Acrobat Reader versions 24.002.21005, 24.001.30159, 20.005.30655, 24.003.20054 and earlier are affected by a Type Confusion vulnerability that could result in arbitrary code execution in the context of the current user. This issue occurs when a resource is accessed using a type that is not compatible with the actual object type, leading to a logic error that an attacker could exploit. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
References
Configurations
No configuration.
History
13 Sep 2024, 14:06
Type | Values Removed | Values Added |
---|---|---|
Summary |
|
13 Sep 2024, 09:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-09-13 09:15
Updated : 2024-09-13 14:06
NVD link : CVE-2024-45112
Mitre link : CVE-2024-45112
CVE.ORG link : CVE-2024-45112
JSON object : View
Products Affected
No product.
CWE
CWE-843
Access of Resource Using Incompatible Type ('Type Confusion')