Vulnerability Spotlight: Adobe Acrobat DC use-after-free issues could lead to arbitrary code execution | allinfosecnews.com

July 13, 2022, 3:49 p.m. | Jon Munshaw (noreply@blogger.com)

Cisco Talos Intelligence Group - Comprehensive Threat Intelligence blog.talosintelligence.com

Aleksandar Nikolic of Cisco Talos discovered these vulnerabilities. Blog by Jon Munshaw.

Cisco Talos recently discovered two use-after-free vulnerabilities in Adobe Acrobat Reader DC that could allow an attacker to eventually gain the ability to execute arbitrary code.

Acrobat is one of the most popular PDF reader software options available currently. It includes the ability to read and process JavaScript to give PDFs greater interactivity and customization options for users. This vulnerability exists in the way Acrobat Reader processes JavaScript. …

acrobat adobe adobe acrobat code code execution dc free spotlight use-after-free vulnerabilities vulnerability

More from blog.talosintelligence.com / Cisco Talos Intelligence Group - Comprehensive Threat Intelligence

Could the Brazilian Supreme Court finally hold people accountable for sharing disinformation? 14 hours ago | blog.talosintelligence.com

account blocked court disinformation +8

OfflRouter virus causes Ukrainian users to upload confidential documents to VirusTotal 1 day, 20 hours ago | blog.talosintelligence.com

cisco cisco talos code confidential +20

Large-scale brute-force activity targeting VPNs, SSH services with commonly used login credentials 2 days, 20 hours ago | blog.talosintelligence.com

attacks brute brute-force cisco +24

The internet is already scary enough without April Fool’s jokes 1 week ago | blog.talosintelligence.com

april backdoor community internet +7

Vulnerability in some TP-Link routers could lead to factory reset 1 week, 1 day ago | blog.talosintelligence.com

amd directx driver factory +10

April’s Patch Tuesday includes 150 vulnerabilities, 60 which could lead to remote code execution 1 week, 2 days ago | blog.talosintelligence.com

april code code execution critical +10

Starry Addax targets human rights defenders in North Africa with new malware 1 week, 2 days ago | blog.talosintelligence.com

activists actor africa cisco +18

There are plenty of ways to improve cybersecurity that don’t involve making workers return to … 2 weeks ago | blog.talosintelligence.com

actions april cybersecurity don +14

CoralRaider targets victims’ data and social media accounts 2 weeks ago | blog.talosintelligence.com

accounts actor calling cisco +14

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations

View on infosec-jobs.com

Information Security Engineers

@ D. E. Shaw Research | New York City

View on infosec-jobs.com

Dir-Information Security - Cyber Analytics

@ Marriott International | Bethesda, MD, United States

View on infosec-jobs.com

Security Engineer - Security Operations

@ TravelPerk | Barcelona, Barcelona, Spain

View on infosec-jobs.com

Information Security Mgmt- Risk Assessor

@ JPMorgan Chase & Co. | Bengaluru, Karnataka, India

View on infosec-jobs.com

SAP CO Consultant

@ Atos | Istanbul, TR

View on infosec-jobs.com