CVE-2021-40730
published 2021-10-15CVE-2021-40730: Adobe Acrobat Reader DC version 21.007.20095 (and earlier), 21.007.20096 (and earlier), 20.004.30015 (and earlier), and 17.011.30202 (and earlier) is affected…
low3.3CVSS 3.0
AVLACLPRNUIRSUCLINAN
Adobe Acrobat Reader DC version 21.007.20095 (and earlier), 21.007.20096 (and earlier), 20.004.30015 (and earlier), and 17.011.30202 (and earlier) is affected by a use-after-free that allow a remote attacker to disclose sensitive information on affected installations of of Adobe Acrobat Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JPG2000 images.
Affected
9 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| adobe | acrobat | 17.011.30158 – 17.011.30202 | — |
| adobe | acrobat | 20.001.30005 – 20.004.30015 | — |
| adobe | acrobat_dc | 15.008.20082 – 21.007.20095 | — |
| adobe | acrobat_dc | 15.008.20082 – 21.007.20096 | — |
| adobe | acrobat_reader | 17.011.30158 – 17.011.30202 | — |
| adobe | acrobat_reader | 20.001.30005 – 20.004.30015 | — |
| adobe | acrobat_reader | unspecified – 21.007.20095 | — |
| adobe | acrobat_reader_dc | 15.008.20082 – 21.007.20095 | — |
| adobe | acrobat_reader_dc | 15.008.20082 – 21.007.20096 | — |