Adobe.Acrobat.and.Reader.JS.Field.Name.Out.of.Bounds.Read
Description
This indicates an attack attempt to exploit an Out of Bounds Read Vulnerability in Adobe Systems Acrobat Reader DC (Continuous).
This vulnerability is due to improper handling of Field Name in the Javascript. A remote attacker can exploit the vulnerability by enticing a target user into opening a crafted PDF document. Successful exploitation of this vulnerability would result in information disclosure and in the worst case remote code execution under the security context of the application.
Affected Products
Adobe Systems Acrobat 2015 2015.006.30508 and earlier
Adobe Systems Acrobat 2017 2017.011.30156 and earlier
Adobe Systems Acrobat DC (Continuous) 2019.021.20061 and earlier
Adobe Systems Acrobat Reader 2015 2015.006.30508 and earlier
Adobe Systems Acrobat Reader 2017 2017.011.30156 and earlier
Adobe Systems Acrobat Reader DC (Continuous) 2019.021.20061 and earlier versions
Impact
Information Disclosure: Remote attackers can gain sensitive information from vulnerable systems.
Recommended Actions
Apply the most recent upgrade or patch from the vendor.
https://helpx.adobe.com/security/products/acrobat/apsb20-05.html
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |