CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2020-9606 – Adobe Acrobat Reader DC Field Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2020-9606
Adobe Acrobat and Reader versions 2020.006.20042 and earlier, 2017.011.30166 and earlier, 2017.011.30166 and earlier, and 2015.006.30518 and earlier have an use-after-free vulnerability. Successful exploitation could lead to arbitrary code execution . Adobe Acrobat and Reader versiones 2020.006.20042 y anteriores, versiones 2017.011.30166 y anteriores, versiones 2017.011.30166 y anteriores, y versiones 2015.006.30518 y anteriores, presentan una vulnerabilidad de uso de la memoria previamente liberada. Una explotación con éxito podría conllevar a una ejecución de código arbitraria This vulnerability allows local attackers to escalate privileges on affected installations of Adobe Reader. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of Field objects. • https://helpx.adobe.com/security/products/acrobat/apsb20-24.html • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2020-3803
https://notcve.org/view.php?id=CVE-2020-3803
Adobe Acrobat and Reader versions 2020.006.20034 and earlier, 2017.011.30158 and earlier, 2017.011.30158 and earlier, 2015.006.30510 and earlier, and 2015.006.30510 and earlier have an insecure library loading (dll hijacking) vulnerability. Successful exploitation could lead to privilege escalation. Adobe Acrobat and Reader versiones 2020.006.20034 y anteriores, versiones 2017.011.30158 y anteriores, versiones 2017.011.30158 y anteriores, versiones 2015.006.30510 y anteriores, y versiones 2015.006.30510 y anteriores, presenta una vulnerabilidad de carga de biblioteca no segura (secuestro de dll). Una explotación con éxito podría conllevar a una escalada de privilegios. • https://helpx.adobe.com/security/products/acrobat/apsb20-13.html • CWE-427: Uncontrolled Search Path Element •
CVSS: 9.8EPSS: 2%CPEs: 8EXPL: 0CVE-2020-3807
https://notcve.org/view.php?id=CVE-2020-3807
Adobe Acrobat and Reader versions 2020.006.20034 and earlier, 2017.011.30158 and earlier, 2017.011.30158 and earlier, 2015.006.30510 and earlier, and 2015.006.30510 and earlier have a buffer overflow vulnerability. Successful exploitation could lead to arbitrary code execution . Adobe Acrobat and Reader versiones 2020.006.20034 y anteriores, versiones 2017.011.30158 y anteriores, versiones 2017.011.30158 y anteriores, versiones 2015.006.30510 y anteriores, y versiones 2015.006.30510 y anteriores, presenta una vulnerabilidad de desbordamiento de búfer. Una explotación con éxito podría conllevar a una ejecución de código arbitraria. • https://helpx.adobe.com/security/products/acrobat/apsb20-13.html • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.5EPSS: 0%CPEs: 8EXPL: 0CVE-2020-3804
https://notcve.org/view.php?id=CVE-2020-3804
Adobe Acrobat and Reader versions 2020.006.20034 and earlier, 2017.011.30158 and earlier, 2017.011.30158 and earlier, 2015.006.30510 and earlier, and 2015.006.30510 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure . Adobe Acrobat and Reader versiones 2020.006.20034 y anteriores, versiones 2017.011.30158 y anteriores, versiones 2017.011.30158 y anteriores, versiones 2015.006.30510 y anteriores, y versiones 2015.006.30510 y anteriores, presenta una vulnerabilidad de lectura fuera de límites. Una explotación con éxito podría conllevar a una divulgación de información. • https://helpx.adobe.com/security/products/acrobat/apsb20-13.html • CWE-125: Out-of-bounds Read •
CVSS: 7.5EPSS: 0%CPEs: 8EXPL: 0CVE-2020-3806
https://notcve.org/view.php?id=CVE-2020-3806
Adobe Acrobat and Reader versions 2020.006.20034 and earlier, 2017.011.30158 and earlier, 2017.011.30158 and earlier, 2015.006.30510 and earlier, and 2015.006.30510 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure . Adobe Acrobat and Reader versiones 2020.006.20034 y anteriores, versiones 2017.011.30158 y anteriores, versiones 2017.011.30158 y anteriores, versiones 2015.006.30510 y anteriores, y versiones 2015.006.30510 y anteriores, presenta una vulnerabilidad de lectura fuera de límites. Una explotación con éxito podría conllevar a una divulgación de información. • https://helpx.adobe.com/security/products/acrobat/apsb20-13.html • CWE-125: Out-of-bounds Read •