Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Adobe Acrobat Reader Missing Custom Protocols in Warning Message Prompts
Vulnerability Description
Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (and earlier) and 17.011.30204 (and earlier) are affected by a Violation of Secure Design Principles that could lead to a Security feature bypass. Acrobat Reader DC displays a warning message when a user clicks on a PDF file, which could be used by an attacker to mislead the user. In affected versions, this warning message does not include custom protocols when used by the sender. User interaction is required to abuse this vulnerability as they would need to click 'allow' on the warning message of a malicious file.
CVSS Information
CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N
Vulnerability Type
违背安全设计原则
Vulnerability Title
Adobe Acrobat and Reader DC 安全漏洞
Vulnerability Description
Adobe Acrobat and Reader DC是美国Adobe公司的有一个PDF创建程序。提供了一个PDF 创建程序。 Adobe Acrobat and Reader DC 存在安全漏洞,该漏洞对用户提供的输入的验证不充分。远程攻击者可以诱骗受害者打开特制的 PDF 文件并获得对敏感信息的访问权限。
CVSS Information
N/A
Vulnerability Type
N/A