Vulnerability Change Records for CVE-2021-21042

Change History

Modified Analysis 9/14/2021 2:42:19 PM

Action Type Old Value New Value

CVE Modified by Adobe Systems Incorporated 6/28/2021 9:15:17 AM

Action Type Old Value New Value
Added CVSS V3.1

								
							
							
						
Adobe Systems Incorporated AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
Removed CVSS V3.1
Adobe Systems Incorporated AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N

								
						
Changed Description
Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by an Out-of-bounds Read vulnerability. An unauthenticated attacker could leverage this vulnerability to locally escalate privileges in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Acrobat Reader DC versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by an Out-of-bounds Read vulnerability that could lead to arbitrary disclosure of information in the memory stack. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

CVE Modified by Adobe Systems Incorporated 6/11/2021 2:15:15 PM

Action Type Old Value New Value
Changed Description
Acrobat Reader DC versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by an Out-of-bounds Read vulnerability that could lead to arbitrary disclosure of information in the memory stack. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by an Out-of-bounds Read vulnerability. An unauthenticated attacker could leverage this vulnerability to locally escalate privileges in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Reanalysis 5/25/2021 9:19:01 AM

Action Type Old Value New Value
Added CVSS V3.1

								
							
							
						
NIST AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
Removed CVSS V3.1
NIST AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

								
						

Modified Analysis 6/03/2021 2:25:42 PM

Action Type Old Value New Value

CPE Deprecation Remap 9/08/2021 1:19:05 PM

Action Type Old Value New Value
Changed CPE Configuration
OR
     *cpe:2.3:o:apple:mac_os:-:*:*:*:*:*:*:*
OR
     *cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*

CVE Modified by Adobe Systems Incorporated 5/26/2021 9:15:07 PM

Action Type Old Value New Value
Added CVSS V3.1

								
							
							
						
Adobe Systems Incorporated AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
Removed CVSS V3.1
Adobe Systems Incorporated AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N

								
						
Removed CVSS V3.1 Reason
AV-Applied AV:N due to network vector identified

								
						
Removed CVSS V3.1 Reason
C-Information leaked

								
						
Changed Description
Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by an Out-of-bounds Read vulnerability. An unauthenticated attacker could leverage this vulnerability to locally escalate privileges in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Acrobat Reader DC versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by an Out-of-bounds Read vulnerability that could lead to arbitrary disclosure of information in the memory stack. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Reanalysis 5/25/2021 2:51:33 PM

Action Type Old Value New Value
Added CVSS V3.1

								
							
							
						
NIST AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
Removed CVSS V3.1
NIST AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N