Vulnerability
CVE-2021-39855	6.5 MEDIUM	Adobe Acrobat Reader DC NTLMv2 SSO Information Disclosure via src Parameter
CVE-2021-39856	6.5 MEDIUM	Adobe Acrobat Reader DC NTLMv2 SSO Information Disclosure via LoadFile
CVE-2021-39846	6.1 MEDIUM	Adobe Acrobat Reader /Parent Property Recursive Stack Overflow
CVE-2021-39845	6.1 MEDIUM	Adobe Acrobat Reader Page Tree Node Recursive Stack Overflow
CVE-2021-39861	5.5 MEDIUM	Adobe Acrobat Reader DC Catalog Plugin Out-of-Bounds Read Bug
CVE-2021-39851	5.5 MEDIUM	Adobe Acrobat Reader DC Null Pointer Dereference Could Lead To Application Denial-of-Servi
CVE-2021-39852	5.5 MEDIUM	Adobe Acrobat Reader DC Null Pointer Dereference Could Lead To Application Denial-of-Servi
CVE-2021-39849	5.5 MEDIUM	Adobe Acrobat Reader DC Null Pointer Dereference Could Lead To Application Denial-of-Servi
CVE-2021-39860	5.5 MEDIUM	Adobe Acrobat Reader DC Search Plugin Null Pointer Dereference
CVE-2021-39844	3.3 LOW	Adobe Acrobat Reader CalRGB Out-of-Bounds Read Vulnerability
CVE-2021-39832		Adobe FrameMaker PDF File Parsing Memory Corruption Remote Code Execution Vulnerability
CVE-2021-39836		Adobe Acrobat Reader DC AcroForm buttonGetIcon Use-After-Free Remote Code Execution Vulner
CVE-2021-39835		Adobe FrameMaker PDF File Parsing Use-After-Free Information Disclosure Vulnerability
CVE-2021-39837		Adobe Acrobat Reader DC AcroForm deleteItemAt Use-After-Free Remote Code Execution Vulnera
CVE-2021-39839		Adobe Acrobat Reader DC AcroForm getItemAt Use-After-Free Remote Code Execution Vulnerabil

Showing top 20 of 41 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: Acrobat Reader

Same vendor: Adobe

Same weakness: CWE-476

V. Comments for CVE-2021-39850

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2021-39850— Adobe Acrobat Reader DC Null Pointer Dereference Could Lead To Application Denial-of-Service

I. Basic Information for CVE-2021-39850

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2021-39850

III. Intelligence Information for CVE-2021-39850

Same Patch Batch · Adobe · 2021-09-29 · 41 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2021-39850

Leave a comment