Summary
| Detail | |||
|---|---|---|---|
| Vendor | Adobe | First view | 2014-09-17 |
| Product | Acrobat Reader Dc | Last view | 2024-02-15 |
| Version | 15.006.30456 | Type | Application |
| Update | * | ||
| Edition | * | ||
| Language | * | ||
| Sofware Edition | classic | ||
| Target Software | * | ||
| Target Hardware | * | ||
| Other | * | ||
| CPE Product | cpe:2.3:a:adobe:acrobat_reader_dc | ||
Activity : Overall
Related : CVE
| Date | Alert | Description | |
|---|---|---|---|
| 5.5 | 2024-02-15 | CVE-2024-20749 | Acrobat Reader versions 20.005.30539, 23.008.20470 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. |
| 5.5 | 2024-02-15 | CVE-2024-20748 | Acrobat Reader versions 20.005.30539, 23.008.20470 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. |
| 5.5 | 2024-02-15 | CVE-2024-20747 | Acrobat Reader versions 20.005.30539, 23.008.20470 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. |
| 5.5 | 2024-02-15 | CVE-2024-20736 | Acrobat Reader versions 20.005.30539, 23.008.20470 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. |
| 5.5 | 2024-02-15 | CVE-2024-20735 | Acrobat Reader versions 20.005.30539, 23.008.20470 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. |
| 5.5 | 2024-02-15 | CVE-2024-20734 | Acrobat Reader versions 20.005.30539, 23.008.20470 and earlier are affected by a Use After Free vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. |
| 5.5 | 2024-02-15 | CVE-2024-20733 | Acrobat Reader versions 20.005.30539, 23.008.20470 and earlier are affected by an Improper Input Validation vulnerability that could lead to an application denial-of-service. An attacker could leverage this vulnerability to cause the application to crash, resulting in a denial of service. Exploitation of this issue requires user interaction in that a victim must open a malicious file. |
| 7.8 | 2024-02-15 | CVE-2024-20731 | Acrobat Reader versions 20.005.30539, 23.008.20470 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. |
| 7.8 | 2024-02-15 | CVE-2024-20730 | Acrobat Reader versions 20.005.30539, 23.008.20470 and earlier are affected by an Integer Overflow or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. |
| 7.8 | 2024-02-15 | CVE-2024-20729 | Acrobat Reader versions 20.005.30539, 23.008.20470 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. |
| 7.8 | 2024-02-15 | CVE-2024-20728 | Acrobat Reader versions 20.005.30539, 23.008.20470 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. |
| 7.8 | 2024-02-15 | CVE-2024-20727 | Acrobat Reader versions 20.005.30539, 23.008.20470 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. |
| 7.8 | 2024-02-15 | CVE-2024-20726 | Acrobat Reader versions 20.005.30539, 23.008.20470 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. |
| 7.8 | 2023-11-16 | CVE-2023-44372 | Adobe Acrobat Reader versions 23.006.20360 (and earlier) and 20.005.30524 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. |
| 7.8 | 2023-11-16 | CVE-2023-44371 | Adobe Acrobat Reader versions 23.006.20360 (and earlier) and 20.005.30524 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. |
| 7.8 | 2023-11-16 | CVE-2023-44367 | Adobe Acrobat Reader versions 23.006.20360 (and earlier) and 20.005.30524 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. |
| 7.8 | 2023-11-16 | CVE-2023-44366 | Adobe Acrobat Reader versions 23.006.20360 (and earlier) and 20.005.30524 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. |
