CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0CVE-2021-28638 – Adobe Acrobat Reader DC PDF File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2021-28638
Acrobat Reader DC versions 2021.005.20054 (and earlier), 2020.004.30005 (and earlier) and 2017.011.30197 (and earlier) are affected by a Heap-based Buffer overflow vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Acrobat Reader DC versiones 2021.005.20054 (y anteriores), 2020.004.30005 (y anteriores), y 2017.011.30197 (y anteriores), están afectadas por una vulnerabilidad de desbordamiento de búfer en la región Heap de la memoria. Un atacante no autenticado podría aprovechar esta vulnerabilidad para lograr una ejecución de código arbitrario en el contexto del usuario actual. • https://helpx.adobe.com/security/products/acrobat/apsb21-51.html • CWE-122: Heap-based Buffer Overflow •
CVSS: 8.8EPSS: 1%CPEs: 4EXPL: 0CVE-2021-28562 – Adobe Acrobat Reader use-after-free could lead to arbitrary code execution
https://notcve.org/view.php?id=CVE-2021-28562
Acrobat Reader DC versions versions 2021.001.20150 (and earlier), 2020.001.30020 (and earlier) and 2017.011.30194 (and earlier) are affected by a Use After Free vulnerability when executing search queries through Javascript. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Acrobat Reader versiones DC 2021.001.20150 (y anteriores), versiones 2020.001.30020 (y anteriores) y versiones 2017.011.30194 (y anteriores), están afectadas por una vulnerabilidad de Uso de la Memoria Previamente Liberada cuando se ejecutan consultas de búsqueda mediante Javascript. Un atacante no autenticado podría aprovechar esta vulnerabilidad para lograr una ejecución de código arbitrario en el contexto del usuario actual. • https://helpx.adobe.com/security/products/acrobat/apsb21-29.html • CWE-416: Use After Free •
CVSS: 7.8EPSS: 2%CPEs: 10EXPL: 0CVE-2021-28554 – Adobe Acrobat Reader DC Path Parsing Out-Of-Bounds Read could lead to arbitrary code execution
https://notcve.org/view.php?id=CVE-2021-28554
Acrobat Reader DC versions versions 2021.001.20155 (and earlier), 2020.001.30025 (and earlier) and 2017.011.30196 (and earlier) are affected by an Out-of-bounds Read vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Acrobat Reader DC versiones 2021.001.20155 (y anteriores), versiones 2020.001.30025 (y anteriores) y versiones 2017.011.30196 (y anteriores), están afectadas por una vulnerabilidad de Lectura Fuera de Límites. Un atacante no autenticado podría aprovechar esta vulnerabilidad para lograr una ejecución de código arbitrario en el contexto del usuario actual. • https://helpx.adobe.com/security/products/acrobat/apsb21-29.html https://helpx.adobe.com/security/products/acrobat/apsb21-37.html • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 10EXPL: 0CVE-2021-28552 – Adobe Acrobat Reader DC XFA Template Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2021-28552
Acrobat Reader DC versions versions 2021.001.20155 (and earlier), 2020.001.30025 (and earlier) and 2017.011.30196 (and earlier) are affected by an Use After Free vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Acrobat Reader DC versiones 2021.001.20155 (y anteriores), versiones 2020.001.30025 (y anteriores) y versiones 2017.011.30196 (y anteriores), están afectadas por una vulnerabilidad de Uso de la Memoria Previamente Liberada. Un atacante no autenticado podría aprovechar esta vulnerabilidad para lograr una ejecución de código arbitrario en el contexto del usuario actual. • https://helpx.adobe.com/security/products/acrobat/apsb21-29.html https://helpx.adobe.com/security/products/acrobat/apsb21-37.html • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 10EXPL: 0CVE-2021-28631 – Adobe Acrobat Reader DC AcroForm Field Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2021-28631
Acrobat Reader DC versions versions 2021.001.20155 (and earlier), 2020.001.30025 (and earlier) and 2017.011.30196 (and earlier) are affected by an Use After Free vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Acrobat Reader DC versiones 2021.001.20155 (y anteriores), versiones 2020.001.30025 (y anteriores) y versiones 2017.011.30196 (y anteriores), están afectadas por una vulnerabilidad de Uso de la Memoria previamente Liberada. Un atacante no autenticado podría aprovechar esta vulnerabilidad para lograr una ejecución de código arbitrario en el contexto del usuario actual. • https://helpx.adobe.com/security/products/acrobat/apsb21-37.html • CWE-416: Use After Free •