Multiple vulnerabilities in Adobe Acrobat and Reader



| Updated: 2021-10-13
Risk High
Patch available YES
Number of vulnerabilities 19
CVE-ID CVE-2021-35988
CVE-2021-28638
CVE-2021-28635
CVE-2021-35981
CVE-2021-35983
CVE-2021-28634
CVE-2021-28636
CVE-2021-35984
CVE-2021-35985
CVE-2021-35986
CVE-2021-35987
CVE-2021-28637
CVE-2021-28642
CVE-2021-28639
CVE-2021-28641
CVE-2021-28643
CVE-2021-28640
CVE-2021-28644
CVE-2021-35980
CWE-ID CWE-125
CWE-122
CWE-416
CWE-78
CWE-427
CWE-476
CWE-843
CWE-787
CWE-22
Exploitation vector Network
Public exploit N/A
Vulnerable software
Subscribe
Adobe Acrobat
Client/Desktop applications / Office applications

Adobe Reader
Client/Desktop applications / Office applications

Vendor Adobe

Security Bulletin

This security bulletin contains information about 19 vulnerabilities.

1) Out-of-bounds read

EUVDB-ID: #VU54687

Risk: Low

CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-35988

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to a boundary condition. A remote attacker can create a specially crafted PDF file, trick the victim into opening it, trigger out-of-bounds read error and read contents of memory on the system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Adobe Acrobat: 17.008.30051 - 21.005.20148

Adobe Reader: 21.001.20135 - 2020.013.20074

CPE2.3 External links

http://helpx.adobe.com/security/products/acrobat/apsb21-51.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Heap-based buffer overflow

EUVDB-ID: #VU54708

Risk: High

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-28638

CWE-ID: CWE-122 - Heap-based Buffer Overflow

Exploit availability: No

Description

The vulnerability allows a remote attacker to compromise the affected system

The vulnerability exists due to a boundary condition when processing PDF files. A remote attacker can trick the victim to open a specially crafted PDF document, trigger a heap-based buffer overflow and execute arbitrary code on the system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Adobe Acrobat: 17.008.30051 - 21.005.20148

Adobe Reader: 21.001.20135 - 2020.013.20074

CPE2.3 External links

http://helpx.adobe.com/security/products/acrobat/apsb21-51.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

3) Use-after-free

EUVDB-ID: #VU54696

Risk: High

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-28635

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a remote attacker to compromise the affected system

The vulnerability exists due to a boundary condition when processing PDF files. A remote attacker can trick the victim to open a specially crafted PDF document, trigger a use-after-free error and execute arbitrary code on the system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Adobe Acrobat: 17.008.30051 - 21.005.20148

Adobe Reader: 21.001.20135 - 2020.013.20074

CPE2.3 External links

http://helpx.adobe.com/security/products/acrobat/apsb21-51.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

4) Use-after-free

EUVDB-ID: #VU54695

Risk: High

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-35981

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a remote attacker to compromise the affected system

The vulnerability exists due to a boundary condition when processing PDF files. A remote attacker can trick the victim to open a specially crafted PDF document, trigger a use-after-free error and execute arbitrary code on the system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Adobe Acrobat: 17.008.30051 - 21.005.20148

Adobe Reader: 21.001.20135 - 2020.013.20074

CPE2.3 External links

http://helpx.adobe.com/security/products/acrobat/apsb21-51.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

5) Use-after-free

EUVDB-ID: #VU54694

Risk: High

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-35983

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a remote attacker to compromise the affected system

The vulnerability exists due to a boundary condition when processing PDF files. A remote attacker can trick the victim to open a specially crafted PDF document, trigger a use-after-free error and execute arbitrary code on the system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Adobe Acrobat: 17.008.30051 - 21.005.20148

Adobe Reader: 21.001.20135 - 2020.013.20074

CPE2.3 External links

http://helpx.adobe.com/security/products/acrobat/apsb21-51.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

