| VID |
50437 |
| Severity |
40 |
| Port |
139,445 |
| Protocol |
TCP |
| Class |
SMB |
| Detailed Description |
The version of Adobe Reader installed on the remote Windows host is a version prior to 26.001.21411. It is, therefore, affected by a vulnerability.
- Acrobat Reader versions 24.001.30356, 26.001.21367 and earlier are affected by an Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. (CVE-2026-34621)
* References:
https://helpx.adobe.com/security/products/acrobat/apsb26-43.html
* Platforms Affected:
Adobe Reader versions prior to 26.001.21411
Microsoft Windows Any version
Linux Any version |
| Recommendation |
Upgrade to the latest version of Adobe Reader (26.001.21411 or later), as described in the Adobe Security bulletin at https://helpx.adobe.com/security/products/acrobat/apsb26-43.html |
| Related URL |
CVE-2026-34621 (CVE) |
| Related URL |
(SecurityFocus) |
| Related URL |
(ISS) |
|
