Vulnerabilities > Adobe > Acrobat Reader DC > 20.012.20048

DATE CVE VULNERABILITY TITLE RISK
2020-11-05 CVE-2020-24431 Improper Authorization vulnerability in Adobe products
Acrobat Reader DC versions 2020.012.20048 (and earlier), 2020.001.30005 (and earlier) and 2017.011.30175 (and earlier) for macOS are affected by a security feature bypass that could result in dynamic library code injection by the Adobe Reader process.
network
adobe CWE-285
5.8
5.8
2020-11-05 CVE-2020-24430 Use After Free vulnerability in Adobe products
Acrobat Reader DC versions 2020.012.20048 (and earlier), 2020.001.30005 (and earlier) and 2017.011.30175 (and earlier) are affected by a use-after-free vulnerability when handling malicious JavaScript.
network
adobe CWE-416
6.8
6.8
2020-11-05 CVE-2020-24429 Improper Verification of Cryptographic Signature vulnerability in Adobe products
Acrobat Reader DC versions 2020.012.20048 (and earlier), 2020.001.30005 (and earlier) and 2017.011.30175 (and earlier) for macOS are affected by a signature verification bypass that could result in local privilege escalation.
network
adobe CWE-347
6.8
6.8
2020-11-05 CVE-2020-24428 Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Adobe products
Acrobat Reader DC versions 2020.012.20048 (and earlier), 2020.001.30005 (and earlier) and 2017.011.30175 (and earlier) for macOS are affected by a time-of-check time-of-use (TOCTOU) race condition vulnerability that could result in local privilege escalation.
network
high complexity
adobe CWE-367
5.1
5.1
2020-11-05 CVE-2020-24427 Improper Input Validation vulnerability in Adobe products
Acrobat Reader versions 2020.012.20048 (and earlier), 2020.001.30005 (and earlier) and 2017.011.30175 (and earlier) are affected by an input validation vulnerability when decoding a crafted codec that could result in the disclosure of sensitive memory.
network
adobe CWE-20
4.3
4.3
2020-11-05 CVE-2020-24426 Out-of-bounds Read vulnerability in Adobe products
Acrobat Reader DC versions 2020.012.20048 (and earlier), 2020.001.30005 (and earlier) and 2017.011.30175 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory.
network
adobe CWE-125
4.3
4.3