CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2024-20709 – New Edge T5 MSRC Case [DCMSFT-1081]
https://notcve.org/view.php?id=CVE-2024-20709
15 Jan 2024 — Acrobat Reader T5 (MSFT Edge) versions 120.0.2210.91 and earlier are affected by an Improper Input Validation vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-service in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Las versiones 120.0.2210.91 y anteriores de Acrobat Reader T5 (MSFT Edge) se ven afectadas por una vulnerabilidad de validación de entrada incorrec... • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-20709 • CWE-20: Improper Input Validation •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2024-20721 – T5 Acrobat JS vulnerability - Exploitable crash via t5::javascript::get_page_num_words
https://notcve.org/view.php?id=CVE-2024-20721
15 Jan 2024 — Acrobat Reader T5 (MSFT Edge) versions 120.0.2210.91 and earlier are affected by an Improper Input Validation vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-service in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Las versiones 120.0.2210.91 y anteriores de Acrobat Reader T5 (MSFT Edge) se ven afectadas por una vulnerabilidad de validación de entrada incorrec... • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-20721 • CWE-20: Improper Input Validation •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2021-40723 – Acrobat Reader DC Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2021-40723
07 Sep 2023 — Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Las versiones 2020.013.20074 (y anteriores), 2020.001.30018 (y anteriores) y 2017.011.30188 (y anteri... • https://helpx.adobe.com/security/products/acrobat/apsb21-09.html • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2020-24436 – Acrobat Pro DC PDF Export Out-Of-Bounds Write Vulnerability Could Lead to Arbitrary Code Execution
https://notcve.org/view.php?id=CVE-2020-24436
05 Nov 2020 — Acrobat Pro DC versions 2020.012.20048 (and earlier), 2020.001.30005 (and earlier) and 2017.011.30175 (and earlier) are affected by an out-of-bounds write vulnerability that could result in writing past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. This vulnerability requires user interaction to exploit in that the victim must open a malicious document. Acrobat Pro DC versiones 2020.012.20048 (y anteriores), 2020.0... • https://helpx.adobe.com/security/products/acrobat/apsb20-67.html • CWE-787: Out-of-bounds Write •
CVSS: 2.8EPSS: 0%CPEs: 8EXPL: 0CVE-2020-24439 – Acrobat Reader DC for macOS Signature Validation Bypass
https://notcve.org/view.php?id=CVE-2020-24439
05 Nov 2020 — Acrobat Reader DC for macOS versions 2020.012.20048 (and earlier), 2020.001.30005 (and earlier) and 2017.011.30175 (and earlier) are affected by a security feature bypass. While the practical security impact is minimal, a defense-in-depth fix has been implemented to further harden the Adobe Reader update process. Acrobat Reader DC para macOS versiones 2020.012.20048 (y anteriores), 2020.001.30005 (y anteriores) y 2017.011.30175 (y anteriores) están afectados por una omisión de la característica de seguridad... • https://helpx.adobe.com/security/products/acrobat/apsb20-67.html • CWE-347: Improper Verification of Cryptographic Signature •
CVSS: 9.3EPSS: 0%CPEs: 8EXPL: 0CVE-2020-24433 – Adobe Acrobat Reader DC Local Privilege Escalation via Installer Component
https://notcve.org/view.php?id=CVE-2020-24433
05 Nov 2020 — Adobe Acrobat Reader DC versions 2020.012.20048 (and earlier), 2020.001.30005 (and earlier) and 2017.011.30175 (and earlier) are affected by a local privilege escalation vulnerability that could enable a user without administrator privileges to delete arbitrary files and potentially execute arbitrary code as SYSTEM. Exploitation of this issue requires an attacker to socially engineer a victim, or the attacker must already have some access to the environment. Adobe Acrobat Reader DC versiones 2020.012.20048 ... • https://helpx.adobe.com/security/products/acrobat/apsb20-67.html • CWE-284: Improper Access Control •
CVSS: 4.3EPSS: 0%CPEs: 8EXPL: 0CVE-2020-24438 – Acrobat Reader DC Use-After-Free Vulnerability Could Lead to Information Disclosure
https://notcve.org/view.php?id=CVE-2020-24438
05 Nov 2020 — Acrobat Reader DC versions 2020.012.20048 (and earlier), 2020.001.30005 (and earlier) and 2017.011.30175 (and earlier) are affected by a use-after-free vulnerability that could result in a memory address leak. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Acrobat Reader DC versiones 2020.012.20048 (y anteriores), 2020.001.30005 (y anteriores) y 2017.011.30175 (y anteriores) están afectadas por una vulnerabilidad de uso de la memoria previamente liberada qu... • https://helpx.adobe.com/security/products/acrobat/apsb20-67.html • CWE-416: Use After Free •
CVSS: 4.3EPSS: 0%CPEs: 8EXPL: 0CVE-2020-24434 – Acrobat Pro DC Out-Of-Bounds Read Vulnerability Could Lead to Information Disclosure
https://notcve.org/view.php?id=CVE-2020-24434
05 Nov 2020 — Acrobat Reader DC versions 2020.012.20048 (and earlier), 2020.001.30005 (and earlier) and 2017.011.30175 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Acrobat Reader DC versiones 2020.012.20048 (y anteriores), 2020.001.30005 (y anteriores) y 2017.011.30175 (y a... • https://helpx.adobe.com/security/products/acrobat/apsb20-67.html • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 11%CPEs: 8EXPL: 0CVE-2020-24435 – Acrobat Reader DC Heap-based Buffer Overflow Could Lead to Arbitrary Code Execution
https://notcve.org/view.php?id=CVE-2020-24435
05 Nov 2020 — Acrobat Reader DC versions 2020.012.20048 (and earlier), 2020.001.30005 (and earlier) and 2017.011.30175 (and earlier) are affected by a heap-based buffer overflow vulnerability in the submitForm function, potentially resulting in arbitrary code execution in the context of the current user. Exploitation requires user interaction in that a victim must open a crafted .pdf file in Acrobat Reader. Acrobat Reader DC versiones 2020.012.20048 (y anteriores), 2020.001.30005 (y anteriores) y 2017.011.30175 (y anteri... • https://helpx.adobe.com/security/products/acrobat/apsb20-67.html • CWE-122: Heap-based Buffer Overflow •
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2020-24432 – Acrobat Reader DC Arbitrary JavaScript Execution in PDF Documents
https://notcve.org/view.php?id=CVE-2020-24432
05 Nov 2020 — Acrobat Reader DC versions 2020.012.20048 (and earlier), 2020.001.30005 (and earlier) and 2017.011.30175 (and earlier) and Adobe Acrobat Pro DC 2017.011.30175 (and earlier) are affected by an improper input validation vulnerability that could result in arbitrary JavaScript execution in the context of the current user. To exploit this issue, an attacker must acquire and then modify a certified PDF document that is trusted by the victim. The attacker then needs to convince the victim to open the document. Acr... • https://helpx.adobe.com/security/products/acrobat/apsb20-67.html • CWE-20: Improper Input Validation •