Memory corruption

2021-02-1121:15:00

PRIOn knowledge base

www.prio-n.com

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.002 Low

EPSS

Percentile

52.0%

JSON

Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by a Memory corruption vulnerability when parsing a specially crafted PDF file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

CPENameOperatorVersion
acrobatge17.011.30059
acrobatle17.011.30188
acrobatge20.001.30005
acrobatle20.001.30018
acrobat_dcge15.008.20082
acrobat_dcle20.013.20074
acrobat_readerge17.011.30059
acrobat_readerle17.011.30188
acrobat_readerge20.001.30005
acrobat_readerle20.001.30018

Name	Operator	Version
acrobat	ge	17.011.30059
acrobat	le	17.011.30188
acrobat	ge	20.001.30005
acrobat	le	20.001.30018
acrobat_dc	ge	15.008.20082
acrobat_dc	le	20.013.20074
acrobat_reader	ge	17.011.30059
acrobat_reader	le	17.011.30188
acrobat_reader	ge	20.001.30005
acrobat_reader	le	20.001.30018