Intrusion Prevention

Adobe.Acrobat.and.Reader.JS.Field.Name.Out.of.Bounds.Read

Description

This indicates an attack attempt to exploit an Out of Bounds Read Vulnerability in Adobe Systems Acrobat Reader DC (Continuous).
This vulnerability is due to improper handling of Field Name in the Javascript. A remote attacker can exploit the vulnerability by enticing a target user into opening a crafted PDF document. Successful exploitation of this vulnerability would result in information disclosure and in the worst case remote code execution under the security context of the application.

Affected Products

Adobe Systems Acrobat 2015 2015.006.30508 and earlier
Adobe Systems Acrobat 2017 2017.011.30156 and earlier
Adobe Systems Acrobat DC (Continuous) 2019.021.20061 and earlier
Adobe Systems Acrobat Reader 2015 2015.006.30508 and earlier
Adobe Systems Acrobat Reader 2017 2017.011.30156 and earlier
Adobe Systems Acrobat Reader DC (Continuous) 2019.021.20061 and earlier versions

Impact

Information Disclosure: Remote attackers can gain sensitive information from vulnerable systems.

Recommended Actions

Apply the most recent upgrade or patch from the vendor.
https://helpx.adobe.com/security/products/acrobat/apsb20-05.html

CVE References

CVE-2020-3744