CVE-2020-9609

Name of the Vulnerable Software and Affected Versions Adobe Acrobat versions prior to 2020.006.20042 Adobe Acrobat Reader versions prior to 2020.006.20042 Adobe Acrobat 2017 versions prior to 2017.011.30166 Adobe Acrobat Reader 2017 versions prior to 2017.011.30166 Adobe Acrobat 2015 versions prior to 2015.006.30518 Adobe Acrobat Reader 2015 versions prior to 2015.006.30518

Description The issue is related to an out-of-bounds read vulnerability and a buffer overflow in dynamic memory. This can be exploited by a remote attacker using a specially crafted PDF file, potentially allowing the execution of arbitrary code in the context of the current user or leading to information disclosure.

Recommendations For Adobe Acrobat and Reader versions 2020.006.20042 and earlier, update to version 2020.006.20042 or later. For Adobe Acrobat 2017 and Reader 2017 versions 2017.011.30166 and earlier, update to version 2017.011.30166 or later. For Adobe Acrobat 2015 and Reader 2015 versions 2015.006.30518 and earlier, update to version 2015.006.30518 or later. As a temporary workaround, consider avoiding the use of vulnerable Adobe Acrobat and Reader versions to open PDF files from untrusted sources until a patch is applied.