Summary
| Detail | |||
|---|---|---|---|
| Vendor | Adobe | First view | 2013-09-12 |
| Product | Acrobat | Last view | 2025-06-10 |
| Version | 11.0.3 | Type | Application |
| Update | * | ||
| Edition | * | ||
| Language | * | ||
| Sofware Edition | * | ||
| Target Software | * | ||
| Target Hardware | * | ||
| Other | * | ||
| CPE Product | cpe:2.3:a:adobe:acrobat | ||
Activity : Overall
Related : CVE
| Date | Alert | Description | |
|---|---|---|---|
| 5.5 | 2025-06-10 | CVE-2025-43579 | Acrobat Reader versions 24.001.30235, 20.005.30763, 25.001.20521 and earlier are affected by an Information Exposure vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to gain unauthorized access to sensitive information. Exploitation of this issue does not require user interaction. |
| 0 | 2025-06-10 | CVE-2025-43578 | Acrobat Reader versions 24.001.30235, 20.005.30763, 25.001.20521 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. |
| 7.8 | 2025-06-10 | CVE-2025-43577 | Acrobat Reader versions 24.001.30235, 20.005.30763, 25.001.20521 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. |
| 0 | 2025-06-10 | CVE-2025-43576 | Acrobat Reader versions 24.001.30235, 20.005.30763, 25.001.20521 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. |
| 7.8 | 2025-06-10 | CVE-2025-43575 | Acrobat Reader versions 24.001.30235, 20.005.30763, 25.001.20521 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. |
| 7.8 | 2025-06-10 | CVE-2025-43574 | Acrobat Reader versions 24.001.30235, 20.005.30763, 25.001.20521 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. |
| 7.8 | 2025-06-10 | CVE-2025-43573 | Acrobat Reader versions 24.001.30235, 20.005.30763, 25.001.20521 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. |
| 7.8 | 2025-06-10 | CVE-2025-43550 | Acrobat Reader versions 24.001.30235, 20.005.30763, 25.001.20521 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. |
| 7.8 | 2025-03-11 | CVE-2025-27174 | Acrobat Reader versions 24.001.30225, 20.005.30748, 25.001.20428 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. |
| 0 | 2025-03-11 | CVE-2025-27164 | Acrobat Reader versions 24.001.30225, 20.005.30748, 25.001.20428 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. |
| 0 | 2025-03-11 | CVE-2025-27163 | Acrobat Reader versions 24.001.30225, 20.005.30748, 25.001.20428 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. |
| 7.8 | 2025-03-11 | CVE-2025-27162 | Acrobat Reader versions 24.001.30225, 20.005.30748, 25.001.20428 and earlier are affected by an Access of Uninitialized Pointer vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. |
| 7.8 | 2025-03-11 | CVE-2025-27161 | Acrobat Reader versions 24.001.30225, 20.005.30748, 25.001.20428 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. |
| 7.8 | 2025-03-11 | CVE-2025-27160 | Acrobat Reader versions 24.001.30225, 20.005.30748, 25.001.20428 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. |
| 7.8 | 2025-03-11 | CVE-2025-27159 | Acrobat Reader versions 24.001.30225, 20.005.30748, 25.001.20428 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. |
| 0 | 2025-03-11 | CVE-2025-27158 | Acrobat Reader versions 24.001.30225, 20.005.30748, 25.001.20428 and earlier are affected by an Access of Uninitialized Pointer vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. |
| 5.5 | 2025-03-11 | CVE-2025-24431 | Acrobat Reader versions 24.001.30225, 20.005.30748, 25.001.20428 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. |
