CVE-2024-30312 TALOS-2024-1952 - Adobe Acrobat Reader Font CPAL numColorRecords out-of-bounds read vulnerability

🗓️ 15 May 2024 10:00:14Reported by adobeType

Adobe Acrobat Reader out-of-bounds read vulnerability 20.005.30574, 24.002.20736 and earlie

Reporter	Title	Published	Views	Family All 24
Tenable Nessus	Adobe Acrobat < 20.005.30635 / 24.002.20759 Multiple Vulnerabilities (APSB24-29)	14 May 202400:00	–	nessus
Tenable Nessus	Adobe Reader < 20.005.30635 / 24.002.20759 Multiple Vulnerabilities (APSB24-29)	14 May 202400:00	–	nessus
Tenable Nessus	Adobe Acrobat < 20.005.30635 / 24.002.20759 Multiple Vulnerabilities (APSB24-29) (macOS)	14 May 202400:00	–	nessus
Tenable Nessus	Adobe Reader < 20.005.30635 / 24.002.20759 Multiple Vulnerabilities (APSB24-29) (macOS)	14 May 202400:00	–	nessus
BDU FSTEC	The vulnerabilities of PDF viewing and editing programs like Adobe Acrobat Document Cloud, Adobe Acrobat Reader Document Cloud, and Adobe Acrobat 2020/Adobe Acrobat Reader 2020 involve an exploit that allows an attacker to bypass memory buffers, thereby enabling them to disclose protected information.	17 May 202400:00	–	bdu_fstec
CNNVD	Adobe Acrobat Reader 缓冲区错误漏洞	15 May 202400:00	–	cnnvd
CNVD	Adobe Acrobat Reader buffer overflow vulnerability (CNVD-2024-29337)	22 May 202400:00	–	cnvd
CVE	CVE-2024-30312	15 May 202410:00	–	cve
EUVD	EUVD-2024-28233	3 Oct 202520:07	–	euvd
Kaspersky	KLA67474 Multiple vulnerabilities in Adobe Acrobat and Adobe Acrobat Reader	14 May 202400:00	–	kaspersky

[
  {
    "defaultStatus": "affected",
    "product": "Acrobat Reader",
    "vendor": "Adobe",
    "versions": [
      {
        "lessThanOrEqual": "24.002.20736",
        "status": "affected",
        "version": "0",
        "versionType": "semver"
      }
    ]
  }
]

Source	Link
helpx	www.helpx.adobe.com/security/products/acrobat/apsb24-29.html
talosintelligence	www.talosintelligence.com/vulnerability_reports/TALOS-2024-1952

10 Jun 2024 17:06Current

5.6Medium risk

Vulners AI Score5.6

CVSS 3.15.5

EPSS0.01767

CWE-125