Multiple vulnerabilities in Adobe Acrobat and Adobe Acrobat Reader

Description

Multiple vulnerabilities were found in Adobe Acrobat and Adobe Acrobat Reader. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause denial of service, gain privileges, obtain sensitive information.

Below is a complete list of vulnerabilities:

1. OS command injection vulnerability can be exploited to execute arbitrary code.
2. Use after free vulnerability can be exploited to execute arbitrary code.
3. Information disclosure vulnerability can be exploited to cause denial of service or execute arbitrary code.
4. Code execution vulnerability can be exploited to execute arbitrary code.
5. NULL Pointer Dereference vulnerability can be exploited to dcause denial of service.
6. Out of bounds read vulnerability can be exploited to to gain privileges.
7. Buffer overflow vulnerability can be exploited to execute arbitrary code.
8. Type confusion vulnerability can be exploited to execute arbitrary code.
9. Out of bounds write vulnerability can be exploited to cause denial of service or execute arbitrary code.
10. Out of bounds read vulnerability can be exploited to obtain sensitive information.
11. Type confusion vulnerability can be exploited to cause denial of service

Original advisories

• APSB21-51

Related products

• Adobe-Acrobat-Reader-DC-Continuous
• Adobe-Acrobat-DC-Continuous
• Adobe-Acrobat-Reader-2017
• Adobe-Acrobat-2017
• Adobe-Acrobat-Reader-2020
• Adobe-Acrobat-2020

CVE list

• CVE-2021-28634
  unknown
• CVE-2021-28639
  unknown
• CVE-2021-28644
  unknown
• CVE-2021-28636
  unknown
• CVE-2021-35980
  unknown
• CVE-2021-35983
  unknown
• CVE-2021-35985
  unknown
• CVE-2021-35988
  unknown
• CVE-2021-35981
  unknown
• CVE-2021-28638
  unknown
• CVE-2021-35987
  unknown
• CVE-2021-35984
  unknown
• CVE-2021-28641
  unknown
• CVE-2021-28635
  unknown
• CVE-2021-28640
  unknown
• CVE-2021-28643
  unknown
• CVE-2021-28642
  unknown
• CVE-2021-28637
  unknown
• CVE-2021-35986
  unknown

Read more

Find out the statistics of the vulnerabilities spreading in your region on statistics.securelist.com