First published: Thu Nov 16 2023(Updated: )
Adobe Acrobat Reader versions 23.006.20360 (and earlier) and 20.005.30524 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
|Affected Software||Affected Version||How to fix|
|Adobe Acrobat Dc||>=15.008.20082<23.006.20380|
|Adobe Acrobat Reader DC||>=15.008.20082<23.006.20380|
|Adobe Acrobat Reader||>=20.001.30005<20.005.30539|
The vulnerability ID for this Adobe Acrobat Reader vulnerability is CVE-2023-44359.
The title of this vulnerability is ZDI-CAN-21936: Adobe Acrobat Reader DC Font Parsing Use-After-Free Remote Code Execution Vulnerability.
Adobe Acrobat Reader versions 23.006.20360 (and earlier) and 20.005.30524 (and earlier) are affected by this vulnerability.
The severity of CVE-2023-44359 is high with a CVSS score of 7.8.
To fix the Adobe Acrobat Reader vulnerability, update to the latest version of Adobe Acrobat Reader.