| 7.8 | 2023-11-16 | CVE-2023-44365 | Adobe Acrobat Reader versions 23.006.20360 (and earlier) and 20.005.30524 (and earlier) are affected by an Access of Uninitialized Pointer vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. |
| 5.5 | 2023-11-16 | CVE-2023-44361 | Adobe Acrobat Reader versions 23.006.20360 (and earlier) and 20.005.30524 (and earlier) are affected by a Use After Free vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. |
| 5.5 | 2023-11-16 | CVE-2023-44360 | Adobe Acrobat Reader versions 23.006.20360 (and earlier) and 20.005.30524 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. |
| 7.8 | 2023-11-16 | CVE-2023-44359 | Adobe Acrobat Reader versions 23.006.20360 (and earlier) and 20.005.30524 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. |
| 5.5 | 2023-11-16 | CVE-2023-44358 | Adobe Acrobat Reader versions 23.006.20360 (and earlier) and 20.005.30524 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. |
| 5.5 | 2023-11-16 | CVE-2023-44357 | Adobe Acrobat Reader versions 23.006.20360 (and earlier) and 20.005.30524 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. |
| 5.5 | 2023-11-16 | CVE-2023-44356 | Adobe Acrobat Reader versions 23.006.20360 (and earlier) and 20.005.30524 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. |
| 5.5 | 2023-11-16 | CVE-2023-44348 | Adobe Acrobat Reader versions 23.006.20360 (and earlier) and 20.005.30524 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. |
CWE : Common Weakness Enumeration
| % | id | Name |
|---|---|---|
| 30% (469) | CWE-125 | Out-of-bounds Read |
| 24% (378) | CWE-416 | Use After Free |
| 20% (316) | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
| 13% (214) | CWE-787 | Out-of-bounds Write |
| 1% (30) | CWE-200 | Information Exposure |
| 1% (25) | CWE-476 | NULL Pointer Dereference |
| 1% (18) | CWE-190 | Integer Overflow or Wraparound |
| 0% (13) | CWE-704 | Incorrect Type Conversion or Cast |
| 0% (12) | CWE-20 | Improper Input Validation |
| 0% (10) | CWE-284 | Access Control (Authorization) Issues |
| 0% (8) | CWE-120 | Buffer Copy without Checking Size of Input ('Classic Buffer Overflo... |
| 0% (7) | CWE-772 | Missing Release of Resource after Effective Lifetime |
| 0% (6) | CWE-427 | Uncontrolled Search Path Element |
| 0% (6) | CWE-415 | Double Free |
| 0% (6) | CWE-122 | Heap-based Buffer Overflow |
| 0% (4) | CWE-269 | Improper Privilege Management |
| 0% (4) | CWE-22 | Improper Limitation of a Pathname to a Restricted Directory ('Path ... |
| 0% (3) | CWE-401 | Failure to Release Memory Before Removing Last Reference ('Memory L... |
| 0% (3) | CWE-400 | Uncontrolled Resource Consumption ('Resource Exhaustion') |
| 0% (3) | CWE-347 | Improper Verification of Cryptographic Signature |
| 0% (3) | CWE-121 | Stack-based Buffer Overflow |
| 0% (2) | CWE-379 | Creation of Temporary File in Directory with Incorrect Permissions |
| 0% (2) | CWE-362 | Race Condition |
| 0% (2) | CWE-353 | Failure to Add Integrity Check Value |
| 0% (2) | CWE-254 | Security Features |
Information Assurance Vulnerability Management (IAVM)
| id | Description |
|---|---|
| 2015-A-0151 | Multiple Vulnerabilities in Adobe Reader and Acrobat Severity: Category I - VMSKEY: V0061075 |
Snort® IPS/IDS
| Date | Description |
|---|---|
| 2020-07-07 | Adobe Reader custom JavaScript field use-after-free attempt RuleID : 54190 - Type : FILE-PDF - Revision : 1 |
| 2020-07-07 | Adobe Reader custom JavaScript field use-after-free attempt RuleID : 54189 - Type : FILE-PDF - Revision : 1 |
