CVE-2023-38238

Summary

CVE-2023-38238 is a Use-After-Free vulnerability affecting Adobe Acrobat Reader versions 23.003.20244 and earlier, as well as 20.005.30467 and earlier. This issue can result in the disclosure of sensitive memory, potentially allowing an attacker to bypass Address Space Layout Randomization (ASLR) mitigations. The vulnerability is triggered when the software fails to properly manage memory resources, leading to a memory location being used after it has been freed. Exploitation requires user interaction, meaning a victim must open a specially crafted file for an attack to be successful.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.