CVE-2021-39857
Last modified
CVE-2021-39857 is a vulnerability of currently unknown severity. Adobe Acrobat Reader DC add-on for Internet Explorer versions 2021.005.20060 (and earlier), 2020.004.30006 (and earlier) and 2017.011.30199 (and earlier) are affected by an Information Disclosure vulnerability. An unauthenticated attacker could leverage this vulnerability to check for existence of local files. EPSS estimates a 2.44% chance of exploitation in the next 30 days.
Description
Adobe Acrobat Reader DC add-on for Internet Explorer versions 2021.005.20060 (and earlier), 2020.004.30006 (and earlier) and 2017.011.30199 (and earlier) are affected by an Information Disclosure vulnerability. An unauthenticated attacker could leverage this vulnerability to check for existence of local files. Exploitation of this issue requires user interaction in that a victim must visit an attacker controlled web page.
Metrics
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Adobe | Acrobat | >= 17.011.30059, <= 17.011.30199 |
| Adobe | Acrobat Reader | >= 17.011.30059, <= 17.011.30199 |
| Adobe | Acrobat | >= 20.001.30005, <= 20.004.30006 |
| Adobe | Acrobat Reader | >= 20.001.30005, <= 20.004.30006 |
| Adobe | Acrobat Dc | >= 15.008.20082, <= 21.005.20058 |
| Adobe | Acrobat Reader Dc | >= 15.008.20082, <= 21.005.20058 |
| Adobe | Acrobat Dc | >= 15.008.20082, <= 21.005.20060 |
| Adobe | Acrobat Reader Dc | >= 15.008.20082, <= 21.005.20060 |
References
- https://helpx.adobe.com/security/products/acrobat/apsb21-55.htmlRelease Notes, Vendor Advisory
- https://helpx.adobe.com/security/products/acrobat/apsb21-55.htmlRelease Notes, Vendor Advisory
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2021-39857?
How severe is CVE-2021-39857?
How do I fix CVE-2021-39857?
Are you affected by CVE-2021-39857?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST