Published: 11/02/2021 Updated: 07/11/2023

CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6

CVSS v3 Base Score: 8.8 | Impact Score: 5.9 | Exploitability Score: 2.8

VMScore: 605

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P

Acrobat Reader DC versions versions 2020.013.20074 (and previous versions), 2020.001.30018 (and previous versions) and 2017.011.30188 (and previous versions) are affected by a Use After Free vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Vulnerable Product	Search on Vulmon	Subscribe to Product
adobe acrobat
adobe acrobat_dc
adobe acrobat_reader
adobe acrobat_reader_dc

Researchers find 134 flaws in the way Word, PDFs, handle scripts

The Register • Simon Sharwood, APAC Editor • 01 Jan 1970

Topics Security Off-Prem On-Prem Software Offbeat Vendor Voice Vendor Voice Resources ‘Cooperative mutation’ spots problems that checking scripts alone will miss

Black Hat Asia Security researchers have devised a tool that detects flaws in the way apps like Microsoft Word and Adobe Acrobat process JavaScript, and it's proven so effective they've found 134 bugs – 59 of them considered worthy of a fix by vendors, 33 assigned a CVE number, and 17 producing bug bounty payments totaling $22,000. The tool is named "Cooper" – a reference to the "Cooperative mutation" technique employed by the tool. Speaking at the Black Hat Asia conference in Singapore, PhD...

CVE-2021-21035

Vulnerability Summary

Vulnerability Trend

Recent Articles

References

Vulmon Search

About

Products

Connect