CVE-2021-39843
Adobe Acrobat Reader XObject Out-of-Bound Write Vulnerability
In short
Adobe Acrobat Reader has a memory flaw that allows attackers to run malicious code on your computer if you open a specially crafted PDF file. This happens because the software writes data beyond the intended memory boundaries.
Technical detail
Out-of-bounds write vulnerability in Adobe Acrobat Reader (versions 2021.005.20060 and earlier, 2020.004.30006 and earlier, 2017.011.30199 and earlier) allowing arbitrary code execution with user privileges. Attack vector requires user interaction to open a malicious PDF file, exploiting unsafe memory operations in XObject handling.
Summary generated and translated by AI from the official description.
Acrobat Reader DC versions 2021.005.20060 (and earlier), 2020.004.30006 (and earlier) and 2017.011.30199 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Affected products
Adobe · Acrobat ReaderWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →