Multiple vulnerabilities in Adobe Acrobat and Adobe Acrobat Reader

Descrição

Multiple vulnerabilities were found in Adobe Acrobat and Adobe Acrobat Reader. Malicious users can exploit these vulnerabilities to gain privileges, execute arbitrary code, obtain sensitive information, cause denial of service.

Below is a complete list of vulnerabilities:

1. Signature verification bypass vulnerability can be exploited to gain privileges.
2. Heap-based buffer overflow vulnerability can be exploited to execute arbitrary code.
3. Out-of-bounds write vulnerability can be exploited to execute arbitrary code.
4. Signature validation bypass vulnerability can be exploited to gain privileges.
5. Security feature bypass vulnerability can be exploited to obtain sensitive information and cause denial of service.
6. Use-after-free vulnerability can be exploited to execute arbitrary code.
7. Race Condition vulnerability can be exploited to gain privileges.
8. Improper access control vulnerability can be exploited to gain privileges.
9. Out-of-bounds read vulnerability can be exploited to obtain sensitive information.
10. Improper input validation vulnerability can be exploited to obtain sensitive information.
11. Use-after-free vulnerability can be exploited to obtain sensitive information.
12. Improper input validation vulnerability can be exploited to execute arbitrary code.

Comunicados originais

• APSB20-67

Exploração

Public exploits exist for this vulnerability.

Produtos relacionados

• Adobe-Acrobat-Reader-DC-Continuous
• Adobe-Acrobat-DC-Continuous
• Adobe-Acrobat-Reader-2017
• Adobe-Acrobat-2017
• Adobe-Acrobat-Reader-2020
• Adobe-Acrobat-2020

Lista de CVE

• CVE-2020-24429
  critical
• CVE-2020-24435
  critical
• CVE-2020-24436
  critical
• CVE-2020-24439
  warning
• CVE-2020-24431
  warning
• CVE-2020-24437
  critical
• CVE-2020-24428
  critical
• CVE-2020-24433
  critical
• CVE-2020-24434
  warning
• CVE-2020-24427
  warning
• CVE-2020-24426
  warning
• CVE-2020-24430
  critical
• CVE-2020-24438
  warning
• CVE-2020-24432
  critical

Saiba mais

Descubra as estatísticas das vulnerabilidades que se espalham em sua região statistics.securelist.com