Multiple vulnerabilities in Adobe Acrobat and Adobe Acrobat Reader

Descripción

Multiple vulnerabilities were found in Adobe Acrobat and Adobe Acrobat Reader. Malicious users can exploit these vulnerabilities to gain privileges, execute arbitrary code, obtain sensitive information, cause denial of service.

Below is a complete list of vulnerabilities:

1. Signature verification bypass vulnerability can be exploited to gain privileges.
2. Heap-based buffer overflow vulnerability can be exploited to execute arbitrary code.
3. Out-of-bounds write vulnerability can be exploited to execute arbitrary code.
4. Signature validation bypass vulnerability can be exploited to gain privileges.
5. Security feature bypass vulnerability can be exploited to obtain sensitive information and cause denial of service.
6. Use-after-free vulnerability can be exploited to execute arbitrary code.
7. Race Condition vulnerability can be exploited to gain privileges.
8. Improper access control vulnerability can be exploited to gain privileges.
9. Out-of-bounds read vulnerability can be exploited to obtain sensitive information.
10. Improper input validation vulnerability can be exploited to obtain sensitive information.
11. Use-after-free vulnerability can be exploited to obtain sensitive information.
12. Improper input validation vulnerability can be exploited to execute arbitrary code.

Notas informativas originales

• APSB20-67

Explotación

Public exploits exist for this vulnerability.

Productos relacionados

• Adobe-Acrobat-Reader-DC-Continuous
• Adobe-Acrobat-DC-Continuous
• Adobe-Acrobat-Reader-2017
• Adobe-Acrobat-2017
• Adobe-Acrobat-Reader-2020
• Adobe-Acrobat-2020

Lista CVE

• CVE-2020-24429
  critical
• CVE-2020-24435
  critical
• CVE-2020-24436
  critical
• CVE-2020-24439
  warning
• CVE-2020-24431
  warning
• CVE-2020-24437
  critical
• CVE-2020-24428
  critical
• CVE-2020-24433
  critical
• CVE-2020-24434
  warning
• CVE-2020-24427
  warning
• CVE-2020-24426
  warning
• CVE-2020-24430
  critical
• CVE-2020-24438
  warning
• CVE-2020-24432
  critical

Leer más

Conozca las estadísticas de las vulnerabilidades que se propagan en su región statistics.securelist.com