CVE-2021-39860
published 2021-09-29CVE-2021-39860: Acrobat Pro DC versions 2021.005.20060 (and earlier), 2020.004.30006 (and earlier) and 2017.011.30199 (and earlier) are affected by a Null pointer dereference…
medium5.5CVSS 3.1
AVLACLPRNUIRSUCHINAN
Acrobat Pro DC versions 2021.005.20060 (and earlier), 2020.004.30006 (and earlier) and 2017.011.30199 (and earlier) are affected by a Null pointer dereference vulnerability. An unauthenticated attacker could leverage this vulnerability to disclose sensitive user memory. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Affected
9 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| adobe | acrobat | 17.011.30059 – 17.011.30199 | — |
| adobe | acrobat | 20.001.30005 – 20.004.30006 | — |
| adobe | acrobat_dc | 15.008.20082 – 21.005.20058 | — |
| adobe | acrobat_dc | 15.008.20082 – 21.005.20060 | — |
| adobe | acrobat_reader | 17.011.30059 – 17.011.30199 | — |
| adobe | acrobat_reader | 20.001.30005 – 20.004.30006 | — |
| adobe | acrobat_reader | unspecified – 2020.004.30006 | — |
| adobe | acrobat_reader_dc | 15.008.20082 – 21.005.20058 | — |
| adobe | acrobat_reader_dc | 15.008.20082 – 21.005.20060 | — |