CVE-2023-29299

Description

Adobe Acrobat Reader versions 23.003.20244 (and earlier) and 20.005.30467 (and earlier) are affected by an Untrusted Search Path vulnerability that could lead to Application denial-of-service. An attacker could leverage this vulnerability if the default PowerShell Set-ExecutionPolicy is set to Unrestricted, making the attack complexity high. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Related CPE's

aadobeacrobat_dc****continuous***

aadobeacrobat_reader_dc****continuous***

oapplemacos-*******

omicrosoftwindows-*******

aadobeacrobat****classic***

aadobeacrobat_reader****classic***

oapplemacos-*******

aadobeacrobat****classic***

aadobeacrobat_reader****classic***

omicrosoftwindows-*******

References

https://helpx.adobe.com/security/products/acrobat/apsb23-30.html

Release NotesVendor Advisory

CvssV3 impact

Could not find any metrics

CvssV2 impact

Could not find any metrics
Created by Yello
About Severity.io