virus logo Intrusion Prevention

Adobe.Acrobat.Reader.DC.EScript.api.Thermometer.Use.After.Free

description-logoDescription

This indicates an attack attempt to exploit a Use After Free Vulnerability in Adobe Acrobat Reader DC.
The vulnerability is due to improper handling of Thermometer objects in memory. A remote attacker could exploit this vulnerability by enticing a target user into opening a maliciously crafted PDF document. Successful exploitation could result in the execution of arbitrary code under the security context of the target user.

affected-products-logoAffected Products

Adobe Acrobat DC Continuous for Windows 2017.011.30161
Adobe Acrobat DC Continuous for Macintosh 2017.011.30161
Adobe Acrobat Reader DC Continuous for Windows 2017.011.30161
Adobe Acrobat Reader DC Continuous for Macintosh 2017.011.30161
Adobe Acrobat DC Classic for Windows 2015.006.30512
Adobe Acrobat DC Classic for Macintosh 2015.006.30512
Adobe Acrobat Reader DC Classic for Windows 2015.006.30512
Adobe Acrobat Reader DC Classic for Macintosh 2015.006.30512

Impact logoImpact

System Compromise: Remote attackers can gain control of vulnerable systems.

recomended-action-logoRecommended Actions

Apply the most recent upgrade or patch from the vendor.
https://helpx.adobe.com/security/products/acrobat/apsb21-51.html

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)

Version Updates

Date Version Detail
2021-07-22 18.125 Default_action:pass:drop
2021-07-14 18.120

References

APSB21-51
ID 50565
Created Jul 14, 2021
Updated Jul 21, 2021
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon lightgray-background-circle-icon
CVE ID CVE-2021-28640
Exploit Prediction Score 1.57%
Default Action drop
Active
Affected OS Windows, MacOS
Affected App Adobe