=====================================================================

                             CERT-Renater

                 Note d'Information No. 2021/VULN467
_____________________________________________________________________

DATE                : 15/09/2021

HARDWARE PLATFORM(S): /

OPERATING SYSTEM(S): Systems running Adobe Acrobat, Adobe Reader
     versions prior to 2021.007.20091, 2020.004.30015, 2017.011.30202.

=====================================================================
https://helpx.adobe.com/security/products/acrobat/apsb21-55.html
_____________________________________________________________________


Last updated on Sep 14, 2021

Security update available for Adobe Acrobat and Reader | APSB21-55

Bulletin ID        Date Published         Priority

APSB21-55          September 14, 2021     2


Summary

Adobe has released security updates for Adobe Acrobat and Reader for
Windows and macOS. These updates address  multiple critical, important
and moderate vulnerabilities. Successful exploitation could lead
to arbitrary code execution in the context of the current user. 


Affected Versions

Product         Track     Affected Versions    Platform

Acrobat DC   Continuous     2021.005.20060 and earlier versions         
	Windows

Acrobat Reader DC    Continuous    2021.005.20060 and earlier versions
Windows

Acrobat DC    Continuous     2021.005.20058 and earlier versions
macOS

Acrobat Reader DC    Continuous    2021.005.20058 and earlier versions
macOS

Acrobat 2020    Classic 2020   2020.004.30006 and earlier versions
Windows & macOS

Acrobat Reader 2020   Classic 2020   2020.004.30006 and earlier versions
Windows & macOS

Acrobat 2017    Classic 2017    2017.011.30199  and earlier versions
Windows & macOS

Acrobat Reader 2017   Classic 2017  2017.011.30199  and earlier versions
Windows & macOS


Solution

Adobe recommends users update their software installations to the latest
versions by following the instructions below.    

The latest product versions are available to end users via one of the
following methods:    

    Users can update their product installations manually by choosing
Help > Check for Updates.     

    The products will update automatically, without requiring user
intervention, when updates are detected.     

    The full Acrobat Reader installer can be downloaded from the Acrobat
Reader Download Center.     


For IT administrators (managed environments):     

    Refer to the specific release note version for links to
installers.     

    Install updates via your preferred methodology, such as AIP-GPO,
bootstrapper, SCUP/SCCM (Windows), or on macOS, Apple Remote Desktop and
SSH.    


Adobe categorizes these updates with the following priority ratings and
recommends users update their installation to the newest version:    

Product  Track   Updated Versions   Platform   Priority Rating Availability

Acrobat DC    Continuous    2021.007.20091     Windows and macOS    2
Release Notes

Acrobat Reader DC   Continuous   2021.007.20091    Windows and macOS   2
Release Notes

Acrobat 2020    Classic 2020    2020.004.30015    Windows and macOS    2
Release Notes

Acrobat Reader 2020   Classic 2020   2020.004.30015  Windows and macOS 2
Release Notes

Acrobat 2017    Classic 2017    2017.011.30202   Windows and macOS   2
Release Notes

Acrobat Reader 2017   Classic 2017   2017.011.30202  Windows and macOS 2
Release Notes



Vulnerability Details

Vulnerability Category 	Vulnerability Impact 	Severity 	CVSS base score
   CVSS vector    CVE Number

Type Confusion (CWE-843)    Arbitrary code execution   Critical   7.8
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H   CVE-2021-39841

Heap-based Buffer Overflow   (CWE-122)   Arbitrary code execution
Critical    8.8    CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2021-39863

Information Exposure   (CWE-200)    Arbitrary file system read
Moderate    3.8    CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N
CVE-2021-39857   CVE-2021-39856    CVE-2021-39855

Out-of-bounds Read    (CWE-125)    Memory leak    Critical    7.7
CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:C/C:N/I:L/A:H    CVE-2021-39844

Out-of-bounds Read    (CWE-125)    Memory leak    Important   5.3
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L    CVE-2021-39861

Out-of-bounds Read    (CWE-125)    Arbitrary file system read
Moderate    3.3    CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
CVE-2021-39858

Out-of-bounds Write    (CWE-787)    Memory leak    Critical   7.8
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H    CVE-2021-39843

Stack-based Buffer Overflow    (CWE-121)    Arbitrary code execution
Critical     7.7    CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:C/C:N/I:L/A:H
CVE-2021-39846    CVE-2021-39845

Uncontrolled Search Path Element    (CWE-427)   Arbitrary code execution
Important    7.3    CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
CVE-2021-35982

Use After Free    (CWE-416)    Arbitrary code execution    Important
4.4     CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:N    CVE-2021-39859

Use After Free    (CWE-416)    Arbitrary code execution    Critical
7.8    CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H    CVE-2021-39840
CVE-2021-39842    CVE-2021-39839    CVE-2021-39838    CVE-2021-39837
CVE-2021-39836

NULL Pointer Dereference (CWE-476)    Memory leak    Important    5.3
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L     CVE-2021-39860

NULL Pointer Dereference (CWE-476)    Application denial-of-service
Critical     7.2    CVSS:3.0/AV:L/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H
CVE-2021-39852

NULL Pointer Dereference (CWE-476)    Application denial-of-service
Important    5.5    CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2021-39854    CVE-2021-39853    CVE-2021-39850    CVE-2021-39849

NULL Pointer Dereference (CWE-476)    Application denial-of-service
Important     6.6    CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:L
CVE-2021-39851


Acknowledgements

Adobe would like to thank the following for reporting the
relevant issues and for working with Adobe to help protect our
customers:  

    Mark Vincent Yason (@MarkYason) working with Trend Micro Zero Day
     Initiative (CVE-2021-39841, CVE-2021-39836, CVE-2021-39837,
     CVE-2021-39838, CVE-2021-39839, CVE-2021-39840)
    Haboob labs (CVE-2021-39859, CVE-2021-39860, CVE-2021-39861,
     CVE-2021-39843, CVE-2021-39844, CVE-2021-39845, CVE-2021-39846)
    Robert Chen (deepsurface-robert) (CVE-2021-35982)
    xu peng (xupeng_1231) (CVE-2021-39854, CVE-2021-39853,
     "CVE-2021-39852, CVE-2021-39851, "CVE-2021-39850, "CVE-2021-39849)
    j00sean (CVE-2021-39857, CVE-2021-39856, CVE-2021-39855,
     CVE-2021-39842)
    Andrei Stefan from Exodus Intelligence (exodusintel.com)
     (CVE-2021-39863)
    Qiao Li Of Baidu Security Lab working with Trend Micro Zero Day
     Initiative (CVE-2021-39858)

For more information, visit https://helpx.adobe.com/security.html, or
email PSIRT@adobe.com.


=========================================================
+ CERT-RENATER       |    tel : 01-53-94-20-44          +
+ 23/25 Rue Daviel   |    fax : 01-53-94-20-41          +
+ 75013 Paris        |    email:cert@support.renater.fr +
=========================================================