LOW
Acrobat Reader DC versions 2020.012.20048 (and earlier), 2020.001.30005 (and earlier) and 2017.011.30175 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Weakness: Out-of-bounds Read
The software reads data past the end, or before the beginning, of the intended buffer.
Published: 2020-11-05
Researcher Credit
Community Advisory
This section is open source, for any additional information that enhances or clarifies the official advisory above.
CVE-2020-24434 Exploits
Exploits for CVE-2020-24434 are not publicly available.
Access our inventory of exclusive N-Day CVE Exploits, provided for legal security research and testing purposes. Inquire about our offerings by email: [email protected] (PGP key).