ID CVE-2018-4918
Summary Adobe Acrobat and Reader versions 2018.009.20050 and earlier, 2017.011.30070 and earlier, 2015.006.30394 and earlier have an exploitable out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.
References
Vulnerable Configurations
  • cpe:2.3:a:adobe:acrobat_2017:2017.011.30070
    cpe:2.3:a:adobe:acrobat_2017:2017.011.30070
  • cpe:2.3:a:adobe:acrobat_dc:2015.006.30394:-:-:-:classic
    cpe:2.3:a:adobe:acrobat_dc:2015.006.30394:-:-:-:classic
  • cpe:2.3:a:adobe:acrobat_dc:2018.009.20050:-:-:-:continuous
    cpe:2.3:a:adobe:acrobat_dc:2018.009.20050:-:-:-:continuous
  • cpe:2.3:a:adobe:acrobat_reader_2017:2017.011.30070
    cpe:2.3:a:adobe:acrobat_reader_2017:2017.011.30070
  • cpe:2.3:a:adobe:acrobat_reader_dc:2015.006.30394:-:-:-:classic
    cpe:2.3:a:adobe:acrobat_reader_dc:2015.006.30394:-:-:-:classic
  • cpe:2.3:a:adobe:acrobat_reader_dc:2018.009.20050:-:-:-:continuous
    cpe:2.3:a:adobe:acrobat_reader_dc:2018.009.20050:-:-:-:continuous
CVSS
Base: 10.0
Impact:
Exploitability:
CWE CWE-787
CAPEC
nessus via4
  • NASL family MacOS X Local Security Checks
    NASL id MACOSX_ADOBE_READER_APSB18-02.NASL
    description The version of Adobe Reader installed on the remote macOS or Mac OS X host is a version prior to 2015.006.30416, 2017.011.30078, or 2018.011.20035. It is, therefore, affected by multiple vulnerabilities. Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.
    last seen 2019-02-21
    modified 2018-07-14
    plugin id 106848
    published 2018-02-15
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=106848
    title Adobe Reader < 2015.006.30416 / 2017.011.30078 / 2018.011.20035 Multiple Vulnerabilities (APSB18-02) (macOS)
  • NASL family MacOS X Local Security Checks
    NASL id MACOSX_ADOBE_ACROBAT_APSB18-02.NASL
    description The version of Adobe Acrobat installed on the remote macOS or Mac OS X host is a version prior to 2015.006.30416, 2017.011.30078, or 2018.011.20035. It is, therefore, affected by multiple vulnerabilities. Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.
    last seen 2019-02-21
    modified 2018-07-14
    plugin id 106847
    published 2018-02-15
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=106847
    title Adobe Acrobat < 2015.006.30416 / 2017.011.30078 / 2018.011.20035 Multiple Vulnerabilities (APSB18-02) (macOS)
  • NASL family Windows
    NASL id ADOBE_ACROBAT_APSB18-02.NASL
    description The version of Adobe Acrobat installed on the remote Windows host is a version prior to 2015.006.30413, 2017.011.30078, or 2018.011.20035. It is, therefore, affected by multiple vulnerabilities. Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.
    last seen 2019-02-21
    modified 2019-01-30
    plugin id 106845
    published 2018-02-15
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=106845
    title Adobe Acrobat < 2015.006.30413 / 2017.011.30078 / 2018.011.20035 Multiple Vulnerabilities (APSB18-02)
  • NASL family Windows
    NASL id ADOBE_READER_APSB18-02.NASL
    description The version of Adobe Reader installed on the remote Windows host is a version prior or equal to 2015.006.30394, 2017.011.30070, or 2018.009.20050. It is, therefore, affected by multiple vulnerabilities. Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.
    last seen 2019-02-21
    modified 2019-01-30
    plugin id 106846
    published 2018-02-15
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=106846
    title Adobe Reader <= 2015.006.30394 / 2017.011.30070 / 2018.009.20050 Multiple Vulnerabilities (APSB18-02)
refmap via4
bid 102994
misc https://helpx.adobe.com/security/products/acrobat/apsb18-02.html
sectrack 1040364
Last major update 19-05-2018 - 13:29
Published 19-05-2018 - 13:29
Last modified 25-06-2018 - 09:16
Back to Top