A remote attacker can craft a malicious PDF document. If a user opens this document using Adobe Reader version 20.013.20074 or earlier, the heap overflow is triggered, allowing the attacker to execute code with the same privileges as the user.
In security research and CTF (Capture The Flag) contexts, a file named 2020.013.20074.rar likely contains a proof-of-concept (PoC) exploit or a sample of malware designed to target this specific vulnerable version. 2020.013.20074.rar
The version refers to a specific "Out-of-cycle" security update for Adobe Acrobat and Reader DC (Continuous Track) released on December 9, 2020 . A remote attacker can craft a malicious PDF document
This version of Adobe Reader is famously associated with several critical vulnerabilities, most notably , which was reported to be exploited in the wild. Vulnerability Type: Heap-based Buffer Overflow. Impact: Arbitrary Code Execution (ACE). The version refers to a specific "Out-of-cycle" security
This version was also susceptible to Use-After-Free (UAF) vulnerabilities (e.g., CVE-2021-21033). For instance, a concurrency issue in the search.query JavaScript API could lead to a UAF condition. 20.013.20074 Out of cycle update, Adobe
