Korean
<< Back
VID 50419
Severity 40
Port 139,445
Protocol TCP
Class SMB
Detailed Description The version of Adobe Acrobat installed on the remote Windows host is a version prior to 20.005.30574 or 23.008.20533. It is, therefore, affected by multiple vulnerabilities.

- Out-of-bounds Write (CWE-787) potentially leading to Arbitrary code execution (CVE-2024-20726, CVE-2024-20727, CVE-2024-20728)
- Use After Free (CWE-416) potentially leading to Arbitrary code execution (CVE-2024-20729, CVE-2024-20731)
- Integer Overflow or Wraparound (CWE-190) potentially leading to Arbitrary code execution (CVE-2024-20730)
- Improper Input Validation (CWE-20) potentially leading to Application denial-of-service (CVE-2024-20733)
- Use After Free (CWE-416) potentially leading to Memory leak (CVE-2024-20734)
- Out-of-bounds Read (CWE-125) potentially leading to Memory leak (CVE-2024-20735, CVE-2024-20736, CVE-2024-20747, CVE-2024-20748, CVE-2024-20749)

* References:
https://helpx.adobe.com/security/products/acrobat/apsb24-07.htm

* Platforms Affected:
Adobe Acrobat versions prior to 23.008.20533
Microsoft Windows Any version
Linux Any version
Recommendation Upgrade to the latest version of Adobe Acrobat (23.008.20533 or later), as described in the Adobe Security bulletin at https://helpx.adobe.com/security/products/acrobat/apsb24-07.htm
Related URL CVE-2024-20726,CVE-2024-20729,CVE-2024-20730,CVE-2024-20733,CVE-2024-20734,CVE-2024-20735,CVE-2024-20736,CVE-2024-20747,CVE-2024-20748 (CVE)
Related URL (SecurityFocus)
Related URL (ISS)