Design/Logic Flaw

Acrobat Reader DC versions 20.001.20085 and earlier, 20.005.3031x and earlier and 17.012.30205 and earlier are affected by a use-after-free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that ...

CVE-2021-28550 Adobe Acrobat Reader use after free vulnerability could lead to arbitrary code execution

Acrobat Reader DC versions versions 2021.001.20150 and earlier, 2020.001.30020 and earlier and 2017.011.30194 and earlier are affected by a Use After Free vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current...

CVE-2021-28642

Adobe Acrobat/Reader DC is affected by CVE-2021-28642: an Out-of-bounds write in various Adobe Acrobat versions (Reader DC 2021.005.20054 and earlier, 2020.004.30005 and earlier, 2017.011.30197 and earlier) that allows arbitrary code execution in the context of the current user. Exploitation requ...

Information disclosure

Acrobat Reader DC versions 2020.013.20066 and earlier, 2020.001.30010 and earlier and 2017.011.30180 and earlier are affected by an information exposure vulnerability, that could enable an attacker to get a DNS interaction and track if the user has opened or closed a PDF file when loaded from the...

Heap overflow

Acrobat Reader DC versions 2020.012.20048 and earlier, 2020.001.30005 and earlier and 2017.011.30175 and earlier are affected by a heap-based buffer overflow vulnerability in the submitForm function, potentially resulting in arbitrary code execution in the context of the current user. Exploitatio...