CyberSec.Space Logo
返回 CVE 瀏覽器

CVE-2021-28550

Known Exploited (CISA KEV)HIGH
8.8
CVSS Severity Score
EPSS Score43.1490%
EPSS Percentile95.69th
Published2021年9月2日
Last Modified2025年10月23日

Vulnerability Description

Acrobat Reader DC versions versions 2021.001.20150 (and earlier), 2020.001.30020 (and earlier) and 2017.011.30194 (and earlier) are affected by a Use After Free vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Affected Platforms (CPE)

📦
Adobe

Acrobat Dc

>= 15.008.20082 and <= 21.001.20150
📦
Adobe

Acrobat Reader Dc

>= 15.008.20082 and <= 21.001.20150
📦
Adobe

Acrobat

>= 17.011.30059 and <= 17.011.30194
📦
Adobe

Acrobat

>= 20.001.30005 and <= 20.001.30020
📦
Adobe

Acrobat Reader

>= 17.011.30059 and <= 17.011.30194
📦
Adobe

Acrobat Reader

>= 20.001.30005 and <= 20.001.30020
📦
Adobe

Acrobat Dc

>= 15.008.20082 and <= 21.001.20149
📦
Adobe

Acrobat Reader Dc

>= 15.008.20082 and <= 21.001.20149

References & Advisories

🔗 https://helpx.adobe.com/security/products/acrobat/apsb21-29.html
🔗 https://helpx.adobe.com/security/products/acrobat/apsb21-29.html
🔗 https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-28550

相關漏洞威脅

CVE-2004-063110.0

Buffer overflow in the uudecoding feature for Adobe Acrobat Reader 5.0.5 and 5.0.6 for Unix and Linux, and possibly other versions...

CVE-2004-115210.0

Buffer overflow in the mailListIsPdf function in Adobe Acrobat Reader 5.09 for Unix allows remote attackers to execute arbitrary c...

CVE-2004-063010.0

The uudecoding feature in Adobe Acrobat Reader 5.0.5 and 5.0.6 for Unix and Linux, and possibly other versions including those bef...

CVE-2004-115310.0

Format string vulnerability in Adobe Acrobat Reader 6.0.0 through 6.0.2 allows remote attackers to cause a denial of service (appl...