CVSS: 4.3EPSS: 0%CPEs: 14EXPL: 0CVE-2021-39844 – Adobe Acrobat Reader CalRGB Out-of-Bounds Read Vulnerability
https://notcve.org/view.php?id=CVE-2021-39844
29 Sep 2021 — Acrobat Reader DC versions 2021.005.20060 (and earlier), 2020.004.30006 (and earlier) and 2017.011.30199 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of arbitrary memory information in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Acrobat Reader DC versiones 2021.005.20060 (y anteriores), versiones 2020.004.30006 (y anteriores), y versiones 2017.011.30199 (y anteriores), es... • https://helpx.adobe.com/security/products/acrobat/apsb21-55.html • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 31%CPEs: 14EXPL: 0CVE-2021-39843 – Adobe Acrobat Reader XObject Out-of-Bound Write Vulnerability
https://notcve.org/view.php?id=CVE-2021-39843
29 Sep 2021 — Acrobat Reader DC versions 2021.005.20060 (and earlier), 2020.004.30006 (and earlier) and 2017.011.30199 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Acrobat Reader DC versiones 2021.005.20060 (y anteriores), versiones 2020.004.30006 (y anteriores), y versiones 2017.011.30199 (y anteriores), están afectadas p... • https://helpx.adobe.com/security/products/acrobat/apsb21-55.html • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 57%CPEs: 14EXPL: 0CVE-2021-39842 – Adobe Acrobat Reader DC messageHandler.OnMessage Use-After-Free Vulnerability
https://notcve.org/view.php?id=CVE-2021-39842
29 Sep 2021 — Acrobat Reader DC versions 2021.005.20060 (and earlier), 2020.004.30006 (and earlier) and 2017.011.30199 (and earlier) are affected by a use-after-free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Acrobat Reader DC versiones 2021.005.20060 (y anteriores), versiones 2020.004.30006 (y anteriores), y versiones 2017.011.30199 (y anteriores), están afectadas por una... • https://helpx.adobe.com/security/products/acrobat/apsb21-55.html • CWE-416: Use After Free •
CVSS: 7.3EPSS: 0%CPEs: 16EXPL: 0CVE-2021-35982 – Adobe Reader DC Windows Installer Uncontrolled Search Path element could lead to Arbitrary Code Execution
https://notcve.org/view.php?id=CVE-2021-35982
29 Sep 2021 — Acrobat Reader DC versions 2021.005.20060 (and earlier), 2020.004.30006 (and earlier) and 2017.011.30199 (and earlier) are affected by an Uncontrolled Search Path Element vulnerability. A local attacker with non-administrative privileges can plant a malicious DLL to achieve arbitrary code execution in the context of the current user via DLL hijacking. Exploitation of this issue requires user interaction. Las versiones 2021.005.20060 (y anteriores), 2020.004.30006 (y anteriores) y 2017.011.30199 (y anteriore... • https://helpx.adobe.com/security/products/acrobat/apsb21-55.html • CWE-427: Uncontrolled Search Path Element •
CVSS: 7.8EPSS: 57%CPEs: 14EXPL: 0CVE-2021-39836 – Adobe Acrobat Reader DC AcroForm buttonGetIcon Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2021-39836
16 Sep 2021 — Acrobat Reader DC versions 2021.005.20060 (and earlier), 2020.004.30006 (and earlier) and 2017.011.30199 (and earlier) are affected by a use-after-free vulnerability in the processing of the AcroForm buttonGetIcon action that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Acrobat Reader DC versiones 2021.005.20060 (y anteriores), versiones 2020.004.30006 (y anteriores), y versiones... • https://helpx.adobe.com/security/products/acrobat/apsb21-55.html • CWE-416: Use After Free •
CVSS: 7.8EPSS: 57%CPEs: 14EXPL: 0CVE-2021-39837 – Adobe Acrobat Reader DC AcroForm deleteItemAt Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2021-39837
16 Sep 2021 — Acrobat Reader DC versions 2021.005.20060 (and earlier), 2020.004.30006 (and earlier) and 2017.011.30199 (and earlier) are affected by a use-after-free vulnerability in the processing of the AcroForm deleteItemAt action that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Acrobat Reader DC versiones 2021.005.20060 (y anteriores), versiones 2020.004.30006 (y anteriores), y versiones ... • https://helpx.adobe.com/security/products/acrobat/apsb21-55.html • CWE-416: Use After Free •
CVSS: 7.8EPSS: 57%CPEs: 14EXPL: 0CVE-2021-39838 – Adobe Acrobat Reader DC AcroForm buttonGetCaption Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2021-39838
16 Sep 2021 — Acrobat Reader DC versions 2021.005.20060 (and earlier), 2020.004.30006 (and earlier) and 2017.011.30199 (and earlier) are affected by a use-after-free vulnerability in the processing of the AcroForm buttonGetCaption action that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Acrobat Reader DC versiones 2021.005.20060 (y anteriores), versiones 2020.004.30006 (y anteriores), y versio... • https://helpx.adobe.com/security/products/acrobat/apsb21-55.html • CWE-416: Use After Free •
CVSS: 7.8EPSS: 57%CPEs: 14EXPL: 0CVE-2021-39839 – Adobe Acrobat Reader DC AcroForm getItemAt Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2021-39839
16 Sep 2021 — Acrobat Reader DC versions 2021.005.20060 (and earlier), 2020.004.30006 (and earlier) and 2017.011.30199 (and earlier) are affected by a use-after-free vulnerability in the processing of the AcroForm getItem action that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Acrobat Reader DC versiones 2021.005.20060 (y anteriores), versiones 2020.004.30006 (y anteriores), y versiones 2017.... • https://helpx.adobe.com/security/products/acrobat/apsb21-55.html • CWE-416: Use After Free •
CVSS: 7.8EPSS: 12%CPEs: 14EXPL: 0CVE-2021-39840 – Adobe Acrobat Reader DC AcroForm Field Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2021-39840
16 Sep 2021 — Acrobat Reader DC versions 2021.005.20060 (and earlier), 2020.004.30006 (and earlier) and 2017.011.30199 (and earlier) are affected by a use-after-free vulnerability when processing AcroForms that could result in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. Acrobat Reader DC versiones 2021.005.20060 (y anteriores), versiones 2020.004.30006 (y anteriores), y vers... • https://helpx.adobe.com/security/products/acrobat/apsb21-55.html • CWE-416: Use After Free •
CVSS: 7.8EPSS: 12%CPEs: 14EXPL: 0CVE-2021-39841 – Adobe Acrobat Pro DC DocMedia Type Confusion Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2021-39841
16 Sep 2021 — Acrobat Reader DC versions 2021.005.20060 (and earlier), 2020.004.30006 (and earlier) and 2017.011.30199 (and earlier) are affected by a Type Confusion vulnerability. An attacker could leverage this vulnerability to execute arbitrary code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Acrobat Reader DC versiones 2021.005.20060 (y anteriores), versiones 2020.004.30006 (y anteriores), y versiones 2017.011.30199 (y anteriore... • https://helpx.adobe.com/security/products/acrobat/apsb21-55.html • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •