Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2024-20721
HistoryJan 15, 2024 - 1:15 p.m.

CVE-2024-20721

2024-01-1513:15:08
CWE-20
[email protected]
web.nvd.nist.gov
7
acrobat reader
microsoft edge
input validation
vulnerability
application denial-of-service
user interaction
malicious file

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

AI Score

5.4

Confidence

High

EPSS

0.001

Percentile

29.3%

JSON

Acrobat Reader T5 (MSFT Edge) versions 120.0.2210.91 and earlier are affected by an Improper Input Validation vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-service in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Affected configurations

Nvd
Node
adobeacrobatRange120.0.2210.91edge
OR
microsoftedge_chromiumRange<120.0.2210.133
VendorProductVersionCPE
adobeacrobat*cpe:2.3:a:adobe:acrobat:*:*:*:*:*:edge:*:*
microsoftedge_chromium*cpe:2.3:a:microsoft:edge_chromium:*:*:*:*:*:*:*:*

Related

cve 1
cvelist 1
prion 1
cnvd 1
mscve 1
nessus 2
kaspersky 1
cve
cve
CVE-2024-20721
2024-01-15 13:15:08
cvelist
cvelist
CVE-2024-20721 T5 Acrobat JS vulnerability - Exploitable crash via t5::javascript::get_page_num_words
2024-01-15 12:13:09
prion
prion
Input validation
2024-01-15 13:15:00
cnvd
cnvd
Adobe Acrobat Reader Input Validation Error Vulnerability (CNVD-2024-12461)
2024-03-05 00:00:00
mscve
mscve
Adobe Systems Incorporated: CVE-2024-20721 Improper Input Validation Denial of Service Vulnerability
2024-01-11 08:00:00
nessus
nessus
Microsoft Edge (Chromium) < 120.0.2336.0 Multiple Vulnerabilities
2024-01-11 00:00:00
Microsoft Edge (Chromium) < 120.0.2210.133 Multiple Vulnerabilities
2024-01-18 00:00:00
kaspersky
kaspersky
KLA62929 Multiple vulnerabilities in Microsoft Browser
2024-01-11 00:00:00

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

AI Score

5.4

Confidence

High

EPSS

0.001

Percentile

29.3%

JSON
Related for NVD:CVE-2024-20721
cve1cvelist1prion1cnvd1mscve1nessus2kaspersky1