New Edge T5 MSRC Case [DCMSFT-1081]
CVE-2024-20709

5.5MEDIUM

Key Information:

Vendor: Adobe
Status: Acrobat for Edge
Vendor: CVE Published:; 15 January 2024

Summary

Acrobat Reader T5 (MSFT Edge) versions 120.0.2210.91 and earlier are affected by an Improper Input Validation vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-service in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Affected Version(s)

Acrobat for Edge 0 <= 120.0.2210.91

References

https://msrc.microsoft.com/update-guide/vulnerability/CVE...

vendor-advisory

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Jan 15, 2024
Vulnerability Reserved
Dec 4, 2023