Acrobat Reader DC versions 2020.012.20048 (and earlier), 2020.001.30005 (and earlier) and 2017.011.30175 (and earlier) for macOS are affected by a security feature bypass that could result in dynamic library code injection by the Adobe Reader process. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
References
Link | Resource |
---|---|
https://helpx.adobe.com/security/products/acrobat/apsb20-67.html | Vendor Advisory |
Configurations
Configuration 1 (hide)
AND |
|
Information
Published : 2020-11-05 12:15
Updated : 2021-09-08 10:22
NVD link : CVE-2020-24431
Mitre link : CVE-2020-24431
JSON object : View
CWE
CWE-285
Improper Authorization
Products Affected
microsoft
- windows
adobe
- acrobat
- acrobat_reader_dc
- acrobat_reader
- acrobat_dc
apple
- macos