virus logo Intrusion Prevention

Adobe.Acrobat.CVE-2023-21608.Use.After.Free

description-logoDescription

This indicates an attack attempt to exploit a Use After Free vulnerability in Adobe Acrobat.
The vulnerability is due to the use of previously freed memory. A remote attacker may be able to exploit this to execute arbitrary code within the context of the application via a crafted PDF file.

affected-products-logoAffected Products

Adobe Acrobat DC Continuous for Windows 2017.011.30161
Adobe Acrobat DC Continuous for Macintosh 2017.011.30161
Adobe Acrobat Reader DC Continuous for Windows 2017.011.30161
Adobe Acrobat Reader DC Continuous for Macintosh 2017.011.30161
Adobe Acrobat DC Classic for Windows 2015.006.30512
Adobe Acrobat DC Classic for Macintosh 2015.006.30512
Adobe Acrobat Reader DC Classic for Windows 2015.006.30512
Adobe Acrobat Reader DC Classic for Macintosh 2015.006.30512

Impact logoImpact

System Compromise: Remote attackers can gain control of vulnerable systems.

recomended-action-logoRecommended Actions

Apply the most recent upgrade or patch from the vendor.
https://helpx.adobe.com/security/products/acrobat/apsb22-03.html

Coverage

IPS (Regular DB)
IPS (Extended DB)

Version Updates

Date Version Detail
2024-06-24 28.813 Name:Adobe.
Acrobat.
Reader.
CVE-2023-21608.
Use.
After.
Free:Adobe.
Acrobat.
CVE-2023-21608.
Use.
After.
Free
2024-01-03 26.707 Sig Added
2023-01-19 22.480 Default_action:pass:drop
2023-01-10 22.472

References

https://helpx.adobe.com/security/products/acrobat/apsb22-03.html
ID 52504
Created Jan 10, 2023
Updated Jun 21, 2024
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon lightgray-background-circle-icon
CVE ID CVE-2023-21608
Known Exploited Yes
Exploit Prediction Score 1.1%
Default Action drop
Active
Affected OS Windows, MacOS
Affected App Adobe