| 2020-12-05 | TRUFFLEHUNTER TALOS-2020-1031 attack attempt RuleID : 53564 - Type : FILE-PDF - Revision : 2 |
| 2020-12-05 | TRUFFLEHUNTER TALOS-2020-1031 attack attempt RuleID : 53563 - Type : FILE-PDF - Revision : 3 |
| 2020-12-05 | TRUFFLEHUNTER TALOS-2020-1028 attack attempt RuleID : 53486 - Type : FILE-PDF - Revision : 2 |
| 2020-12-05 | TRUFFLEHUNTER TALOS-2020-1028 attack attempt RuleID : 53485 - Type : FILE-PDF - Revision : 2 |
| 2020-03-24 | Adobe Acrobat CTextWidget memory corruption attempt RuleID : 53149 - Type : FILE-PDF - Revision : 1 |
| 2020-03-24 | Adobe Acrobat CTextWidget memory corruption attempt RuleID : 53148 - Type : FILE-PDF - Revision : 1 |
| 2020-01-07 | Adobe Acrobat and Reader crafted .joboptions file download attempt RuleID : 52383 - Type : FILE-OTHER - Revision : 1 |
| 2019-12-03 | Adobe Acrobat Reader JP2 image stream parsing double free attempt RuleID : 52041 - Type : FILE-PDF - Revision : 1 |
| 2019-12-03 | Adobe Acrobat Reader JP2 image stream parsing double free attempt RuleID : 52040 - Type : FILE-PDF - Revision : 1 |
| 2019-10-01 | Adobe Acrobat XPS TTF cmap out-of-bounds read attempt RuleID : 51380 - Type : FILE-OTHER - Revision : 1 |
| 2019-10-01 | Adobe Acrobat XPS TTF cmap out-of-bounds read attempt RuleID : 51379 - Type : FILE-OTHER - Revision : 1 |
| 2019-08-27 | Schneider Electric Quantum modicon ethernet module unauthenticated password r... RuleID : 50779 - Type : SERVER-WEBAPP - Revision : 1 |
| 2019-07-16 | Adobe Acrobat double free attempt RuleID : 50449 - Type : FILE-PDF - Revision : 1 |
| 2019-07-16 | Adobe Acrobat double free attempt RuleID : 50448 - Type : FILE-PDF - Revision : 1 |
| 2019-07-16 | Adobe Acrobat TIFF heap buffer overflow attempt RuleID : 50444 - Type : FILE-IMAGE - Revision : 2 |
| 2019-07-16 | Adobe Acrobat TIFF heap buffer overflow attempt RuleID : 50443 - Type : FILE-IMAGE - Revision : 2 |
| 2019-07-16 | Adobe Acrobat TIFF heap buffer overflow attempt RuleID : 50442 - Type : FILE-IMAGE - Revision : 2 |
| 2019-07-16 | Adobe Acrobat TIFF heap buffer overflow attempt RuleID : 50441 - Type : FILE-IMAGE - Revision : 2 |
| 2019-07-04 | Adobe Acrobat execCalculate use after free attempt RuleID : 50298 - Type : FILE-PDF - Revision : 2 |
| 2019-07-04 | Adobe Acrobat execCalculate use after free attempt RuleID : 50297 - Type : FILE-PDF - Revision : 2 |
| 2019-07-02 | Adobe Acrobat out-of-bounds read attempt RuleID : 50272 - Type : FILE-PDF - Revision : 1 |
| 2019-07-02 | Adobe Acrobat out-of-bounds read attempt RuleID : 50271 - Type : FILE-PDF - Revision : 1 |
| 2019-07-02 | Adobe Acrobat out-of-bounds read attempt RuleID : 50257 - Type : FILE-OTHER - Revision : 1 |
Nessus® Vulnerability Scanner
| id | Description |
|---|---|
| 2019-01-04 | Name: The version of Adobe Reader installed on the remote macOS host is affected by... File: macosx_adobe_reader_apsb19-02.nasl - Type: ACT_GATHER_INFO |
| 2019-01-04 | Name: The version of Adobe Acrobat installed on the remote macOS host is affected b... File: macosx_adobe_acrobat_apsb19-02.nasl - Type: ACT_GATHER_INFO |
| 2019-01-04 | Name: The version of Adobe Reader installed on the remote Windows host is affected ... File: adobe_reader_apsb19-02.nasl - Type: ACT_GATHER_INFO |
| 2019-01-04 | Name: The version of Adobe Acrobat installed on the remote Windows host is affected... File: adobe_acrobat_apsb19-02.nasl - Type: ACT_GATHER_INFO |
