Product:

Acrobat

(Adobe)
Repositories

Unknown:

This might be proprietary software.
#Vulnerabilities 1345
Date Id Summary Products Score Patch Annotated
2024-08-14 CVE-2024-39423 Acrobat Reader versions 20.005.30636, 24.002.20965, 24.002.20964, 24.001.30123 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Acrobat, Acrobat_dc, Acrobat_reader, Acrobat_reader_dc 7.8
2024-08-14 CVE-2024-39424 Acrobat Reader versions 20.005.30636, 24.002.20965, 24.002.20964, 24.001.30123 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Acrobat, Acrobat_dc, Acrobat_reader, Acrobat_reader_dc 7.8
2024-08-14 CVE-2024-39425 Acrobat Reader versions 20.005.30636, 24.002.20965, 24.002.20964, 24.001.30123 and earlier are affected by a Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability that could lead to privilege escalation. Exploitation of this issue require local low-privilege access to the affected system and attack complexity is high. Acrobat, Acrobat_dc, Acrobat_reader, Acrobat_reader_dc 7.0
2024-08-14 CVE-2024-39426 Acrobat Reader versions 20.005.30636, 24.002.20965, 24.002.20964, 24.001.30123 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Acrobat, Acrobat_dc, Acrobat_reader, Acrobat_reader_dc 7.8
2024-08-14 CVE-2024-41831 Acrobat Reader versions 20.005.30636, 24.002.20965, 24.002.20964, 24.001.30123 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Acrobat, Acrobat_dc, Acrobat_reader, Acrobat_reader_dc 7.8
2024-08-14 CVE-2024-41833 Acrobat Reader versions 20.005.30636, 24.002.20965, 24.002.20964, 24.001.30123 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Acrobat, Acrobat_dc, Acrobat_reader, Acrobat_reader_dc 5.5
2024-08-14 CVE-2024-41834 Acrobat Reader versions 20.005.30636, 24.002.20965, 24.002.20964, 24.001.30123 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Acrobat, Acrobat_dc, Acrobat_reader, Acrobat_reader_dc 5.5
2005-06-15 CVE-2005-1306 The Adobe Reader control in Adobe Reader and Acrobat 7.0 and 7.0.1 allows remote attackers to determine the existence of files via Javascript containing XML script, aka the "XML External Entity vulnerability." Acrobat, Acrobat_reader 7.5
2012-04-10 CVE-2012-0777 The JavaScript API in Adobe Reader and Acrobat 9.x before 9.5.1 and 10.x before 10.1.3 on Mac OS X and Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors. Acrobat, Acrobat_reader N/A
2012-01-10 CVE-2011-4370 Adobe Reader and Acrobat before 9.5, and 10.x before 10.1.2, on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-4372 and CVE-2011-4373. Acrobat, Reader 9.8