The vulnerability of PDF viewing and editing programs such as Adobe Acrobat Document Cloud, Adobe Acrobat Reader Document Cloud, Adobe Acrobat 2020, and Adobe Reader 2020 lies in their ability to read data beyond the buffer in memory, allowing attackers to gain unauthorized access to protected information.

🗓️ 19 Feb 2024 00:00:00Reported by FSTEC of Russia — Information Security Threat DatabaseType

bdu_fstec

bdu_fstec🔗 bdu.fstec.ru👁 4 Views

Adobe products suffer buffer overread in OpenType font processing, enabling unauthorized access.

Reporter	Title	Published	Views	Family All 26
Tenable Nessus	Adobe Acrobat < 20.005.30574 / 23.008.20533 Multiple Vulnerabilities (APSB24-07)	13 Feb 202400:00	–	nessus
Tenable Nessus	Adobe Reader < 20.005.30574 / 23.008.20533 Multiple Vulnerabilities (APSB24-07)	13 Feb 202400:00	–	nessus
Tenable Nessus	Adobe Acrobat < 20.005.30574 / 23.008.20533 Multiple Vulnerabilities (APSB24-07) (macOS)	13 Feb 202400:00	–	nessus
Tenable Nessus	Adobe Reader < 20.005.30574 / 23.008.20533 Multiple Vulnerabilities (APSB24-07) (macOS)	13 Feb 202400:00	–	nessus
Circl	CVE-2024-20747	15 Feb 202414:32	–	circl
CNNVD	Adobe Acrobat Reader 缓冲区错误漏洞	15 Feb 202400:00	–	cnnvd
CNVD	Adobe Acrobat and Reader Out-of-Bounds Read Vulnerability (CNVD-2024-11664)	29 Feb 202400:00	–	cnvd
CVE	CVE-2024-20747	15 Feb 202412:18	–	cve
Cvelist	CVE-2024-20747 TALOS-2023-1908 - Adobe Acrobat Reader Font CharStrings INDEX out-of-bounds read vulnerability	15 Feb 202412:18	–	cvelist
EUVD	EUVD-2024-18462	3 Oct 202520:07	–	euvd

Source	Link
helpx	www.helpx.adobe.com/security/products/acrobat/apsb24-07.html
talosintelligence	www.talosintelligence.com/vulnerability_reports/TALOS-2023-1908
vuldb	www.vuldb.com/
web	www.web.nvd.nist.gov/view/vuln/detail

19 Feb 2024 00:00Current

6.8Medium risk

Vulners AI Score6.8

CVSS 24.9

CVSS 35.5

EPSS0.02385

OpenType fonts Buffer overread Unauthorized access Adobe Acrobat Document Cloud OpenType processing