VDB

CISA-2024-34122

CISA-2024-34122 PUBLISHED CVSS 7.8 HIGH

Reported by adobe · Published July 2, 2024

Acrobat for Edge versions 126.0.2592.68 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Risk Scores

CVSS 3.1
7.8
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Affected Products

VendorProductVersions
AdobeAcrobat for Edge0
Adobeacrobat0, 0
AdobeAcrobat for Edge0, 0

Timeline

  • Jul 2, 2024 CVE Published
  • Aug 2, 2024 CVE Updated
  • Apr 26, 2026 Security Advisory

References

  • vendor-advisory
Open in Interactive Console →
$ Console Community · 100/wk Open console ›