CVSS: 7.8EPSS: 0%CPEs: 16EXPL: 2CVE-2021-39863 – Adobe Acrobat Reader DC Heap-based Buffer Overflow Vulnerability Could Lead To Arbitrary Code Execution
https://notcve.org/view.php?id=CVE-2021-39863
Acrobat Reader DC versions 2021.005.20060 (and earlier), 2020.004.30006 (and earlier) and 2017.011.30199 (and earlier) are affected by a Buffer Overflow vulnerability when parsing a specially crafted PDF file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Acrobat Reader DC versiones 2021.005.20060 (y anteriores), versiones 2020.004.30006 (y anteriores), y versiones 2017.011.30199 (y anteriores), están afectadas por una vulnerabilidad de desbordamiento del búfer cuando analizan un archivo PDF especialmente diseñado. Un atacante no autenticado podría aprovechar esta vulnerabilidad para lograr una ejecución de código arbitrario en el contexto del usuario actual. • https://github.com/lsw29475/CVE-2021-39863 https://github.com/WHS-SEGFAULT/CVE-2021-39863 https://helpx.adobe.com/security/products/acrobat/apsb21-55.html • CWE-122: Heap-based Buffer Overflow •
CVSS: 10.0EPSS: 1%CPEs: 8EXPL: 0CVE-2018-4917 – Adobe Acrobat Pro DC ImageConversion EMF TIFF Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2018-4917
Adobe Acrobat and Reader versions 2018.009.20050 and earlier, 2017.011.30070 and earlier, 2015.006.30394 and earlier have an exploitable heap overflow vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user. Adobe Acrobat y Reader 2018.009.20050 y anteriores, 2017.011.30070 y anteriores y 2015.006.30394 y anteriores, tienen una vulnerabilidad explotable de desbordamiento de memoria dinámica (heap). Su explotación con éxito podría permitir la ejecución arbitraria de código en el contexto del usuario actual. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Acrobat Pro DC. • http://www.securityfocus.com/bid/102992 http://www.securitytracker.com/id/1040364 https://helpx.adobe.com/security/products/acrobat/apsb18-02.html • CWE-787: Out-of-bounds Write •