CVE-2024-39379: 
vulnerability analysis and mitigation

Adobe Acrobat for Edge versions 126.0.2592.81 and earlier contain an out-of-bounds read vulnerability identified as CVE-2024-39379. The vulnerability was initially disclosed on July 31, 2024, and requires user interaction through opening a malicious file to be exploited (NVD Database).

The vulnerability is classified as an out-of-bounds read issue (CWE-125) that could lead to disclosure of sensitive memory. The vulnerability has received a CVSS v3.1 base score of 5.5 (Medium), with a vector string of CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N, indicating local access, low attack complexity, no privileges required, and user interaction required (NVD Database).

If successfully exploited, this vulnerability could lead to the disclosure of sensitive memory and potentially enable attackers to bypass security mitigations such as Address Space Layout Randomization (ASLR). The vulnerability primarily affects the confidentiality of the system, with no direct impact on integrity or availability (NVD Database).

Microsoft has addressed this vulnerability in Edge browser version 127.0.2651.74, which includes patches for this and other security issues. Users are strongly advised to update to the latest version of Microsoft Edge to protect against this vulnerability (Security Online).