Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Adobe Acrobat Reader AcrobatUtils.scpt Extension OS Command Injection Vulnerability
Vulnerability Description
Acrobat Reader DC versions 2021.005.20054 (and earlier), 2020.004.30005 (and earlier) and 2017.011.30197 (and earlier) are affected by an Improper Neutralization of Special Elements used in an OS Command. An authenticated attacker could leverage this vulnerability to achieve arbitrary code execution on the host machine in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H
Vulnerability Type
OS命令中使用的特殊元素转义处理不恰当(OS命令注入)
Vulnerability Title
Adobe Acrobat 操作系统命令注入漏洞
Vulnerability Description
Adobe Acrobat是美国奥多比(Adobe)公司的一套PDF文件编辑和转换工具。 Adobe acrobat DC存在操作系统命令注入漏洞,该漏洞源于输入验证不当。攻击者可利用该漏洞执行任意的操作系统命令,并提高对系统的权限。
CVSS Information
N/A
Vulnerability Type
N/A