The vulnerabilities of PDF viewer programs such as Adobe Reader and Document Cloud, as well as PDF editing programs like Adobe Acrobat Document Cloud and Adobe Acrobat, are related to memory usage after it is freed. This allows attackers to execute arbitrary code.

🗓️ 19 May 2021 00:00:00Reported by FSTEC of Russia — Information Security Threat DatabaseType

bdu_fstec

bdu_fstec🔗 bdu.fstec.ru👁 4 Views

PDF viewers and editors have use-after-free memory vulnerabilities that let attackers run code from a crafted PDF.

Reporter	Title	Published	Views	Family All 26
Tenable Nessus	Adobe Acrobat < 2015.006.30510 / 2017.011.30158 / 2020.006.20034 Multiple Vulnerabilities (APSB20-05)	13 Feb 202000:00	–	nessus
Tenable Nessus	Adobe Reader < 2015.006.30510 / 2020.006.20034 Multiple Vulnerabilities (APSB20-05)	13 Feb 202000:00	–	nessus
Tenable Nessus	Adobe Acrobat < 2015.006.30510 / 2020.006.20034 Multiple Vulnerabilities (APSB20-05) (macOS)	13 Feb 202000:00	–	nessus
Tenable Nessus	Adobe Reader < 2015.006.30510 / 2017.011.30158 / 2020.006.20034 Multiple Vulnerabilities (APSB20-05) (macOS)	13 Feb 202000:00	–	nessus
CNVD	Adobe Acrobat and Reader Memory Misreference Vulnerability (CNVD-2020-10139)	12 Feb 202000:00	–	cnvd
Check Point Advisories	Adobe Acrobat and Reader Use After Free (APSB20-05: CVE-2020-3749)	11 Feb 202000:00	–	checkpoint_advisories
CVE	CVE-2020-3749	13 Feb 202015:45	–	cve
Cvelist	CVE-2020-3749	13 Feb 202015:45	–	cvelist
EUVD	EUVD-2020-25015	7 Oct 202500:30	–	euvd
Kaspersky	KLA11674 Multiple vulnerabilities in Adobe Acrobat	11 Feb 202000:00	–	kaspersky

Source	Link
helpx	www.helpx.adobe.com/security/products/acrobat/apsb20-05.html
nvd	www.nvd.nist.gov/vuln/detail/CVE-2020-3749
web	www.web.nvd.nist.gov/view/vuln/detail

19 May 2021 00:00Current

8.3High risk

Vulners AI Score8.3

CVSS 39.8

CVSS 210

EPSS0.04853

PDF vulnerability Use after free Code execution Crafted PDF Memory safety