Security Bulletin for Adobe Acrobat and Reader | APSB20-13
Bulletin ID Date Published Priority
APSB20-13 March 17, 2020 2

Summary

Adobe has released security updates for Adobe Acrobat and Reader for Windows and macOS. These updates address critical and important vulnerabilities. Successful exploitation could lead to arbitrary code execution in the context of the current user. 

Affected Versions

Product Track Affected Versions Platform
Acrobat DC  Continuous 

2020.006.20034 and earlier versions  Windows & macOS
Acrobat Reader DC Continuous  2020.006.20034 and earlier versions 
Windows & macOS
       
Acrobat 2017 Classic 2017 2017.011.30158  and earlier versions  Windows & macOS
Acrobat Reader 2017 Classic 2017 2017.011.30158 and earlier versions Windows & macOS
       
Acrobat 2015  Classic 2015 2015.006.30510 and earlier versions Windows & macOS
Acrobat Reader 2015 Classic 2015 2015.006.30510 and earlier versions Windows & macOS

Solution

Adobe recommends users update their software installations to the latest versions by following the instructions below.    

The latest product versions are available to end users via one of the following methods:    

  • Users can update their product installations manually by choosing Help > Check for Updates.     

  • The products will update automatically, without requiring user intervention, when updates are detected.      

  • The full Acrobat Reader installer can be downloaded from the Acrobat Reader Download Center.     

For IT administrators (managed environments):     

  • Download the enterprise installers from ftp://ftp.adobe.com/pub/adobe/, or refer to the specific release note version for links to installers.     

  • Install updates via your preferred methodology, such as AIP-GPO, bootstrapper, SCUP/SCCM (Windows), or on macOS, Apple Remote Desktop and SSH.     

   

Adobe categorizes these updates with the following priority ratings and recommends users update their installation to the newest version:    

Product Track Updated Versions Platform Priority Rating Availability
Acrobat DC Continuous 2020.006.20042 Windows and macOS 2

Windows    

macOS  

Acrobat Reader DC Continuous 2020.006.20042
Windows and macOS 2

Windows


macOS

           
Acrobat 2017 Classic 2017 2017.011.30166 Windows and macOS 2

Windows

macOS

Acrobat Reader 2017 Classic 2017 2017.011.30166 Windows and macOS 2

Windows

macOS

           
Acrobat 2015 Classic 2015 2015.006.30518 Windows and macOS 2

Windows

macOS

Acrobat Reader 2015 Classic 2015 2015.006.30518 Windows and macOS 2

Windows

macOS

Vulnerability Details

Vulnerability Category Vulnerability Impact Severity CVE Number
Out-of-bounds read   Information Disclosure   Important   

CVE-2020-3804

CVE-2020-3806

Out-of-bounds write
Arbitrary Code Execution      Critical CVE-2020-3795
Stack-based buffer overflow
Arbitrary Code Execution      Critical CVE-2020-3799

Use-after-free Arbitrary Code Execution  Critical

CVE-2020-3792

CVE-2020-3793

CVE-2020-3801

CVE-2020-3802

CVE-2020-3805

Memory address leak  
Information Disclosure  
Important  
CVE-2020-3800
Buffer overflow
Arbitrary Code Execution 
Critical
CVE-2020-3807
Memory corruption
Arbitrary Code Execution 
Critical
CVE-2020-3797
Insecure library loading (DLL hijacking)
Privilege Escalation
Important  
CVE-2020-3803

Acknowledgements

Adobe would like to thank the following individuals and organizations for reporting the relevant issues and for working with Adobe to help protect our customers:    

  • hungtt28 of Viettel Cyber Security working with Trend Micro Zero Day Initiative (CVE-2020-3802)
  • Huw Pigott of Shearwater Solutions, a CyberCX company (CVE-2020-3803)
  • Duy Phan Thanh (bit) of STAR Labs (CVE-2020-3800, CVE-2020-3801)
  • Ke Liu of Tencent Security Xuanwu Lab (CVE-2020-3804, CVE-2020-3805)
  • STARLabs @PTDuy during the Tianfu Cup competition (CVE-2020-3793)
  • T Sung Ta (@Mipu94) of SEFCOM Lab, Arizona State University (CVE-2020-3792)
  • Xinyu Wan, Yiwei Zhang and Wei You from Renmin University of China (CVE-2020-3806, CVE-2020-3807, CVE-2020-3795, CVE-2020-3797)
  • Xu Peng and Su Purui from TCA/SKLCS Institute of Software Chinese Academy of Sciences and Wang Yanhao from QiAnXin Technology Research Institute (CVE-2020-3799)