VID |
50419 |
Severity |
40 |
Port |
139,445 |
Protocol |
TCP |
Class |
SMB |
Detailed Description |
The version of Adobe Acrobat installed on the remote Windows host is a version prior to 20.005.30574 or 23.008.20533. It is, therefore, affected by multiple vulnerabilities.
- Out-of-bounds Write (CWE-787) potentially leading to Arbitrary code execution (CVE-2024-20726, CVE-2024-20727, CVE-2024-20728) - Use After Free (CWE-416) potentially leading to Arbitrary code execution (CVE-2024-20729, CVE-2024-20731) - Integer Overflow or Wraparound (CWE-190) potentially leading to Arbitrary code execution (CVE-2024-20730) - Improper Input Validation (CWE-20) potentially leading to Application denial-of-service (CVE-2024-20733) - Use After Free (CWE-416) potentially leading to Memory leak (CVE-2024-20734) - Out-of-bounds Read (CWE-125) potentially leading to Memory leak (CVE-2024-20735, CVE-2024-20736, CVE-2024-20747, CVE-2024-20748, CVE-2024-20749)
* References: https://helpx.adobe.com/security/products/acrobat/apsb24-07.htm
* Platforms Affected: Adobe Acrobat versions prior to 23.008.20533 Microsoft Windows Any version Linux Any version |
Recommendation |
Upgrade to the latest version of Adobe Acrobat (23.008.20533 or later), as described in the Adobe Security bulletin at https://helpx.adobe.com/security/products/acrobat/apsb24-07.htm |
Related URL |
CVE-2024-20726,CVE-2024-20729,CVE-2024-20730,CVE-2024-20733,CVE-2024-20734,CVE-2024-20735,CVE-2024-20736,CVE-2024-20747,CVE-2024-20748 (CVE) |
Related URL |
(SecurityFocus) |
Related URL |
(ISS) |
|