Adobe Acrobat Reader DC 19.21.20058.31925 - Local Code Execution via DLL hijacking

2020.02.03

Nir Yehoshua (IL)

Risk: Medium

Local: Yes

Remote: No

CVE: N/A

CWE: N/A

Title: Adobe Acrobat Reader DC 19.21.20058.31925 - Local Code Execution via DLL hijacking
Date: 2020-02-02
Author: Nir Yehoshua
Vendor: https://www.adobe.com/
Product: https://get.adobe.com/reader/
Tested on: Windows Windows 10 x64 [eng]


Description:

A local DLL hijacking vulnerability has been discovered in Adobe Acrobat Reader DC 19.21.20058.31925.
The issue allows local attackers to load their DLL into AcroRd32.exe and execute the DLL.

Vulnerable Library:
kbdus.dll

See this note in RAW Version

Vote for this issue:

50%

Thanks for you vote!

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.

Nick (*)

Email (*)

Video

Text (*)

(*) - required fields.

{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1

{{ x.comment }}

Adobe Acrobat Reader DC 19.21.20058.31925 - Local Code Execution via DLL hijacking

Thanks for you vote!

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.