31721 matches found
CVE-2024-39422 ZDI-CAN-24090: New Vulnerability Report - Use-after-free remote code execution vulnerability in Adobe Acrobat Reader DC
Acrobat Reader versions 20.005.30636, 24.002.20965, 24.002.20964, 24.001.30123 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must op...
CVE-2024-39422
CVE-2024-39422 affects Adobe Acrobat Reader DC versions up to 24.002.2105x and earlier (notably 20.005.30636, 24.002.20965, 24.002.20964, 24.001.30123). Root cause: a Use-After-Free vulnerability that could allow arbitrary code execution in the current user’s context. Exploitation requires user i...
CVE-2024-39422 ZDI-CAN-24090: New Vulnerability Report - Use-after-free remote code execution vulnerability in Adobe Acrobat Reader DC
Acrobat Reader versions 20.005.30636, 24.002.20965, 24.002.20964, 24.001.30123 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must op...
CVE-2024-41831 ZDI-CAN-24569: Adobe Acrobat Reader DC AcroForm Use-After-Free Remote Code Execution Vulnerability
Acrobat Reader versions 20.005.30636, 24.002.20965, 24.002.20964, 24.001.30123 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must op...
CVE-2024-41831 ZDI-CAN-24569: Adobe Acrobat Reader DC AcroForm Use-After-Free Remote Code Execution Vulnerability
Acrobat Reader versions 20.005.30636, 24.002.20965, 24.002.20964, 24.001.30123 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must op...
CVE-2024-41831
CVE-2024-41831 affects Acrobat Reader versions 20.005.30636, 24.002.20965, 24.002.20964, 24.001.30123 and earlier. The connected documents indicate a Use-After-Free vulnerability in AcroForm that could lead to arbitrary code execution in the context of the current user. Exploitation requires user...
CVE-2024-39423
CVE-2024-39423 affects Acrobat Reader: versions 20.005.30636, 24.002.20965, 24.002.20964, 24.001.30123 and earlier. Root cause: out-of-bounds write in AcroForm annotation handling that could allow arbitrary code execution in the user’s context. Exploitation requires user interaction (victim opens...
CVE-2024-39423 ZDI-CAN-24182: New Vulnerability Report - Adobe Acrobat Reader DC AcroForm Annotation Out-Of-Bounds Write Remote Code Execution Vulnerability
Acrobat Reader versions 20.005.30636, 24.002.20965, 24.002.20964, 24.001.30123 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim...
CVE-2024-39423 ZDI-CAN-24182: New Vulnerability Report - Adobe Acrobat Reader DC AcroForm Annotation Out-Of-Bounds Write Remote Code Execution Vulnerability
Acrobat Reader versions 20.005.30636, 24.002.20965, 24.002.20964, 24.001.30123 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim...
CVE-2024-39420
CVE-2024-39420 (Acrobat Reader) is a TOCTOU race-condition vulnerability affecting multiple Adobe Reader/Acrobat versions (e.g., 20.005.30636, 24.002.21005, 24.001.30159, 24.003.20054 and earlier). The root cause is a timing issue between checking a condition and using a resource, which could all...
CVE-2024-39420 Acrobat Reader | Time-of-check Time-of-use (TOCTOU) Race Condition (CWE-367)
Acrobat Reader versions 20.005.30636, 24.002.21005, 24.001.30159, 20.005.30655, 24.002.20965, 24.002.20964, 24.001.30123, 24.003.20054 and earlier are affected by a Time-of-check Time-of-use TOCTOU Race Condition vulnerability that could lead to arbitrary code execution. This vulnerability arises...
CVE-2024-41835 TALOS-2024-2003 | Adobe Acrobat Reader Font Packed Point Numbers Out-Of-Bounds Read Vulnerability
Acrobat Reader versions 20.005.30636, 24.002.20965, 24.002.20964, 24.001.30123 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this...
CVE-2024-41835
CVE-2024-41835 affects Acrobat Reader versions 20.005.30636, 24.002.20965, 24.002.20964, 24.001.30123 and earlier. The issue is an out-of-bounds read vulnerability that could disclose memory contents and help bypass mitigations such as ASLR. Exploitation requires user interaction (victim must ope...
CVE-2024-41834 ZDI-CAN-24311: Adobe Acrobat Reader DC Annotation Out-Of-Bounds Read Information Disclosure Vulnerability
Acrobat Reader versions 20.005.30636, 24.002.20965, 24.002.20964, 24.001.30123 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this...
CVE-2024-41835 TALOS-2024-2003 | Adobe Acrobat Reader Font Packed Point Numbers Out-Of-Bounds Read Vulnerability
Acrobat Reader versions 20.005.30636, 24.002.20965, 24.002.20964, 24.001.30123 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this...
CVE-2024-41834
CVE-2024-41834 is an out-of-bounds read vulnerability in Acrobat Reader affecting versions 20.005.30636, 24.002.20965, 24.002.20964, 24.001.30123 and earlier. Exploitation could disclose memory contents and bypass mitigations such as ASLR; successful exploitation requires user interaction (victim...
CVE-2024-39424 ZDI-CAN-24309: Adobe Acrobat Reader DC Annotation Use-After-Free Remote Code Execution Vulnerability
Acrobat Reader versions 20.005.30636, 24.002.20965, 24.002.20964, 24.001.30123 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must op...
CVE-2024-39424 ZDI-CAN-24309: Adobe Acrobat Reader DC Annotation Use-After-Free Remote Code Execution Vulnerability
Acrobat Reader versions 20.005.30636, 24.002.20965, 24.002.20964, 24.001.30123 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must op...
CVE-2024-39424
CVE-2024-39424 affects Adobe Acrobat Reader DC/Acrobat Reader with versions 20.005.30636, 24.002.20965, 24.002.20964, 24.001.30123 and earlier. Root cause is a Use-After-Free in the annotation-related path that can lead to arbitrary code execution in the context of the current user. Exploitation ...
CVE-2024-41830
CVE-2024-41830 affects Acrobat Reader: versions 20.005.30636, 24.002.20965, 24.002.20964, 24.001.30123 and earlier are exposed to a Use-After-Free vulnerability that could allow arbitrary code execution in the current user’s context. Exploitation requires user interaction, specifically the victim...