6.8
CVSSv2

CVE-2020-3748

Published: 13/02/2020 Updated: 26/02/2020
CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6
Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P

Vulnerability Summary

Adobe Acrobat and Reader versions 2019.021.20061 and previous versions, 2017.011.30156 and previous versions, 2017.011.30156 and previous versions, and 2015.006.30508 and previous versions have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution .

Vulnerability Trend

Affected Products

Vendor Product Versions
AdobeAcrobat Dc15.006.30060, 15.006.30094, 15.006.30096, 15.006.30097, 15.006.30119, 15.006.30121, 15.006.30172, 15.006.30173, 15.006.30174, 15.006.30198, 15.006.30201, 15.006.30243, 15.006.30244, 15.006.30279, 15.006.30280, 15.006.30306, 15.006.30352, 15.006.30354, 15.006.30355, 15.006.30392, 15.006.30394, 15.006.30413, 15.006.30416, 15.006.30417, 15.006.30418, 15.006.30434, 15.006.30448, 15.006.30452, 15.006.30456, 15.006.30457, 15.006.30464, 15.006.30475, 15.006.30482, 15.006.30493, 15.006.30495, 15.006.30497, 15.006.30498, 15.006.30504, 15.006.30508, 15.008.20082, 15.009.20069, 15.009.20071, 15.009.20077, 15.009.20079, 15.010.20056, 15.010.20059, 15.010.20060, 15.016.20039, 15.016.20041, 15.016.20045, 15.017.20050, 15.017.20053, 15.020.20039, 15.020.20042, 15.023.20053, 15.023.20056, 15.023.20070, 17.000.0000, 17.009.20044, 17.009.20058, 17.011.30059, 17.011.30065, 17.011.30066, 17.011.30068, 17.011.30070, 17.011.30078, 17.011.30079, 17.011.30080, 17.011.30096, 17.011.30099, 17.011.30102, 17.011.30105, 17.011.30106, 17.011.30110, 17.011.30113, 17.011.30120, 17.011.30127, 17.011.30138, 17.011.30140, 17.011.30142, 17.011.30143, 17.011.30150, 17.011.30152, 17.011.30155, 17.011.30156, 17.012.20093, 17.012.20095, 17.012.20096, 17.012.20098, 18.009.20044, 18.009.20050, 18.011.20038, 18.011.20040, 18.011.20055, 18.011.20058, 18.011.20063, 19.008.20071, 19.008.20074, 19.008.20080, 19.008.20081, 19.010.20064, 19.010.20069, 19.010.20091, 19.010.20098, 19.010.20099, 19.010.20100, 19.012.20034, 19.021.20047, 19.021.20056, 19.021.20058
AdobeAcrobat Reader Dc15.006.30060, 15.006.30094, 15.006.30096, 15.006.30097, 15.006.30119, 15.006.30121, 15.006.30172, 15.006.30173, 15.006.30174, 15.006.30198, 15.006.30201, 15.006.30243, 15.006.30244, 15.006.30279, 15.006.30280, 15.006.30306, 15.006.30352, 15.006.30354, 15.006.30355, 15.006.30392, 15.006.30394, 15.006.30416, 15.006.30417, 15.006.30418, 15.006.30434, 15.006.30448, 15.006.30452, 15.006.30456, 15.006.30457, 15.006.30461, 15.006.30464, 15.006.30475, 15.006.30482, 15.006.30493, 15.006.30495, 15.006.30497, 15.006.30498, 15.006.30504, 15.006.30505, 15.006.30508, 15.008.20082, 15.009.20069, 15.009.20071, 15.009.20077, 15.009.20079, 15.010.20056, 15.010.20059, 15.010.20060, 15.016.20039, 15.016.20041, 15.016.20045, 15.017.20050, 15.017.20053, 15.020.20039, 15.020.20042, 15.023.20053, 15.023.20056, 15.023.20070, 17.000.0000, 17.009.20044, 17.009.20058, 17.011.30059, 17.011.30065, 17.011.30066, 17.011.30068, 17.011.30070, 17.011.30078, 17.011.30079, 17.011.30080, 17.011.30096, 17.011.30099, 17.011.30102, 17.011.30105, 17.011.30106, 17.011.30110, 17.011.30113, 17.011.30120, 17.011.30127, 17.011.30138, 17.011.30140, 17.011.30142, 17.011.30150, 17.011.30152, 17.011.30156, 17.012.20093, 17.012.20095, 17.012.20098, 18.009.20044, 18.009.20050, 18.011.20038, 18.011.20040, 18.011.20055, 18.011.20063, 19.008.20071, 19.008.20074, 19.008.20080, 19.008.20081, 19.010.20064, 19.010.20069, 19.010.20091, 19.010.20098, 19.010.20099, 19.010.20100, 19.012.20034, 19.021.20047, 19.021.20056, 19.021.20058

Vendor Advisories

<!-- version component --> Security update available for Adobe Acrobat and Reader | APSB20-05 Semantic table{width:100%} Semantic table th{border:0px; font-size:13px; font-weight: 300; vertical-align: top; padding-left: 8px; background-color: #EFEFEF;} Semantic table td{border:0px; font-size:13px; font ...

Recent Articles

Adobe Addresses Critical Flash, Framemaker Flaws
Threatpost • Lindsey O'Donnell • 11 Feb 2020

Adobe has released patches addressing a wave of critical flaws in its Framemaker and Flash Player products, which, if exploited, could lead to arbitrary code-execution.
Overall, Adobe stomped out flaws tied to 42 CVEs for its regularly scheduled February updates, with 35 of those flaws being critical in severity. That trumps Adobe’s January security update, which addressed nine vulnerabilities overall, including ones in Adobe Illustrator CC and Adobe Experience Manager.
Adobe Frame...