Adobe Reader arbitrary code execution vulnerability (CVE-2021-28550)

Adobe has released security updates to address  Out-of-Bounds Read, Out-of-Bounds Write, Type Confusion, use-after-free and Heap Overflow vulnerabilities. Among the vulnerabilities patched by Adobe, CVE-2021-28550 is a zero-day that needs immediate attention. CVE-2021-28550 is a Remote Code Execution vulnerability impacting Adobe Acrobat and Reader, and is being actively exploited in the wild on Windows devices. … Continue reading “Adobe Reader arbitrary code execution vulnerability (CVE-2021-28550)”

Adobe Reader Double Free Vulnerability : CVE-2018-4990

A double free vulnerability in Adobe Reader was disclosed. CVE-2018-4990 has been assigned to track this vulnerability. Upon successful exploitation an attacker can achieve arbitrary code execution. The vulnerability has been exploited in the wild via crafted pdf document. Adobe has released APSB18-09 to address this vulnerability. Please check the advisory for the list of affected … Continue reading “Adobe Reader Double Free Vulnerability : CVE-2018-4990”