CVE-2020-29075
Description
Acrobat Reader DC versions 2020.013.20066 (and earlier), 2020.001.30010 (and earlier) and 2017.011.30180 (and earlier) are affected by an information exposure vulnerability, that could enable an attacker to get a DNS interaction and track if the user has opened or closed a PDF file when loaded from the filesystem without a prompt. User interaction is required to exploit this vulnerability.
Risk Information
Base Score
6.5
MODERATE
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
EPSS Score
Exploitation Probability
0.919
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Vulnerabilities CVE-2020-29075 are fixed in Adobe Acrobat Reader DC (Continuous Track) update - All languages (20.013.20074) (APSB20-75) | Windows |
| Vulnerabilities CVE-2020-29075 are fixed in Adobe Acrobat 2020 (Classic Track) (20.001.30018) (APSB20-75) | Windows |
| Vulnerabilities CVE-2020-29075 are fixed in Adobe Acrobat 2017 Pro and Standard (Acrobat 2017 Track) update - All languages (17.011.30188) (APSB20-75) | Windows |
| Vulnerabilities CVE-2020-29075 are fixed in Adobe Acrobat Reader 2017 MUI (Classic Track) (17.011.30188) (APSB20-75) | Windows |
| Vulnerabilities CVE-2020-29075 are fixed in Adobe Acrobat Reader MUI DC (Continuous Track) update - All languages (20.013.20074) (APSB20-75) | Windows |
| Vulnerabilities CVE-2020-29075 are fixed in Adobe Acrobat DC Pro and Standard (Continuous Track) update - All languages (20.013.20074) (APSB20-75) | Windows |
| Vulnerabilities CVE-2020-29075 are fixed in Adobe Acrobat Reader 2020 MUI (Classic Track) (20.001.30018) (APSB20-75) | Windows |
| Vulnerabilities CVE-2020-29075 are affected in Adobe Acrobat DC for MAC 20.013.20066 | Mac |
| Vulnerabilities CVE-2020-29075 are affected in Adobe Acrobat Reader DC for MAC 20.013.20066 | Mac |
Patch Details
Click to see the patches provided by ManageEngine for this CVE
| Patch ID | Patch Description |
|---|---|
| PATCH-317408 | Adobe Acrobat Reader DC (Continuous Track) update - All languages (20.013.20074) (APSB20-75) |
| PATCH-317433 | Adobe Acrobat 2020 (Classic Track) (20.001.30018) (APSB20-75) |
| PATCH-317405 | Adobe Acrobat 2017 Pro and Standard (Acrobat 2017 Track) update - All languages (17.011.30188) (APSB20-75) |
| PATCH-317407 | Adobe Acrobat Reader 2017 MUI (Classic Track) (17.011.30188) (APSB20-75) |
| PATCH-317409 | Adobe Acrobat Reader MUI DC (Continuous Track) update - All languages (20.013.20074) (APSB20-75) |
| PATCH-317406 | Adobe Acrobat DC Pro and Standard (Continuous Track) update - All languages (20.013.20074) (APSB20-75) |
| PATCH-317434 | Adobe Acrobat Reader 2020 MUI (Classic Track) (20.001.30018) (APSB20-75) |
| PATCH-611991 | Adobe Acrobat DC for MAC (25.001.20693)(Deployment-Only) |
| PATCH-611989 | Adobe Acrobat Reader DC for MAC (25.001.20693)(Deployment-Only) |
References
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234