31650 matches found
CVE-2024-41831
CVE-2024-41831 affects Acrobat Reader versions 20.005.30636, 24.002.20965, 24.002.20964, 24.001.30123 and earlier. The connected documents indicate a Use-After-Free vulnerability in AcroForm that could lead to arbitrary code execution in the context of the current user. Exploitation requires user...
CVE-2024-39423
CVE-2024-39423 affects Acrobat Reader: versions 20.005.30636, 24.002.20965, 24.002.20964, 24.001.30123 and earlier. Root cause: out-of-bounds write in AcroForm annotation handling that could allow arbitrary code execution in the user’s context. Exploitation requires user interaction (victim opens...
CVE-2024-39423 ZDI-CAN-24182: New Vulnerability Report - Adobe Acrobat Reader DC AcroForm Annotation Out-Of-Bounds Write Remote Code Execution Vulnerability
Acrobat Reader versions 20.005.30636, 24.002.20965, 24.002.20964, 24.001.30123 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim...
CVE-2024-39423 ZDI-CAN-24182: New Vulnerability Report - Adobe Acrobat Reader DC AcroForm Annotation Out-Of-Bounds Write Remote Code Execution Vulnerability
Acrobat Reader versions 20.005.30636, 24.002.20965, 24.002.20964, 24.001.30123 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim...
CVE-2024-39420
CVE-2024-39420 (Acrobat Reader) is a TOCTOU race-condition vulnerability affecting multiple Adobe Reader/Acrobat versions (e.g., 20.005.30636, 24.002.21005, 24.001.30159, 24.003.20054 and earlier). The root cause is a timing issue between checking a condition and using a resource, which could all...
CVE-2024-39420 Acrobat Reader | Time-of-check Time-of-use (TOCTOU) Race Condition (CWE-367)
Acrobat Reader versions 20.005.30636, 24.002.21005, 24.001.30159, 20.005.30655, 24.002.20965, 24.002.20964, 24.001.30123, 24.003.20054 and earlier are affected by a Time-of-check Time-of-use TOCTOU Race Condition vulnerability that could lead to arbitrary code execution. This vulnerability arises...
CVE-2024-41835 TALOS-2024-2003 | Adobe Acrobat Reader Font Packed Point Numbers Out-Of-Bounds Read Vulnerability
Acrobat Reader versions 20.005.30636, 24.002.20965, 24.002.20964, 24.001.30123 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this...
CVE-2024-41835
CVE-2024-41835 affects Acrobat Reader versions 20.005.30636, 24.002.20965, 24.002.20964, 24.001.30123 and earlier. The issue is an out-of-bounds read vulnerability that could disclose memory contents and help bypass mitigations such as ASLR. Exploitation requires user interaction (victim must ope...
CVE-2024-41834 ZDI-CAN-24311: Adobe Acrobat Reader DC Annotation Out-Of-Bounds Read Information Disclosure Vulnerability
Acrobat Reader versions 20.005.30636, 24.002.20965, 24.002.20964, 24.001.30123 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this...
CVE-2024-41835 TALOS-2024-2003 | Adobe Acrobat Reader Font Packed Point Numbers Out-Of-Bounds Read Vulnerability
Acrobat Reader versions 20.005.30636, 24.002.20965, 24.002.20964, 24.001.30123 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this...
CVE-2024-41834
CVE-2024-41834 is an out-of-bounds read vulnerability in Acrobat Reader affecting versions 20.005.30636, 24.002.20965, 24.002.20964, 24.001.30123 and earlier. Exploitation could disclose memory contents and bypass mitigations such as ASLR; successful exploitation requires user interaction (victim...
CVE-2024-39424 ZDI-CAN-24309: Adobe Acrobat Reader DC Annotation Use-After-Free Remote Code Execution Vulnerability
Acrobat Reader versions 20.005.30636, 24.002.20965, 24.002.20964, 24.001.30123 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must op...
CVE-2024-39424 ZDI-CAN-24309: Adobe Acrobat Reader DC Annotation Use-After-Free Remote Code Execution Vulnerability
Acrobat Reader versions 20.005.30636, 24.002.20965, 24.002.20964, 24.001.30123 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must op...
CVE-2024-39424
CVE-2024-39424 affects Adobe Acrobat Reader DC/Acrobat Reader with versions 20.005.30636, 24.002.20965, 24.002.20964, 24.001.30123 and earlier. Root cause is a Use-After-Free in the annotation-related path that can lead to arbitrary code execution in the context of the current user. Exploitation ...
CVE-2024-41830 Talos Security Advisory for Adobe (TALOS-2024-2009)
Acrobat Reader versions 20.005.30636, 24.002.20965, 24.002.20964, 24.001.30123 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must op...
CVE-2024-41830
CVE-2024-41830 affects Acrobat Reader: versions 20.005.30636, 24.002.20965, 24.002.20964, 24.001.30123 and earlier are exposed to a Use-After-Free vulnerability that could allow arbitrary code execution in the current user’s context. Exploitation requires user interaction, specifically the victim...
CVE-2024-41830 Talos Security Advisory for Adobe (TALOS-2024-2009)
Acrobat Reader versions 20.005.30636, 24.002.20965, 24.002.20964, 24.001.30123 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must op...
CVE-2024-39383
CVE-2024-39383 affects Adobe Acrobat/Reader only in specific versions (e.g., Reader 20.005.30636, 24.002.20965/20964, 24.001.30123 and earlier). The issue is a Use-After-Free vulnerability that could allow arbitrary code execution in the current user context. Exploitation requires the user to ope...
CVE-2024-39383 PoC sample of unknown vulnerability detected by EXPMON system
Acrobat Reader versions 20.005.30636, 24.002.20965, 24.002.20964, 24.001.30123 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must op...
CVE-2024-39425 Security vulnerability in AdobeARMHelper
Acrobat Reader versions 20.005.30636, 24.002.20965, 24.002.20964, 24.001.30123 and earlier are affected by a Time-of-check Time-of-use TOCTOU Race Condition vulnerability that could lead to privilege escalation. Exploitation of this issue require local low-privilege access to the affected system...