CVE-2021-21046 – Acrobat Reader DC Buffer Overflow Vulnerability Could Lead To Arbitrary Code Execution
https://notcve.org/view.php?id=CVE-2021-21046
Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by an memory corruption vulnerability. An unauthenticated attacker could leverage this vulnerability to cause an application denial-of-service. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Acrobat Reader DC versiones 2020.013.20074 (y anteriores), versiones 2020.001.30018 (y anteriores) y versiones 2017.011.30188 (y anteriores), están afectadas por una vulnerabilidad de corrupción de la memoria. Un atacante no autenticado podría aprovechar esta vulnerabilidad para causar una denegación de servicio de la aplicación. • https://helpx.adobe.com/security/products/acrobat/apsb21-09.html • CWE-787: Out-of-bounds Write •
CVE-2021-21045 – Acrobat Reader DC Improper Installer Access Control Vulnerability Could Lead To Privilege Escalation
https://notcve.org/view.php?id=CVE-2021-21045
Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by an improper access control vulnerability. An unauthenticated attacker could leverage this vulnerability to elevate privileges in the context of the current user. Acrobat Reader DC versiones 2020.013.20074 (y anteriores), versiones 2020.001.30018 (y anteriores) y versiones 2017.011.30188 (y anteriores), están afectadas por una vulnerabilidad de control de acceso inapropiado. Un atacante no autenticado podría aprovechar esta vulnerabilidad para elevar sus privilegios en el contexto del usuario actual • https://helpx.adobe.com/security/products/acrobat/apsb21-09.html • CWE-284: Improper Access Control •
CVE-2021-21017 – Adobe Acrobat and Reader Heap-based Buffer Overflow Vulnerability
https://notcve.org/view.php?id=CVE-2021-21017
Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by a heap-based buffer overflow vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Acrobat Reader DC versiones 2020.013.20074 (y anteriores), versiones 2020.001.30018 (y anteriores) y versiones 2017.011.30188 (y anteriores), están afectadas por una vulnerabilidad de desbordamiento de búfer en la región heap de la memoria. Un atacante no autenticado podría aprovechar esta vulnerabilidad para alcanzar una ejecución de código arbitraria en el contexto del usuario actual. • https://github.com/ZeusBox/CVE-2021-21017 https://github.com/tzwlhack/CVE-2021-21017 https://helpx.adobe.com/security/products/acrobat/apsb21-09.html • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVE-2021-21060 – Acrobat Pro DC Improper File Parsing Could Lead to Information Disclosure
https://notcve.org/view.php?id=CVE-2021-21060
Adobe Acrobat Pro DC versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by an improper input validation vulnerability. An unauthenticated attacker could leverage this vulnerability to disclose sensitive information in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Adobe Acrobat Pro DC versiones 2020.013.20074 (y anteriores), versiones 2020.001.30018 (y anteriores) y versiones 2017.011.30188 (y anteriores), están afectadas por una vulnerabilidad de comprobación inapropiada de entrada. Un atacante no autenticado podría aprovechar esta vulnerabilidad para revelar información confidencial en el contexto del usuario actual. • https://helpx.adobe.com/security/products/acrobat/apsb21-09.html • CWE-20: Improper Input Validation •
CVE-2021-21033 – Acrobat Reader DC Use-After-Free Vulnerability Could Lead To Arbitrary Code Execution
https://notcve.org/view.php?id=CVE-2021-21033
Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by a Use After Free vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Acrobat Reader DC versiones 2020.013.20074 (y anteriores), versiones 2020.001.30018 (y anteriores) y versiones 2017.011.30188 (y anteriores), están afectadas por una vulnerabilidad Uso de la Memoria Previamente Liberada. Un atacante no autenticado podría aprovechar esta vulnerabilidad para alcanzar una ejecución de código arbitraria en el contexto del usuario actual. • https://helpx.adobe.com/security/products/acrobat/apsb21-09.html • CWE-416: Use After Free •