### [CVE-2021-40728](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40728)
![](https://img.shields.io/static/v1?label=Product&message=Acrobat%20Reader&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=unspecified%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=Use%20After%20Free%20(CWE-416)&color=brightgreen)

### Description

Adobe Acrobat Reader DC version 21.007.20095 (and earlier), 21.007.20096 (and earlier), 20.004.30015 (and earlier), and 17.011.30202 (and earlier) is affected by a use-after-free vulnerability in the processing of the GetURL function on a global object window that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

### POC

#### Reference
No PoCs from references.

#### Github
- https://github.com/ARPSyndicate/cvemon
- https://github.com/zanezhub/PIA-PC