CVE-2024-39423

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published Aug 14, 2024
Updated: Aug 15, 2024
CWE ID 787

Summary

CVE-2024-39423 is a newly disclosed vulnerability that impacts Acrobat Reader versions 20.005.30636, 24.002.20965, 24.002.20964, and 24.001.30123, as well as earlier editions. This issue is categorized as an out-of-bounds write vulnerability, which means that data is written outside the intended boundaries of a memory buffer. As a result, attackers could potentially inject arbitrary code, executing it in the context of the current user. To exploit this vulnerability, a victim must first open a specially crafted malicious file.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Products

  • Adobe Acrobat DC
  • Adobe Acrobat
  • Adobe Acrobat Reader
  • Adobe Acrobat Reader DC

Affected Vendors

  • Adobe