Vulnerabilities in Adobe Readed DC Software

Consolidated summary:

  • ZDI-24-424 & ZDI-24-425: Both vulnerabilities, identified as CVE-2024-30305 and CVE-2024-30303 respectively, have a CVSS score of 7.8 and affect Adobe Acrobat Reader DC. They allow remote code execution due to improper handling of AcroForms. Users must interact with a malicious page or file to trigger the flaw.
  • ZDI-24-427: Identified as CVE-2024-30306 with a CVSS score of 7.8, this vulnerability in Adobe Acrobat Reader DC allows remote code execution through an out-of-bounds read in AcroForms. User interaction is required.
Read more Vulnerabilities in Adobe Readed DC Software