| 5.5 | 2024-12-19 | CVE-2023-21586 | Adobe Acrobat Reader versions 22.003.20282 (and earlier), 22.003.20281 (and earlier) and 20.005.30418 (and earlier) are affected by a NULL Pointer Dereference vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-service in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. |
| 7.8 | 2024-12-19 | CVE-2022-44520 | Acrobat Reader DC version 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. |
| 5.5 | 2024-12-19 | CVE-2022-44519 | Acrobat Reader DC version 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. |
| 7.8 | 2024-12-19 | CVE-2022-44518 | Acrobat Reader DC version 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. |
| 5.5 | 2024-12-19 | CVE-2022-44517 | Acrobat Reader DC version 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. |
| 5.5 | 2024-12-19 | CVE-2022-44516 | Acrobat Reader DC version 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. |
| 5.5 | 2024-12-19 | CVE-2022-44515 | Acrobat Reader DC version 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. |
| 7.8 | 2024-12-19 | CVE-2022-44514 | Acrobat Reader DC version 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. |
CWE : Common Weakness Enumeration
| % | id | Name |
|---|---|---|
| 33% (311) | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
| 23% (217) | CWE-416 | Use After Free |
| 17% (168) | CWE-125 | Out-of-bounds Read |
| 8% (81) | CWE-787 | Out-of-bounds Write |
| 3% (32) | CWE-200 | Information Exposure |
| 2% (24) | CWE-284 | Access Control (Authorization) Issues |
| 1% (15) | CWE-476 | NULL Pointer Dereference |
| 1% (12) | CWE-20 | Improper Input Validation |
| 0% (9) | CWE-190 | Integer Overflow or Wraparound |
| 0% (8) | CWE-94 | Failure to Control Generation of Code ('Code Injection') |
| 0% (7) | CWE-772 | Missing Release of Resource after Effective Lifetime |
| 0% (5) | CWE-704 | Incorrect Type Conversion or Cast |
| 0% (5) | CWE-122 | Heap-based Buffer Overflow |
| 0% (3) | CWE-427 | Uncontrolled Search Path Element |
| 0% (3) | CWE-399 | Resource Management Errors |
| 0% (3) | CWE-367 | Time-of-check Time-of-use (TOCTOU) Race Condition |
| 0% (3) | CWE-269 | Improper Privilege Management |
| 0% (3) | CWE-264 | Permissions, Privileges, and Access Controls |
| 0% (3) | CWE-189 | Numeric Errors |
| 0% (3) | CWE-121 | Stack-based Buffer Overflow |
| 0% (3) | CWE-22 | Improper Limitation of a Pathname to a Restricted Directory ('Path ... |
| 0% (2) | CWE-379 | Creation of Temporary File in Directory with Incorrect Permissions |
| 0% (2) | CWE-353 | Failure to Add Integrity Check Value |
| 0% (2) | CWE-347 | Improper Verification of Cryptographic Signature |
| 0% (2) | CWE-254 | Security Features |
Information Assurance Vulnerability Management (IAVM)
| id | Description |
|---|---|
| 2015-A-0151 | Multiple Vulnerabilities in Adobe Reader and Acrobat Severity: Category I - VMSKEY: V0061075 |
| 2014-A-0070 | Multiple Vulnerabilities in Adobe Reader and Acrobat Severity: Category I - VMSKEY: V0050439 |
| 2014-A-0002 | Multiple Vulnerabilities in Adobe Reader and Acrobat Severity: Category I - VMSKEY: V0043407 |
| 2013-A-0186 | Adobe Reader and Acrobat Javascript Security Control Vulnerability Severity: Category II - VMSKEY: V0040754 |
| 2013-A-0169 | Multiple Vulnerabilities in Adobe Reader and Acrobat Severity: Category I - VMSKEY: V0040296 |
Snort® IPS/IDS
| Date | Description |
|---|---|
| 2020-01-14 | Adobe Acrobat Reader embedded font type max subroutine buffer overflow attempt RuleID : 52466 - Type : FILE-PDF - Revision : 1 |
| 2020-01-14 | Adobe Acrobat Reader embedded font type max subroutine buffer overflow attempt RuleID : 52465 - Type : FILE-PDF - Revision : 1 |
