CVE-2020-24434

3.3
3.3 / 10
LOW

Acrobat Reader DC versions 2020.012.20048 (and earlier), 2020.001.30005 (and earlier) and 2017.011.30175 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Weakness: Out-of-bounds Read

The software reads data past the end, or before the beginning, of the intended buffer.

Published: 2020-11-05

Researcher Credit

Community Advisory

This section is open source, for any additional information that enhances or clarifies the official advisory above.

Improve Advisory

CVE-2020-24434 Exploits

Exploits for CVE-2020-24434 are not publicly available.

Access our inventory of exclusive N-Day CVE Exploits, provided for legal security research and testing purposes. Inquire about our offerings by email: [email protected] (PGP key).

Official CVE References

View references (2)