The vulnerabilities of PDF viewer programs such as Adobe Reader and Document Cloud, as well as PDF editing programs like Adobe Acrobat Document Cloud and Adobe Acrobat, are related to authentication process errors, allowing attackers to execute arbitrary code.

🗓️ 08 Dec 2020 00:00:00Reported by FSTEC of Russia — Information Security Threat DatabaseType

bdu_fstec

bdu_fstec🔗 bdu.fstec.ru👁 2 Views

PDF viewers and editors have authentication errors that allow arbitrary code execution with crafted dynamic libraries.

Reporter	Title	Published	Views	Family All 27
Tenable Nessus	Adobe Acrobat < 2017.011.30180 / 2020.001.30010 / 2020.013.20064 Multiple Vulnerabilities (APSB20-67)	5 Nov 202000:00	–	nessus
Tenable Nessus	Adobe Reader < 2017.011.30180 / 2020.001.30010 / 2020.013.20064 Multiple Vulnerabilities (APSB20-67)	5 Nov 202000:00	–	nessus
Tenable Nessus	Adobe Acrobat < 2017.011.30180 / 2020.001.30010 / 2020.013.20064 Multiple Vulnerabilities (APSB20-67) (macOS)	5 Nov 202000:00	–	nessus
Tenable Nessus	Adobe Reader < 2017.011.30180 / 2020.001.30010 / 2020.013.20064 Multiple Vulnerabilities (APSB20-67) (macOS)	5 Nov 202000:00	–	nessus
ATTACKERKB	CVE-2020-24431	3 Nov 202023:00	–	attackerkb
CNVD	Adobe Acrobat and Reader Security Feature Bypass Vulnerability	4 Nov 202000:00	–	cnvd
CVE	CVE-2020-24431	5 Nov 202019:31	–	cve
Cvelist	CVE-2020-24431 Acrobat Reader DC for macOS Dynamic Library Injection Vulnerability	5 Nov 202019:31	–	cvelist
EUVD	EUVD-2020-17151	7 Oct 202500:30	–	euvd
Kaspersky	KLA11991 Multiple vulnerabilities in Adobe Acrobat and Adobe Acrobat Reader	3 Nov 202000:00	–	kaspersky

Source	Link
helpx	www.helpx.adobe.com/security/products/acrobat/apsb20-67.html
nvd	www.nvd.nist.gov/vuln/detail/CVE-2020-24431
web	www.web.nvd.nist.gov/view/vuln/detail

08 Dec 2020 00:00Current

6.1Medium risk

Vulners AI Score6.1

CVSS 38.8

CVSS 29.3

EPSS0.01589

Adobe Reader Adobe Acrobat Document Cloud authentication errors arbitrary code execution crafted dynamic library