CVE-2020-9612 – Adobe Acrobat Reader DC JPEG2000 File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2020-9612
Adobe Acrobat and Reader versions 2020.006.20042 and earlier, 2017.011.30166 and earlier, 2017.011.30166 and earlier, and 2015.006.30518 and earlier have a heap overflow vulnerability. Successful exploitation could lead to arbitrary code execution . Adobe Acrobat and Reader versiones 2020.006.20042 y anteriores, versiones 2017.011.30166 y anteriores, versiones 2017.011.30166 y anteriores, y versiones 2015.006.30518 y anteriores, presentan una vulnerabilidad de desbordamiento de la pila. Una explotación con éxito podría conllevar a una ejecución de código arbitraria This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Acrobat Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of JPEG2000 images. • https://helpx.adobe.com/security/products/acrobat/apsb20-24.html • CWE-787: Out-of-bounds Write •
CVE-2020-9597 – Adobe Acrobat Reader DC JPEG File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2020-9597
Adobe Acrobat and Reader versions 2020.006.20042 and earlier, 2017.011.30166 and earlier, 2017.011.30166 and earlier, and 2015.006.30518 and earlier have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution . Adobe Acrobat and Reader versiones 2020.006.20042 y anteriores, versiones 2017.011.30166 y anteriores, versiones 2017.011.30166 y anteriores, y versiones 2015.006.30518 y anteriores, presenta una vulnerabilidad de escritura fuera de límites. Una explotación con éxito podría conllevar a una ejecución de código arbitraria This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Acrobat Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JPEG files. • https://helpx.adobe.com/security/products/acrobat/apsb20-24.html • CWE-787: Out-of-bounds Write •
CVE-2020-3803
https://notcve.org/view.php?id=CVE-2020-3803
Adobe Acrobat and Reader versions 2020.006.20034 and earlier, 2017.011.30158 and earlier, 2017.011.30158 and earlier, 2015.006.30510 and earlier, and 2015.006.30510 and earlier have an insecure library loading (dll hijacking) vulnerability. Successful exploitation could lead to privilege escalation. Adobe Acrobat and Reader versiones 2020.006.20034 y anteriores, versiones 2017.011.30158 y anteriores, versiones 2017.011.30158 y anteriores, versiones 2015.006.30510 y anteriores, y versiones 2015.006.30510 y anteriores, presenta una vulnerabilidad de carga de biblioteca no segura (secuestro de dll). Una explotación con éxito podría conllevar a una escalada de privilegios. • https://helpx.adobe.com/security/products/acrobat/apsb20-13.html • CWE-427: Uncontrolled Search Path Element •
CVE-2020-3807
https://notcve.org/view.php?id=CVE-2020-3807
Adobe Acrobat and Reader versions 2020.006.20034 and earlier, 2017.011.30158 and earlier, 2017.011.30158 and earlier, 2015.006.30510 and earlier, and 2015.006.30510 and earlier have a buffer overflow vulnerability. Successful exploitation could lead to arbitrary code execution . Adobe Acrobat and Reader versiones 2020.006.20034 y anteriores, versiones 2017.011.30158 y anteriores, versiones 2017.011.30158 y anteriores, versiones 2015.006.30510 y anteriores, y versiones 2015.006.30510 y anteriores, presenta una vulnerabilidad de desbordamiento de búfer. Una explotación con éxito podría conllevar a una ejecución de código arbitraria. • https://helpx.adobe.com/security/products/acrobat/apsb20-13.html • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVE-2020-3804
https://notcve.org/view.php?id=CVE-2020-3804
Adobe Acrobat and Reader versions 2020.006.20034 and earlier, 2017.011.30158 and earlier, 2017.011.30158 and earlier, 2015.006.30510 and earlier, and 2015.006.30510 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure . Adobe Acrobat and Reader versiones 2020.006.20034 y anteriores, versiones 2017.011.30158 y anteriores, versiones 2017.011.30158 y anteriores, versiones 2015.006.30510 y anteriores, y versiones 2015.006.30510 y anteriores, presenta una vulnerabilidad de lectura fuera de límites. Una explotación con éxito podría conllevar a una divulgación de información. • https://helpx.adobe.com/security/products/acrobat/apsb20-13.html • CWE-125: Out-of-bounds Read •