First published: Thu Nov 16 2023(Updated: )
Adobe Acrobat Reader versions 23.006.20360 (and earlier) and 20.005.30524 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
|Affected Software||Affected Version||How to fix|
|Adobe Acrobat Dc||>=15.008.20082<23.006.20380|
|Adobe Acrobat Reader DC||>=15.008.20082<23.006.20380|
|Adobe Acrobat Reader||>=20.001.30005<20.005.30539|
CVE-2023-44356 is a vulnerability in Adobe Acrobat Reader that allows disclosure of sensitive memory through an out-of-bounds read.
Adobe Acrobat Reader versions 23.006.20360 and earlier, as well as 20.005.30524 and earlier, are affected by CVE-2023-44356.
The severity of CVE-2023-44356 is rated as medium with a severity value of 5.5.
An attacker can exploit CVE-2023-44356 to bypass mitigations such as ASLR and disclose sensitive memory.
More information about CVE-2023-44356 can be found at the following reference: https://helpx.adobe.com/security/products/acrobat/apsb23-54.htm