Share
## https://sploitus.com/exploit?id=6A5A58AE-38FC-5D0C-8009-59012478F29E
# CVE-2021-45067

This bug was `Out of Bounds Read` caused by treating `ANSI` string as `Unicode` which can be exploited to leak sensitive information from the sandboxed adobe reader process.

## Blog

- [Adobe Reader - XFA - ANSI - Unicode Confusion Information Leak](https://www.hacksys.io/blogs/adobe-reader-xfa-ansi-unicode-confusion-information-leak)

## Advisory

-   [CVE-2021-45067](https://hacksys.io/advisories/HI-2021-002)

## Demo

[![Adobe Reader - XFA - ANSI - Unicode Confusion Information Leak Exploit](https://img.youtube.com/vi/2QNmhwN_I4w/0.jpg)](https://www.youtube.com/watch?v=2QNmhwN_I4w)