| 2018-12-14 | Name: The version of Adobe Reader installed on the remote host is affected by multi... File: macosx_adobe_reader_apsb18-41.nasl - Type: ACT_GATHER_INFO |
| 2018-12-14 | Name: The version of Adobe Acrobat installed on the remote host is affected by mult... File: macosx_adobe_acrobat_apsb18-41.nasl - Type: ACT_GATHER_INFO |
| 2018-12-14 | Name: The version of Adobe Reader installed on the remote Windows host is affected ... File: adobe_reader_apsb18-41.nasl - Type: ACT_GATHER_INFO |
| 2018-12-14 | Name: The version of Adobe Acrobat installed on the remote Windows host is affected... File: adobe_acrobat_apsb18-41.nasl - Type: ACT_GATHER_INFO |
| 2018-11-14 | Name: The version of Adobe Acrobat installed on the remote Windows host is affected... File: adobe_acrobat_apsb18-40.nasl - Type: ACT_GATHER_INFO |
| 2018-11-14 | Name: The version of Adobe Reader installed on the remote Windows host is affected ... File: adobe_reader_apsb18-40.nasl - Type: ACT_GATHER_INFO |
| 2018-10-02 | Name: The version of Adobe Reader installed on the remote host is affected by multi... File: macosx_adobe_reader_apsb18-30.nasl - Type: ACT_GATHER_INFO |
| 2018-10-02 | Name: The version of Adobe Acrobat installed on the remote host is affected by mult... File: macosx_adobe_acrobat_apsb18-30.nasl - Type: ACT_GATHER_INFO |
| 2018-10-02 | Name: The version of Adobe Reader installed on the remote Windows host is affected ... File: adobe_reader_apsb18-30.nasl - Type: ACT_GATHER_INFO |
| 2018-10-02 | Name: The version of Adobe Acrobat installed on the remote Windows host is affected... File: adobe_acrobat_apsb18-30.nasl - Type: ACT_GATHER_INFO |
| 2018-09-19 | Name: The version of Adobe Reader installed on the remote host is affected by multi... File: macosx_adobe_reader_apsb18-34.nasl - Type: ACT_GATHER_INFO |
| 2018-09-19 | Name: The version of Adobe Acrobat installed on the remote host is affected by mult... File: macosx_adobe_acrobat_apsb18-34.nasl - Type: ACT_GATHER_INFO |
| 2018-09-19 | Name: The version of Adobe Reader installed on the remote Windows host is affected ... File: adobe_reader_apsb18-34.nasl - Type: ACT_GATHER_INFO |
| 2018-09-19 | Name: The version of Adobe Acrobat installed on the remote Windows host is affected... File: adobe_acrobat_apsb18-34.nasl - Type: ACT_GATHER_INFO |
| 2018-08-16 | Name: The version of Adobe Reader installed on the remote Windows host is affected ... File: adobe_reader_apsb18-29.nasl - Type: ACT_GATHER_INFO |
| 2018-08-16 | Name: The version of Adobe Acrobat installed on the remote Windows host is affected... File: adobe_acrobat_apsb18-29.nasl - Type: ACT_GATHER_INFO |
| 2018-08-16 | Name: The version of Adobe Acrobat installed on the remote host is affected by mult... File: macosx_adobe_acrobat_apsb18-29.nasl - Type: ACT_GATHER_INFO |
| 2018-08-16 | Name: The version of Adobe Reader installed on the remote host is affected by multi... File: macosx_adobe_reader_apsb18-29.nasl - Type: ACT_GATHER_INFO |
| 2018-07-12 | Name: The version of Adobe Reader installed on the remote host is affected by multi... File: macosx_adobe_reader_apsb18-21.nasl - Type: ACT_GATHER_INFO |
| 2018-07-12 | Name: The version of Adobe Acrobat installed on the remote host is affected by mult... File: macosx_adobe_acrobat_apsb18-21.nasl - Type: ACT_GATHER_INFO |
| 2018-07-12 | Name: The version of Adobe Reader installed on the remote Windows host is affected ... File: adobe_reader_apsb18-21.nasl - Type: ACT_GATHER_INFO |
