|CVSS SCORE||6.8, (AV:N/AC:M/Au:N/C:P/I:P/A:P)|
Acrobat Reader DC
The specific flaw exists within handling URL's passed to app.launchURL. A specially crafted cURL passed to app.launchURL can force a command to be executed. A remote attacker could exploit this vulnerability to execute arbitrary code in the context of the process.
Adobe has issued an update to correct this vulnerability. More details can be found at:
|CREDIT||AbdulAziz Hariri - HPE Zero Day Initiative