PT-2024-1410 · Adobe · Acrobat Reader

Hao Li

Published

2024-01-11

Updated

2024-01-23

CVE-2024-20721

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Acrobat Reader T5 (MSFT Edge) versions 120.0.2210.91 and earlier

Description The issue is related to insufficient input validation, which can be exploited by an unauthenticated attacker to cause an application denial-of-service in the context of the current user. Exploitation requires user interaction, specifically opening a malicious file.

Recommendations For versions 120.0.2210.91 and earlier, consider updating to a version that includes a fix for the improper input validation issue, as no specific workaround is provided for these versions. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

DoS

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-20

Related Identifiers

BDU:2024-00881

CVE-2024-20721

Affected Products

Acrobat Reader

PT-2024-1410 · Adobe · Acrobat Reader

CVE-2024-20721

Weakness Enumeration

Related Identifiers

Affected Products

References · 9