CVE-2020-9715
CVE-2020-9715
In short
Adobe Acrobat and Reader have a use-after-free flaw that allows attackers to run malicious code by crafting a specially designed PDF file. This flaw affects multiple versions and can completely compromise your computer.
Technical detail
Use-after-free vulnerability in Adobe Acrobat/Reader allows remote code execution via maliciously crafted PDF files. The vulnerability exists in memory management where freed objects are accessed, and successful exploitation requires user interaction to open the malicious document.
Summary generated and translated by AI from the official description.
Adobe Acrobat and Reader versions 2020.009.20074 and earlier, 2020.001.30002, 2017.011.30171 and earlier, and 2015.006.30523 and earlier have an use-after-free vulnerability. Successful exploitation could lead to arbitrary code execution .
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Affected products
Adobe · Adobe Acrobat and Readerpublic PoCs found — 3
githubgithub.com/lsw29475/CVE-2020-9715★ 5githubgithub.com/f8al/PoC-CVE-2020-9715★ 1githubgithub.com/wonjunchun/CVE-2020-9715★ 0⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.
Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
https://blog.exodusintel.com/2021/04/20/analysis-of-a-use-after-free-vulnerability-in-adobe-acrobat-reader-dc/https://helpx.adobe.com/security/products/acrobat/apsb20-48.htmlhttps://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2020-9715https://www.zerodayinitiative.com/advisories/ZDI-20-991/