Description

Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by a Use After Free vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Remediation

References

https://helpx.adobe.com/security/products/acrobat/apsb21-09.html

Related Vulnerabilities

CVE-2023-49620 Vulnerability in maven package org.apache.dolphinscheduler:dolphinscheduler-dao

CVE-2017-17837 Vulnerability in maven package org.apache.deltaspike.modules:deltaspike-jsf-module-impl

CVE-2018-1999027 Vulnerability in maven package org.jenkins-ci.plugins:saltstack

CVE-2023-34092 Vulnerability in npm package vite

CVE-2021-35516 Vulnerability in maven package org.apache.commons:commons-compress

Severity

Critical

Classification

CWE-416 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Tags

Vendor Advisory