CVE-2023-26397

Name of the Vulnerable Software and Affected Versions Adobe Acrobat versions prior to 23.001.20094 Adobe Acrobat Reader versions 23.001.20093 and earlier Adobe Acrobat 2020 versions prior to 20.005.30442 Adobe Acrobat Reader 2020 versions 20.005.30441 and earlier

Description The issue is related to an out-of-bounds read in memory, which could allow a remote attacker to disclose protected information using a specially crafted file. This vulnerability may also enable an attacker to bypass certain mitigations, such as Address Space Layout Randomization (ASLR). Exploitation requires user interaction, where the victim must open a malicious file, potentially leading to a memory leak.

Recommendations For Adobe Acrobat versions prior to 23.001.20094, update to version 23.001.20094 or later. For Adobe Acrobat Reader versions 23.001.20093 and earlier, update to version 23.001.20094 or later. For Adobe Acrobat 2020 versions prior to 20.005.30442, update to version 20.005.30442 or later. For Adobe Acrobat Reader 2020 versions 20.005.30441 and earlier, update to version 20.005.30442 or later.