Important Information

On August 12th, 2022, many of Keysight’s Network Test, Network Visibility, & Edge to Core (NAS/formerly Ixia) products will migrate to a new license structure.

CRITICAL: If you perform licensing operations after August 12th, 2022, without upgrading the licensing software to the latest version, licenses may not register properly, and some features may be missing. This could impact testing and result in downtime.

For details, click here.

Strike ID:
E20-11b41
CVSS:
5.0 (AV:N/AC:L/Au:N/C:P/I:N/A:N)
False Positive:
t
Variants:
1
Year:
2020

Description

This strike exploits an out-of-bounds read vulnerability in Adobe Acrobat and Acrobat Reader. The vulnerability is due to the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated structure when handling PDF files. An attacker can exploit this vulnerability by creating a specially crafted PDF file and enticing a user to open it. Successful exploitation could lead to information disclosure.

CVE

https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-3744

References

https://talosintelligence.com/vulnerability_reports/TALOS-2019-0959