Adobe Acrobat Reader DC add-on for Internet Explorer versions 2021.005.20060 (and earlier), 2020.004.30006 (and earlier) and 2017.011.30199 (and earlier) are affected by an Information Disclosure vulnerability. An unauthenticated attacker could leverage this vulnerability to check for existence of local files. Exploitation of this issue requires user interaction in that a victim must visit an attacker controlled web page.
References
Link | Resource |
---|---|
https://helpx.adobe.com/security/products/acrobat/apsb21-55.html | Release Notes Vendor Advisory |
Configurations
Configuration 1 (hide)
AND |
|
Configuration 2 (hide)
AND |
|
Configuration 3 (hide)
AND |
|
Configuration 4 (hide)
AND |
|
History
07 Nov 2023, 03:37
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : 4.3
v3 : unknown |
Information
Published : 2021-09-29 16:15
Updated : 2024-02-28 18:48
NVD link : CVE-2021-39857
Mitre link : CVE-2021-39857
CVE.ORG link : CVE-2021-39857
JSON object : View
Products Affected
microsoft
- windows
adobe
- acrobat
- acrobat_reader
- acrobat_dc
- acrobat_reader_dc
apple
- macos
CWE
CWE-200
Exposure of Sensitive Information to an Unauthorized Actor