| 2020-01-14 | Adobe Acrobat Reader embedded font type max subroutine buffer overflow attempt RuleID : 52464 - Type : FILE-PDF - Revision : 1 |
| 2020-01-14 | Adobe Acrobat Reader embedded font type max subroutine buffer overflow attempt RuleID : 52463 - Type : FILE-PDF - Revision : 1 |
| 2019-09-24 | Adobe Acrobat Reader RGB color table out of bounds read attempt RuleID : 51163 - Type : FILE-PDF - Revision : 1 |
| 2019-09-24 | Adobe Acrobat Reader RGB color table out of bounds read attempt RuleID : 51162 - Type : FILE-PDF - Revision : 1 |
| 2019-09-17 | Adobe Reader SFNT out of bounds memory read attempt RuleID : 51026 - Type : FILE-PDF - Revision : 1 |
| 2019-09-17 | Adobe Reader SFNT out of bounds memory read attempt RuleID : 51025 - Type : FILE-PDF - Revision : 1 |
| 2019-07-16 | Adobe Acrobat TIFF heap buffer overflow attempt RuleID : 50444 - Type : FILE-IMAGE - Revision : 2 |
| 2019-07-16 | Adobe Acrobat TIFF heap buffer overflow attempt RuleID : 50443 - Type : FILE-IMAGE - Revision : 2 |
| 2019-07-16 | Adobe Acrobat TIFF heap buffer overflow attempt RuleID : 50442 - Type : FILE-IMAGE - Revision : 2 |
| 2019-07-16 | Adobe Acrobat TIFF heap buffer overflow attempt RuleID : 50441 - Type : FILE-IMAGE - Revision : 2 |
| 2019-03-12 | Adobe Acrobat TIFF heap buffer overflow attempt RuleID : 49125 - Type : FILE-IMAGE - Revision : 2 |
| 2019-03-12 | Adobe Acrobat TIFF heap buffer overflow attempt RuleID : 49124 - Type : FILE-IMAGE - Revision : 2 |
| 2019-03-12 | Adobe Acrobat TIFF heap buffer overflow attempt RuleID : 49123 - Type : FILE-IMAGE - Revision : 2 |
| 2019-03-12 | Adobe Acrobat TIFF heap buffer overflow attempt RuleID : 49122 - Type : FILE-IMAGE - Revision : 2 |
| 2018-05-01 | Adobe Acrobat Pro JPEG embedded XPS file heap overflow attempt RuleID : 46118 - Type : FILE-OTHER - Revision : 1 |
| 2018-05-01 | Adobe Acrobat Pro JPEG embedded XPS file heap overflow attempt RuleID : 46117 - Type : FILE-OTHER - Revision : 1 |
| 2018-04-27 | Adobe Acrobat EMF malformed Object record out-of-bounds access attempt RuleID : 46054 - Type : FILE-OTHER - Revision : 1 |
| 2018-04-27 | Adobe Acrobat EMF malformed Object record out-of-bounds access attempt RuleID : 46053 - Type : FILE-OTHER - Revision : 1 |
| 2018-04-19 | Adobe Acrobat Pro path element out of bounds memory access attempt RuleID : 45990 - Type : FILE-OTHER - Revision : 1 |
| 2018-04-19 | Adobe Acrobat Pro path element out of bounds memory access attempt RuleID : 45989 - Type : FILE-OTHER - Revision : 1 |
| 2018-04-11 | Adobe Acrobat Reader getAnnotsRichMedia return type confusion attempt RuleID : 45869 - Type : FILE-PDF - Revision : 1 |
| 2018-04-11 | Adobe Acrobat Reader getAnnotsRichMedia return type confusion attempt RuleID : 45868 - Type : FILE-PDF - Revision : 1 |
| 2018-04-11 | Adobe Acrobat Reader invalid trailer memory corruption attempt RuleID : 45867 - Type : FILE-PDF - Revision : 2 |
Nessus® Vulnerability Scanner
| id | Description |
|---|---|
| 2018-02-15 | Name: The version of Adobe Reader installed on the remote host is affected by multi... File: macosx_adobe_reader_apsb18-02.nasl - Type: ACT_GATHER_INFO |
| 2018-02-15 | Name: The version of Adobe Acrobat installed on the remote host is affected by mult... File: macosx_adobe_acrobat_apsb18-02.nasl - Type: ACT_GATHER_INFO |
| 2018-02-15 | Name: The version of Adobe Reader installed on the remote Windows host is affected ... File: adobe_reader_apsb18-02.nasl - Type: ACT_GATHER_INFO |
