CVE-2020-24436

7.8
7.8 / 10
HIGH

Acrobat Pro DC versions 2020.012.20048 (and earlier), 2020.001.30005 (and earlier) and 2017.011.30175 (and earlier) are affected by an out-of-bounds write vulnerability that could result in writing past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. This vulnerability requires user interaction to exploit in that the victim must open a malicious document.

Weakness: Out-of-bounds Write

The software writes data past the end, or before the beginning, of the intended buffer.

Published: 2020-11-05

Researcher Credit

Community Advisory

This section is open source, for any additional information that enhances or clarifies the official advisory above.

Improve Advisory

CVE-2020-24436 Exploits

Exploits for CVE-2020-24436 are not publicly available.

Access our inventory of exclusive N-Day CVE Exploits, provided for legal security research and testing purposes. Inquire about our offerings by email: [email protected] (PGP key).

Official CVE References

View references (2)