T3Rmin4T0R

**Name of the Vulnerable Software and Affected Versions** Adobe Acrobat and Reader versions 2019.010.20100 and earlier Adobe Acrobat and Reader versions 2017.011.30140 and earlier Adobe Acrobat and Reader versions 2015.006.30495 and earlier **Description** The issue is related to a use-after-free vulnerability that could lead to arbitrary code execution if successfully exploited. It is also described as a buffer overflow vulnerability in memory, which may allow a remote attacker to execute arbitrary code. **Recommendations** For versions 2019.010.20100 and earlier, update to a version later than 2019.010.20100 to resolve the issue. For versions 2017.011.30140 and earlier, update to a version later than 2017.011.30140 to resolve the issue. For versions 2015.006.30495 and earlier, update to a version later than 2015.006.30495 to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Foxit PhantomPDF version 9.3.10826 **Description** This issue allows remote attackers to disclose sensitive information. It requires user interaction, such as visiting a malicious page or opening a malicious file. The flaw exists within the parsing of PDF documents due to the lack of proper validation of user-supplied data. This can result in a read past the end of an allocated object, potentially allowing an attacker to execute code in the context of the current process when combined with other vulnerabilities. **Recommendations** For Foxit PhantomPDF version 9.3.10826, update to a version that addresses this issue to prevent exploitation. As a temporary workaround, consider avoiding the use of the HTML2PDF feature until a patch is available. Restrict access to untrusted PDF documents and HTML pages to minimize the risk of exploitation.