Adobe Acrobat Reader DC version 21.007.20095 (and earlier), 21.007.20096 (and earlier), 20.004.30015 (and earlier), and 17.011.30202 (and earlier) is affected by a use-after-free vulnerability in the processing of the GetURL function on a global object window that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
References
Link | Resource |
---|---|
https://helpx.adobe.com/security/products/acrobat/apsb21-104.html | Release Notes Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: adobe
Published: 2021-10-12T00:00:00
Updated: 2021-10-15T14:22:14
Reserved: 2021-09-08T00:00:00
Link: CVE-2021-40728
JSON object: View
NVD Information
Status : Analyzed
Published: 2021-10-15T15:15:08.817
Modified: 2021-10-21T21:14:00.220
Link: CVE-2021-40728
JSON object: View
Redhat Information
No data.
CWE