CVE-2023-44340
CVSS 3.1 Score 5.5 of 10 (medium)
Details
Summary
CVE-2023-44340 is a newly disclosed vulnerability affecting Adobe Acrobat Reader versions 23.006.20360 and earlier, as well as 20.005.30524 and earlier. This issue represents an out-of-bounds read vulnerability, which means that an attacker can read data beyond the intended boundaries of a memory buffer. The ramifications of this vulnerability are significant, as it may result in the disclosure of sensitive memory. Attackers could potentially employ this flaw to bypass Address Space Layout Randomization (ASLR) mitigations. Notably, exploitation of this vulnerability necessitates user interaction, as a victim must open a maliciously crafted file to fall prey to an attack.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Affected Products
- Adobe Acrobat DC
- Adobe Acrobat Reader
- Adobe Acrobat
- Adobe Acrobat Reader DC
Affected Vendors
- Adobe