CVE-2021-21034Out-of-bounds Read in Adobe Acrobat Reader

CWE-125Out-of-bounds Read3 documents3 sources
Severity
4.3MEDIUMNVD
EPSS
1.3%
top 19.98%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
4
Adobe Acrobat ReaderAdobe AcrobatAdobe Acrobat DC+1 more
Timeline
PublishedFeb 11
Latest updateMay 24

Description

Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by an Out-of-bounds Read vulnerability. An unauthenticated attacker could leverage this vulnerability to locally elevate privileges in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:NExploitability: 2.8 | Impact: 1.4

Affected Packages5 packages

CVEListV5adobe/acrobat_readerunspecified2020.013.20074+3
NVDadobe/acrobat_reader17.017.011.30188+1
NVDadobe/acrobat_reader_dc20.013.20074
NVDadobe/acrobat17.017.011.30188+1
NVDadobe/acrobat_dc20.013.20074

🔴Vulnerability Details

2
GHSA
GHSA-g2mc-w2j3-ppg6: Acrobat Reader DC versions versions 20202022-05-24
CVEList
Acrobat Reader DC Out-Of-Bounds Read Information Disclosure Vulnerability2021-02-11
CVE-2021-21034 — Out-of-bounds Read in Adobe | cvebase