Cisco Talos has disclosed more than 30 vulnerabilities in February, including seven in Adobe Acrobat Reader, one of the most popular PDF editing and reading software currently available.
Adversaries could exploit these vulnerabilities to trigger the reuse of a previously freed object, thus causing memory corruption and potentially arbitrary code execution on the targeted machine.
Other potential code execution vulnerabilities are also present in Weston Embedded µC/HTTP-server, a web server component in Weston Embedded's in-house operating system and an open-source library that processes several types of potentially sensitive medical tests.
For Snort coverage that can detect the exploitation of these vulnerabilities, download the latest rule sets from Snort.org, and our latest Vulnerability Advisories are always posted on Talos Intelligence’s website.
Multiple vulnerabilities in Adobe Acrobat Reader
Discovered by KPC of Cisco Talos.
Adobe Acrobat Reader contains multiple vulnerabilities that could lead to remote code execution if exploited correctly. Acrobat is known for being one of the most popular PDF readers available and allows users to fill out, edit and share PDFs.
TALOS-2023-1905 (CVE-2024-20735), TALOS-2023-1908 (CVE-2024-20747) and TALOS-2023-1910 (CVE-2024-20749) are all out-of-bounds read vulnerabilities that could lead to memory corruption, and eventually arbitrary code execution. TALOS-2023-1909 ..
Support the originator by clicking the read the rest link below.
