7.5

CVE-2020-3756

Adobe Acrobat and Reader versions 2019.021.20061 and earlier, 2017.011.30156 and earlier, 2017.011.30156 and earlier, and 2015.006.30508 and earlier have a stack exhaustion vulnerability. Successful exploitation could lead to memory leak .
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
AdobeAcrobat Dc SwEditionclassic Version >= 15.006.30060 <= 15.006.30508
   ApplemacOS Version-
   MicrosoftWindows Version-
AdobeAcrobat Dc SwEditioncontinuous Version >= 15.008.20082 <= 19.021.20061
   ApplemacOS Version-
   MicrosoftWindows Version-
AdobeAcrobat Reader Dc SwEditionclassic Version >= 15.006.30060 <= 15.006.30508
   ApplemacOS Version-
   MicrosoftWindows Version-
AdobeAcrobat Reader Dc SwEditioncontinuous Version >= 15.008.20082 <= 19.021.20061
   ApplemacOS Version-
   MicrosoftWindows Version-
AdobeAcrobat Reader Dc SwEditionclassic Version >= 17.011.30059 <= 17.011.30156
   ApplemacOS Version-
AdobeAcrobat Dc SwEditionclassic Version >= 17.011.30059 <= 17.011.30156
   MicrosoftWindows Version-
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 2.2% 0.802
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.5 3.9 3.6
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
nvd@nist.gov 5 10 2.9
AV:N/AC:L/Au:N/C:N/I:N/A:P
CWE-401 Missing Release of Memory after Effective Lifetime

The product does not sufficiently track and release allocated memory after it has been used, making the memory unavailable for reallocation and reuse.

https://helpx.adobe.com/security/products/acrobat/apsb20-05.html
Patch
Vendor Advisory