Home

CVE-2021-40729

Description

Adobe Acrobat Reader DC version 21.007.20095 (and earlier), 21.007.20096 (and earlier), 20.004.30015 (and earlier), and 17.011.30202 (and earlier) is affected by a out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious PDF file.

Risk Information

Base Score
3.3
MODERATE
Vector
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
EPSS Score
Exploitation Probability
0.546

Associated Vulnerability

VulnerabilityOS Platform
Multiple vulnerabilities affected in Adobe Acrobat DC (Continuous Track) 21.007.20099-continuousWindows
Vulnerabilities CVE-2021-40728,CVE-2021-40729,CVE-2021-40730,CVE-2021-40731 are affected in Adobe Acrobat DC (Continuous Track) 21.001.20155-continuousWindows
Multiple Vulnerabilities are affected in Adobe Acrobat DC for MAC 21.001.20155Mac
Multiple Vulnerabilities are affected in Adobe Acrobat Reader DC for MAC 21.001.20155Mac

Patch Details

Click to see the patches provided by ManageEngine for this CVE
Patch IDPatch Description
PATCH-320762Adobe Acrobat DC Pro and Standard (Continuous Track) update - All languages (21.005.20060)
PATCH-321886Adobe Acrobat DC Pro and Standard (Continuous Track) update - All languages (21.007.20099)
PATCH-611991Adobe Acrobat DC for MAC (25.001.20693)(Deployment-Only)
PATCH-611989Adobe Acrobat Reader DC for MAC (25.001.20693)(Deployment-Only)

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234