Acrobat Reader versions 20.005.30636, 24.002.20965, 24.002.20964, 24.001.30123 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Metrics
Affected Vendors & Products
References
History
Thu, 15 Aug 2024 17:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Apple
Apple macos Microsoft Microsoft windows |
|
CPEs | cpe:2.3:a:adobe:acrobat:*:*:*:*:classic:*:*:* cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:* cpe:2.3:a:adobe:acrobat_reader:*:*:*:*:classic:*:*:* cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:* cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:* cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:* |
|
Vendors & Products |
Apple
Apple macos Microsoft Microsoft windows |
Wed, 14 Aug 2024 16:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Adobe
Adobe acrobat Adobe acrobat Dc Adobe acrobat Reader Adobe acrobat Reader Dc |
|
CPEs | cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:* cpe:2.3:a:adobe:acrobat:*:*:*:*:*:macos:*:* cpe:2.3:a:adobe:acrobat:*:*:*:*:*:windows:*:* cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:*:macos:*:* cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:*:windows:*:* cpe:2.3:a:adobe:acrobat_reader:*:*:*:*:*:macos:*:* cpe:2.3:a:adobe:acrobat_reader:*:*:*:*:*:windows:*:* cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:macos:*:* cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:windows:*:* |
|
Vendors & Products |
Adobe
Adobe acrobat Adobe acrobat Dc Adobe acrobat Reader Adobe acrobat Reader Dc |
|
Metrics |
ssvc
|
Wed, 14 Aug 2024 15:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | Acrobat Reader versions 20.005.30636, 24.002.20965, 24.002.20964, 24.001.30123 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |
Title | ZDI-CAN-24569: Adobe Acrobat Reader DC AcroForm Use-After-Free Remote Code Execution Vulnerability | |
Weaknesses | CWE-416 | |
References |
| |
Metrics |
cvssV3_1
|
MITRE
Status: PUBLISHED
Assigner: adobe
Published: 2024-08-14T15:07:30.307Z
Updated: 2024-08-15T03:56:00.949Z
Reserved: 2024-07-22T17:16:40.932Z
Link: CVE-2024-41831
Vulnrichment
Updated: 2024-08-14T15:55:02.332Z
NVD
Status : Analyzed
Published: 2024-08-14T15:15:28.307
Modified: 2024-08-15T17:17:07.897
Link: CVE-2024-41831
Redhat
No data.