CVE-2024-20747

Name of the Vulnerable Software and Affected Versions Adobe Acrobat versions prior to 20.005.30539 Adobe Acrobat Reader versions prior to 20.005.30539 Adobe Acrobat 2020 versions prior to 20.005.30539 Adobe Reader 2020 versions prior to 20.005.30539 Acrobat Reader versions 20.005.30539 and earlier

Description The issue is related to an out-of-bounds read vulnerability in Adobe Acrobat and Reader, which could lead to disclosure of sensitive memory. This vulnerability can be exploited when a victim opens a malicious file, allowing an attacker to bypass mitigations such as ASLR. The vulnerability is associated with the processing of the CharStrings INDEX parameter of OpenType font formats.

Recommendations For Adobe Acrobat versions prior to 20.005.30539, update to a version later than 20.005.30539. For Adobe Acrobat Reader versions prior to 20.005.30539, update to a version later than 20.005.30539. For Adobe Acrobat 2020 versions prior to 20.005.30539, update to a version later than 20.005.30539. For Adobe Reader 2020 versions prior to 20.005.30539, update to a version later than 20.005.30539. For Acrobat Reader versions 20.005.30539 and earlier, update to a version later than 20.005.30539.