CVE-2021-39841

Name of the Vulnerable Software and Affected Versions Adobe Acrobat Reader DC versions 2017.011.30199 through 2021.005.20060 Adobe Acrobat versions 2017.011.30199 through 2021.005.20060

Description The issue is related to a type confusion vulnerability that can be exploited by an attacker to execute arbitrary code in the context of the current user. This can be achieved by getting a victim to open a specially crafted PDF file, which requires user interaction. The vulnerability is associated with incompatible types and can allow a remote attacker to execute code.

Recommendations For Adobe Acrobat Reader DC versions 2017.011.30199 through 2021.005.20060, update to a version later than 2021.005.20060 to resolve the issue. For Adobe Acrobat versions 2017.011.30199 through 2021.005.20060, update to a version later than 2021.005.20060 to resolve the issue. As a temporary workaround, consider avoiding the use of incompatible types in PDF files until a patch is available. Restrict access to PDF files from untrusted sources to minimize the risk of exploitation.