Kaspersky ID:
KLA11991
Detect Date:
11/03/2020
Updated:
01/25/2024

Description

Multiple vulnerabilities were found in Adobe Acrobat and Adobe Acrobat Reader. Malicious users can exploit these vulnerabilities to gain privileges, execute arbitrary code, obtain sensitive information, cause denial of service.

Below is a complete list of vulnerabilities:

  1. Signature verification bypass vulnerability can be exploited to gain privileges.
  2. Heap-based buffer overflow vulnerability can be exploited to execute arbitrary code.
  3. Out-of-bounds write vulnerability can be exploited to execute arbitrary code.
  4. Signature validation bypass vulnerability can be exploited to gain privileges.
  5. Security feature bypass vulnerability can be exploited to obtain sensitive information and cause denial of service.
  6. Use-after-free vulnerability can be exploited to execute arbitrary code.
  7. Race Condition vulnerability can be exploited to gain privileges.
  8. Improper access control vulnerability can be exploited to gain privileges.
  9. Out-of-bounds read vulnerability can be exploited to obtain sensitive information.
  10. Improper input validation vulnerability can be exploited to obtain sensitive information.
  11. Use-after-free vulnerability can be exploited to obtain sensitive information.
  12. Improper input validation vulnerability can be exploited to execute arbitrary code.

Original advisories

Related products

CVE list

  • CVE-2020-24429
    critical
  • CVE-2020-24435
    critical
  • CVE-2020-24436
    critical
  • CVE-2020-24439
    warning
  • CVE-2020-24431
    warning
  • CVE-2020-24437
    critical
  • CVE-2020-24428
    critical
  • CVE-2020-24433
    critical
  • CVE-2020-24434
    warning
  • CVE-2020-24427
    warning
  • CVE-2020-24426
    warning
  • CVE-2020-24430
    critical
  • CVE-2020-24438
    warning
  • CVE-2020-24432
    critical

Read more

Find out the statistics of the vulnerabilities spreading in your region on statistics.securelist.com

Found an inaccuracy in the description of this vulnerability? Let us know!
Kaspersky Next
Let’s go Next: redefine your business’s cybersecurity
Learn more
New Kaspersky!
Your digital life deserves complete protection!
Learn more
Confirm changes?
Your message has been sent successfully.