Acrobat Reader versions 24.002.21005, 24.001.30159, 20.005.30655, 24.003.20054 and earlier are affected by a Type Confusion vulnerability that could result in arbitrary code execution in the context of the current user. This issue occurs when a resource is accessed using a type that is not compatible with the actual object type, leading to a logic error that an attacker could exploit. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
References
Link | Resource |
---|---|
https://helpx.adobe.com/security/products/acrobat/apsb24-70.html | Vendor Advisory |
Configurations
Configuration 1 (hide)
AND |
|
History
19 Sep 2024, 14:56
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:* cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:* cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:* cpe:2.3:a:adobe:acrobat_reader:*:*:*:*:classic:*:*:* cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:* cpe:2.3:a:adobe:acrobat:*:*:*:*:classic:*:*:* |
|
First Time |
Adobe acrobat Dc
Apple macos Microsoft Apple Adobe Adobe acrobat Reader Dc Adobe acrobat Reader Adobe acrobat Microsoft windows |
|
References | () https://helpx.adobe.com/security/products/acrobat/apsb24-70.html - Vendor Advisory |
13 Sep 2024, 14:06
Type | Values Removed | Values Added |
---|---|---|
Summary |
|
13 Sep 2024, 09:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-09-13 09:15
Updated : 2024-09-19 14:56
NVD link : CVE-2024-45112
Mitre link : CVE-2024-45112
CVE.ORG link : CVE-2024-45112
JSON object : View
Products Affected
adobe
- acrobat_dc
- acrobat_reader
- acrobat_reader_dc
- acrobat
microsoft
- windows
apple
- macos
CWE
CWE-843
Access of Resource Using Incompatible Type ('Type Confusion')