Rapid7 Vulnerability & Exploit Database

Adobe Acrobat: APSB20-13 (CVE-2020-3803): Security Bulletin for Adobe Acrobat and Reader | APSB20-13

Back to Search

Adobe Acrobat: APSB20-13 (CVE-2020-3803): Security Bulletin for Adobe Acrobat and Reader | APSB20-13

Severity
4
CVSS
(AV:L/AC:M/Au:N/C:P/I:P/A:P)
Published
03/17/2020
Created
03/20/2020
Added
03/18/2020
Modified
05/13/2020

Description

Adobe Acrobat and Reader versions 2020.006.20034 and earlier, 2017.011.30158 and earlier, 2017.011.30158 and earlier, 2015.006.30510 and earlier, and 2015.006.30510 and earlier have an insecure library loading (dll hijacking) vulnerability. Successful exploitation could lead to privilege escalation.

Solution(s)

  • adobe-acrobat-dc-upgrade-15-006-30518-macosx
  • adobe-acrobat-dc-upgrade-15-006-30518-windows
  • adobe-acrobat-dc-upgrade-20-006-20042-macosx
  • adobe-acrobat-dc-upgrade-20-006-20042-windows
  • adobe-acrobat-reader-dc-upgrade-15-006-30518-macosx
  • adobe-acrobat-reader-dc-upgrade-15-006-30518-windows
  • adobe-acrobat-reader-dc-upgrade-20-006-20042-macosx
  • adobe-acrobat-reader-dc-upgrade-20-006-20042-windows
  • adobe-acrobat-reader-upgrade-2017-011-30166-macosx
  • adobe-acrobat-reader-upgrade-2017-011-30166-windows
  • adobe-acrobat-upgrade-2017-011-30166-macosx
  • adobe-acrobat-upgrade-2017-011-30166-windows

References

  • adobe-acrobat-dc-upgrade-15-006-30518-macosx
  • adobe-acrobat-dc-upgrade-15-006-30518-windows
  • adobe-acrobat-dc-upgrade-20-006-20042-macosx
  • adobe-acrobat-dc-upgrade-20-006-20042-windows
  • adobe-acrobat-reader-dc-upgrade-15-006-30518-macosx
  • adobe-acrobat-reader-dc-upgrade-15-006-30518-windows
  • adobe-acrobat-reader-dc-upgrade-20-006-20042-macosx
  • adobe-acrobat-reader-dc-upgrade-20-006-20042-windows
  • adobe-acrobat-reader-upgrade-2017-011-30166-macosx
  • adobe-acrobat-reader-upgrade-2017-011-30166-windows
  • adobe-acrobat-upgrade-2017-011-30166-macosx
  • adobe-acrobat-upgrade-2017-011-30166-windows

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;