Nov. 15, 2023, 6 a.m. |

ZDI: Published Advisories www.zerodayinitiative.com

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Acrobat Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The ZDI has assigned a CVSS rating of 7.8. The following CVEs are assigned: CVE-2023-44366.

acrobat acrobat reader adobe adobe acrobat arbitrary code attackers code code execution cvss exploit file font parsing malicious out-of-bounds out-of-bounds write page parsing rating reader remote code remote code execution target vulnerability zdi

More from www.zerodayinitiative.com / ZDI: Published Advisories

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations

Information Security Engineers

@ D. E. Shaw Research | New York City

Security Engineer, Incident Response

@ Databricks | Remote - Netherlands

Associate Vulnerability Engineer - Mid-Atlantic region (Part-Time)

@ GuidePoint Security LLC | Remote in VA, MD, PA, NC, DE, NJ, or DC

Data Security Architect

@ Accenture Federal Services | Washington, DC

Identity Security Administrator

@ SailPoint | Pune, India