CVE-2020-9595

MEDIUM

Adobe Acrobat and Reader DC < 2020.006.20042 - Information Disclosure via Invalid Memory Access

Title source: llm

Description

Adobe Acrobat and Reader versions 2020.006.20042 and earlier, 2017.011.30166 and earlier, 2017.011.30166 and earlier, and 2015.006.30518 and earlier have an invalid memory access vulnerability. Successful exploitation could lead to information disclosure.

References (1)

Core 1

Core References

Vendor Advisory x_refsource_confirm

https://helpx.adobe.com/security/products/acrobat/apsb20-24.html

Scores

CVSS v3 5.5

EPSS 0.0281

EPSS Percentile 84.7%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

Details

CWE

CWE-119

Status published

Products (4)

adobe/acrobat_dc 15.006.30060 - 15.006.30518

adobe/acrobat_dc 15.008.20082 - 20.006.20042

adobe/acrobat_reader_dc 15.006.30060 - 15.006.30518

adobe/acrobat_reader_dc 15.008.20082 - 20.006.20042

Published Jun 25, 2020

Tracked Since Feb 18, 2026