Acrobat Reader versions 24.001.30225, 20.005.30748, 25.001.20428 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
References
| Link | Resource |
|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb25-14.html | Vendor Advisory |
Configurations
Configuration 1 (hide)
| AND |
|
History
28 Apr 2025, 16:48
| Type | Values Removed | Values Added |
|---|---|---|
| References | () https://helpx.adobe.com/security/products/acrobat/apsb25-14.html - Vendor Advisory | |
| First Time |
Adobe acrobat Reader
Adobe acrobat Reader Dc Adobe Adobe acrobat Microsoft windows Apple macos Apple Adobe acrobat Dc Microsoft |
|
| CPE | cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:* cpe:2.3:a:adobe:acrobat_reader:*:*:*:*:classic:*:*:* cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:* cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:* cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:* cpe:2.3:a:adobe:acrobat:*:*:*:*:classic:*:*:* |
11 Mar 2025, 18:15
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2025-03-11 18:15
Updated : 2025-04-28 16:48
NVD link : CVE-2025-24431
Mitre link : CVE-2025-24431
JSON object : View
Products Affected
adobe
- acrobat_dc
- acrobat
- acrobat_reader
- acrobat_reader_dc
apple
- macos
microsoft
- windows
CWE
CWE-125
Out-of-bounds Read