Security News > 2024 > September > Adobe completes fix for Reader bug with known PoC exploit (CVE-2024-41869)
2024-09-12 12:05
Among the security updates released by Adobe on Tuesday are those for various versions of Adobe Acrobat and Reader, which fix two critical flaws that could lead to arbitrary code execution: CVE-2024-45112 and CVE-2024-41869. Nothing in the advisory points to a need for users to implement the updates quickly, but the fix for CVE-2024-41869 is actually an additional, more complete fix for CVE-2024-39383, which was supposedly addressed with a security update released in August 2024. … More → The post Adobe completes fix for Reader bug with known PoC exploit (CVE-2024-41869) appeared first on Help Net Security.
News URL
https://www.helpnetsecurity.com/2024/09/12/cve-2024-41869/
Related news
- PoC exploit for critical WhatsUp Gold RCE vulnerability released (CVE-2024-8785) (source)
- Mitel MiCollab zero-day and PoC exploit unveiled (source)
- PoC exploit chains Mitel MiCollab 0-day, auth-bypass bug to access sensitive files (source)
- 390,000+ WordPress Credentials Stolen via Malicious GitHub Repository Hosting PoC Exploits (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-09-13 | CVE-2024-45112 | Type Confusion vulnerability in Adobe products Acrobat Reader versions 24.002.21005, 24.001.30159, 20.005.30655, 24.003.20054 and earlier are affected by a Type Confusion vulnerability that could result in arbitrary code execution in the context of the current user. | 7.8 |
| 2024-09-13 | CVE-2024-41869 | Use After Free vulnerability in Adobe products Acrobat Reader versions 24.002.21005, 24.001.30159, 20.005.30655, 24.003.20054 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. | 7.8 |
| 2024-08-14 | CVE-2024-39383 | Use After Free vulnerability in Adobe products Acrobat Reader versions 20.005.30636, 24.002.20965, 24.002.20964, 24.001.30123 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. | 7.8 |