6) Command injection

EUVDB-ID: #VU54714

Risk: Low

CVSSv3.1: 6.4 [CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-28634

CWE-ID: CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to improper input validation. A local user can execute arbitrary OS commands and escalate privileges on the system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Adobe Acrobat: 17.008.30051 - 21.005.20148

Adobe Reader: 21.001.20135 - 2020.013.20074

CPE2.3 External links

http://helpx.adobe.com/security/products/acrobat/apsb21-51.html


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

7) Insecure DLL loading

EUVDB-ID: #VU54713

Risk: High

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-28636

CWE-ID: CWE-427 - Uncontrolled Search Path Element

Exploit availability: No

Description

The vulnerability allows a remote attacker to compromise vulnerable system.

The vulnerability exists due to the application loads DLL libraries in an insecure manner. A remote attacker can place a specially crafted .dll file on a remote SMB fileshare, trick the victim into opening a file, associated with the vulnerable application, and execute arbitrary code on victim's system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Adobe Acrobat: 17.008.30051 - 21.005.20148

Adobe Reader: 21.001.20135 - 2020.013.20074

CPE2.3 External links

http://helpx.adobe.com/security/products/acrobat/apsb21-51.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

8) NULL pointer dereference

EUVDB-ID: #VU54711

Risk: Low

CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-35984

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a NULL pointer dereference error. A remote attacker can trick the victim to open a specially crafted file and perform a denial of service (DoS) attack.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Adobe Acrobat: 17.008.30051 - 21.005.20148

Adobe Reader: 21.001.20135 - 2020.013.20074

CPE2.3 External links

http://helpx.adobe.com/security/products/acrobat/apsb21-51.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

9) NULL pointer dereference

EUVDB-ID: #VU54710

Risk: Low

CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-35985

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a NULL pointer dereference error. A remote attacker can trick the victim to open a specially crafted file and perform a denial of service (DoS) attack.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Adobe Acrobat: 17.008.30051 - 21.005.20148

Adobe Reader: 21.001.20135 - 2020.013.20074

CPE2.3 External links

http://helpx.adobe.com/security/products/acrobat/apsb21-51.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

10) Type confusion

EUVDB-ID: #VU54698

Risk: High

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-35986

CWE-ID: CWE-843 - Type confusion

Exploit availability: No

Description

The vulnerability allows a remote attacker to compromise the affected system

The vulnerability exists due to a boundary condition within the getAnnots method when processing PDF files. A remote attacker can trick the victim to open a specially crafted PDF document, trigger a type confusion error and execute arbitrary code on the system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Adobe Acrobat: 17.008.30051 - 21.005.20148

Adobe Reader: 21.001.20135 - 2020.013.20074

CPE2.3 External links

http://helpx.adobe.com/security/products/acrobat/apsb21-51.html
http://www.zerodayinitiative.com/advisories/ZDI-21-1145/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

11) Out-of-bounds read

EUVDB-ID: #VU54688

Risk: Low

CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-35987

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to a boundary condition. A remote attacker can create a specially crafted PDF file, trick the victim into opening it, trigger out-of-bounds read error and read contents of memory on the system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Adobe Acrobat: 17.008.30051 - 21.005.20148

Adobe Reader: 21.001.20135 - 2020.013.20074

CPE2.3 External links

http://helpx.adobe.com/security/products/acrobat/apsb21-51.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

12) Out-of-bounds read

EUVDB-ID: #VU54707

Risk: Low

CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-28637

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to a boundary condition. A remote attacker can create a specially crafted PDF file, trick the victim into opening it, trigger out-of-bounds read error and read contents of memory on the system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Adobe Acrobat: 17.008.30051 - 21.005.20148

Adobe Reader: 21.001.20135 - 2020.013.20074

CPE2.3 External links

http://helpx.adobe.com/security/products/acrobat/apsb21-51.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

