CVE-2024-39383

Name of the Vulnerable Software and Affected Versions: Acrobat Reader versions 20.005.30636 through 24.002.20965 and earlier

Description: The issue is related to a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction, where a victim must open a malicious file. This vulnerability is associated with the use of memory after it has been freed, which can allow an attacker to execute arbitrary code by using a specially crafted file.

Recommendations: For Acrobat Reader versions 20.005.30636 and earlier, update to a version later than 24.002.20965 to resolve the issue. For Acrobat Reader versions 24.002.20964 and earlier, update to a version later than 24.002.20965 to resolve the issue. For Acrobat Reader versions 24.002.20965, no specific fix is provided, consider disabling the ability to open malicious files until a patch is available. For Acrobat Reader versions 24.001.30123 and earlier, update to a version later than 24.002.20965 to resolve the issue.