| 2018-02-15 | Name: The version of Adobe Acrobat installed on the remote Windows host is affected... File: adobe_acrobat_apsb18-02.nasl - Type: ACT_GATHER_INFO |
| 2017-11-17 | Name: The version of Adobe Reader installed on the remote host is affected by multi... File: macosx_adobe_reader_apsb17-36.nasl - Type: ACT_GATHER_INFO |
| 2017-11-17 | Name: The version of Adobe Acrobat installed on the remote host is affected by mult... File: macosx_adobe_acrobat_apsb17-36.nasl - Type: ACT_GATHER_INFO |
| 2017-11-16 | Name: The version of Adobe Reader installed on the remote Windows host is affected ... File: adobe_reader_apsb17-36.nasl - Type: ACT_GATHER_INFO |
| 2017-11-16 | Name: The version of Adobe Acrobat installed on the remote Windows host is affected... File: adobe_acrobat_apsb17-36.nasl - Type: ACT_GATHER_INFO |
| 2017-11-06 | Name: The remote Debian host is missing a security update. File: debian_DLA-1161.nasl - Type: ACT_GATHER_INFO |
| 2017-08-11 | Name: The version of Adobe Reader installed on the remote host is affected by multi... File: macosx_adobe_reader_apsb17-24.nasl - Type: ACT_GATHER_INFO |
| 2017-08-11 | Name: The version of Adobe Acrobat installed on the remote Windows host is affected... File: adobe_acrobat_apsb17-24.nasl - Type: ACT_GATHER_INFO |
| 2017-08-11 | Name: The version of Adobe Reader installed on the remote Windows host is affected ... File: adobe_reader_apsb17-24.nasl - Type: ACT_GATHER_INFO |
| 2017-08-11 | Name: The version of Adobe Acrobat installed on the remote host is affected by mult... File: macosx_adobe_acrobat_apsb17-24.nasl - Type: ACT_GATHER_INFO |
| 2017-04-14 | Name: The version of Adobe Reader installed on the remote host is affected by multi... File: macosx_adobe_reader_apsb17-11.nasl - Type: ACT_GATHER_INFO |
| 2017-04-14 | Name: The version of Adobe Acrobat installed on the remote host is affected by mult... File: macosx_adobe_acrobat_apsb17-11.nasl - Type: ACT_GATHER_INFO |
| 2017-04-14 | Name: The version of Adobe Reader installed on the remote Windows host is affected ... File: adobe_reader_apsb17-11.nasl - Type: ACT_GATHER_INFO |
| 2017-04-14 | Name: The version of Adobe Acrobat installed on the remote Windows host is affected... File: adobe_acrobat_apsb17-11.nasl - Type: ACT_GATHER_INFO |
| 2017-01-12 | Name: The version of Adobe Acrobat installed on the remote macOS or Mac OS X host i... File: macosx_adobe_acrobat_apsb17-01.nasl - Type: ACT_GATHER_INFO |
| 2017-01-12 | Name: The version of Adobe Acrobat installed on the remote Windows host is affected... File: adobe_acrobat_apsb17-01.nasl - Type: ACT_GATHER_INFO |
| 2017-01-12 | Name: The version of Adobe Reader installed on the remote Windows host is affected ... File: adobe_reader_apsb17-01.nasl - Type: ACT_GATHER_INFO |
| 2017-01-12 | Name: The version of Adobe Reader installed on the remote macOS or Mac OS X host is... File: macosx_adobe_reader_apsb17-01.nasl - Type: ACT_GATHER_INFO |
| 2016-10-14 | Name: The version of Adobe Reader installed on the remote macOS or Mac OS X host is... File: macosx_adobe_reader_apsb16-33.nasl - Type: ACT_GATHER_INFO |
| 2016-10-14 | Name: The version of Adobe Acrobat installed on the remote macOS or Mac OS X host i... File: macosx_adobe_acrobat_apsb16-33.nasl - Type: ACT_GATHER_INFO |
| 2016-10-14 | Name: The version of Adobe Reader installed on the remote Windows host is affected ... File: adobe_reader_apsb16-33.nasl - Type: ACT_GATHER_INFO |
| 2016-10-14 | Name: The version of Adobe Acrobat installed on the remote Windows host is affected... File: adobe_acrobat_apsb16-33.nasl - Type: ACT_GATHER_INFO |