13) Out-of-bounds write

EUVDB-ID: #VU54706

Risk: High

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-28642

CWE-ID: CWE-787 - Out-of-bounds write

Exploit availability: No

Description

The vulnerability allows a remote attacker to compromise the affected system

The vulnerability exists due to a boundary condition when processing PDF files. A remote attacker can trick the victim to open a specially crafted PDF document, trigger an Out-of-bounds write error and execute arbitrary code on the system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Adobe Acrobat: 17.008.30051 - 21.005.20148

Adobe Reader: 21.001.20135 - 2020.013.20074

CPE2.3 External links

http://helpx.adobe.com/security/products/acrobat/apsb21-51.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

14) Use-after-free

EUVDB-ID: #VU54693

Risk: High

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-28639

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a remote attacker to compromise the affected system

The vulnerability exists due to a boundary condition when processing PDF files. A remote attacker can trick the victim to open a specially crafted PDF document, trigger a use-after-free error and execute arbitrary code on the system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Adobe Acrobat: 17.008.30051 - 21.005.20148

Adobe Reader: 21.001.20135 - 2020.013.20074

CPE2.3 External links

http://helpx.adobe.com/security/products/acrobat/apsb21-51.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

15) Use-after-free

EUVDB-ID: #VU54692

Risk: High

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-28641

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a remote attacker to compromise the affected system

The vulnerability exists due to a boundary condition when processing PDF files. A remote attacker can trick the victim to open a specially crafted PDF document, trigger a use-after-free error and execute arbitrary code on the system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Adobe Acrobat: 17.008.30051 - 21.005.20148

Adobe Reader: 21.001.20135 - 2020.013.20074

CPE2.3 External links

http://helpx.adobe.com/security/products/acrobat/apsb21-51.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

16) Type confusion

EUVDB-ID: #VU54697

Risk: High

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-28643

CWE-ID: CWE-843 - Type confusion

Exploit availability: No

Description

The vulnerability allows a remote attacker to compromise the affected system

The vulnerability exists due to a boundary condition when processing PDF files. A remote attacker can trick the victim to open a specially crafted PDF document, trigger a type confusion error and execute arbitrary code on the system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Adobe Acrobat: 17.008.30051 - 21.005.20148

Adobe Reader: 21.001.20135 - 2020.013.20074

CPE2.3 External links

http://helpx.adobe.com/security/products/acrobat/apsb21-51.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

17) Use-after-free

EUVDB-ID: #VU54691

Risk: High

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-28640

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a remote attacker to compromise the affected system

The vulnerability exists due to a boundary condition when processing PDF files. A remote attacker can trick the victim to open a specially crafted PDF document, trigger a use-after-free error and execute arbitrary code on the system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Adobe Acrobat: 17.008.30051 - 21.005.20148

Adobe Reader: 21.001.20135 - 2020.013.20074

CPE2.3 External links

http://helpx.adobe.com/security/products/acrobat/apsb21-51.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

18) Path traversal

EUVDB-ID: #VU54690

Risk: Medium

CVSSv3.1: 4.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-28644

CWE-ID: CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Exploit availability: No

Description

The vulnerability allows a remote attacker to overwrite arbitrary files on the system.

The vulnerability exists due to an input validation error when processing PDF files. A remote attacker can trick the victim to open a specially crafted PDF document and overwrite arbitrary files on the system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Adobe Acrobat: 17.008.30051 - 21.005.20148

Adobe Reader: 21.001.20135 - 2020.013.20074

CPE2.3 External links

http://helpx.adobe.com/security/products/acrobat/apsb21-51.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

19) Path traversal

EUVDB-ID: #VU54689

Risk: Medium

CVSSv3.1: 4.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-35980

CWE-ID: CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Exploit availability: No

Description

The vulnerability allows a remote attacker to overwrite arbitrary files on the system.

The vulnerability exists due to an input validation error when processing PDF files. A remote attacker can trick the victim to open a specially crafted PDF document and overwrite arbitrary files on the system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Adobe Acrobat: 17.008.30051 - 21.005.20148

Adobe Reader: 21.001.20135 - 2020.013.20074

CPE2.3 External links

http://helpx.adobe.com/security/products/acrobat/apsb21-51.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###