Risk | High |
Patch available | YES |
Number of vulnerabilities | 86 |
CVE-ID | CVE-2018-15937 CVE-2018-15931 CVE-2018-15930 CVE-2018-15966 CVE-2018-12853 CVE-2018-12855 CVE-2018-15951 CVE-2018-12842 CVE-2018-12881 CVE-2018-12841 CVE-2018-12838 CVE-2018-12835 CVE-2018-12858 CVE-2018-12876 CVE-2018-12769 CVE-2018-12831 CVE-2018-12852 CVE-2018-12863 CVE-2018-12877 CVE-2018-15920 CVE-2018-15924 CVE-2018-12832 CVE-2018-12833 CVE-2018-12836 CVE-2018-12837 CVE-2018-12846 CVE-2018-12847 CVE-2018-12851 CVE-2018-15968 CVE-2018-12834 CVE-2018-12839 CVE-2018-12843 CVE-2018-12844 CVE-2018-12845 CVE-2018-12856 CVE-2018-12857 CVE-2018-12859 CVE-2018-12866 CVE-2018-12867 CVE-2018-12869 CVE-2018-12870 CVE-2018-12871 CVE-2018-12872 CVE-2018-12873 CVE-2018-12874 CVE-2018-12875 CVE-2018-12878 CVE-2018-12879 CVE-2018-12880 CVE-2018-15922 CVE-2018-15923 CVE-2018-15925 CVE-2018-15926 CVE-2018-15927 CVE-2018-15932 CVE-2018-15942 CVE-2018-15943 CVE-2018-15946 CVE-2018-15947 CVE-2018-15948 CVE-2018-15949 CVE-2018-15950 CVE-2018-15953 CVE-2018-15956 CVE-2018-12759 CVE-2018-12860 CVE-2018-12861 CVE-2018-12862 CVE-2018-12864 CVE-2018-12865 CVE-2018-12868 CVE-2018-15928 CVE-2018-15929 CVE-2018-15933 CVE-2018-15934 CVE-2018-15935 CVE-2018-15936 CVE-2018-15938 CVE-2018-15939 CVE-2018-15940 CVE-2018-15941 CVE-2018-15944 CVE-2018-15945 CVE-2018-15952 CVE-2018-15954 CVE-2018-15955 |
CWE-ID | CWE-822 CWE-264 CWE-119 CWE-190 CWE-415 CWE-121 CWE-843 CWE-416 CWE-122 CWE-125 CWE-787 |
Exploitation vector | Network |
Public exploit |
Public exploit code for vulnerability #1 is available. Public exploit code for vulnerability #2 is available. Public exploit code for vulnerability #3 is available. Public exploit code for vulnerability #18 is available. Public exploit code for vulnerability #31 is available. Public exploit code for vulnerability #36 is available. Public exploit code for vulnerability #37 is available. Public exploit code for vulnerability #38 is available. Public exploit code for vulnerability #39 is available. Public exploit code for vulnerability #40 is available. Public exploit code for vulnerability #41 is available. Public exploit code for vulnerability #42 is available. Public exploit code for vulnerability #43 is available. Public exploit code for vulnerability #44 is available. Public exploit code for vulnerability #45 is available. Public exploit code for vulnerability #46 is available. Public exploit code for vulnerability #54 is available. Public exploit code for vulnerability #55 is available. Public exploit code for vulnerability #63 is available. Public exploit code for vulnerability #64 is available. Public exploit code for vulnerability #66 is available. Public exploit code for vulnerability #67 is available. Public exploit code for vulnerability #68 is available. Public exploit code for vulnerability #69 is available. Public exploit code for vulnerability #70 is available. Public exploit code for vulnerability #73 is available. Public exploit code for vulnerability #74 is available. Public exploit code for vulnerability #75 is available. Public exploit code for vulnerability #76 is available. Public exploit code for vulnerability #77 is available. Public exploit code for vulnerability #78 is available. Public exploit code for vulnerability #84 is available. Public exploit code for vulnerability #85 is available. Public exploit code for vulnerability #86 is available. |
Vulnerable software Subscribe |
Adobe Reader Client/Desktop applications / Office applications Adobe Acrobat Client/Desktop applications / Office applications |
Vendor | Adobe |
Security Bulletin
This security bulletin contains information about 86 vulnerabilities.
EUVDB-ID: #VU15144
Risk: High
CVSSv3.1: 7.9 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C]
CVE-ID: CVE-2018-15937
CWE-ID:
CWE-822 - Untrusted Pointer Dereference
Exploit availability: Yes
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, dereference untrusted pointer and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsAdobe Reader: 2015.006.30306 - 2018.011.20063
Adobe Acrobat: 15.006.30306 - 18.011.20063
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb18-30.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
EUVDB-ID: #VU15145
Risk: High
CVSSv3.1: 7.9 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C]
CVE-ID: CVE-2018-15931
CWE-ID:
CWE-822 - Untrusted Pointer Dereference
Exploit availability: Yes
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, dereference untrusted pointer and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsAdobe Reader: 2015.006.30306 - 2018.011.20063
Adobe Acrobat: 15.006.30306 - 18.011.20063
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb18-30.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
EUVDB-ID: #VU15146
Risk: High
CVSSv3.1: 7.9 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C]
CVE-ID: CVE-2018-15930
CWE-ID:
CWE-822 - Untrusted Pointer Dereference
Exploit availability: Yes
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, dereference untrusted pointer and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsAdobe Reader: 2015.006.30306 - 2018.011.20063
Adobe Acrobat: 15.006.30306 - 18.011.20063
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb18-30.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
EUVDB-ID: #VU15147
Risk: High
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-15966
CWE-ID:
CWE-264 - Permissions, Privileges, and Access Controls
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to incorrectly implemented security restrictions when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, bypass implemented security measures and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsAdobe Reader: 2015.006.30306 - 2018.011.20063
Adobe Acrobat: 15.006.30306 - 18.011.20063
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb18-30.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU15143
Risk: High
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-12853
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, trigger memory corruption and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsAdobe Reader: 2015.006.30306 - 2018.011.20063
Adobe Acrobat: 15.006.30306 - 18.011.20063
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb18-30.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU15142
Risk: High
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-12855
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, trigger memory corruption and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsAdobe Reader: 2015.006.30306 - 2018.011.20063
Adobe Acrobat: 15.006.30306 - 18.011.20063
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb18-30.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU15141
Risk: High
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-15951
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, trigger memory corruption and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsAdobe Reader: 2015.006.30306 - 2018.011.20063
Adobe Acrobat: 15.006.30306 - 18.011.20063
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb18-30.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU15140
Risk: Low
CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-12842
CWE-ID:
CWE-190 - Integer overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to sensitive information.
The vulnerability exists due to a boundary error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, trigger integer overflow and gain access to sensitive information stored in memory.
MitigationInstall updates from vendor's website.
Vulnerable software versionsAdobe Reader: 2015.006.30306 - 2018.011.20063
Adobe Acrobat: 15.006.30306 - 18.011.20063
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb18-30.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU15139
Risk: Low
CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-12881
CWE-ID:
CWE-190 - Integer overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to sensitive information.
The vulnerability exists due to a boundary error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, trigger integer overflow and gain access to sensitive information stored in memory.
MitigationInstall updates from vendor's website.
Vulnerable software versionsAdobe Reader: 2015.006.30306 - 2018.011.20063
Adobe Acrobat: 15.006.30306 - 18.011.20063
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb18-30.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU15138
Risk: High
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-12841
CWE-ID:
CWE-415 - Double Free
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, trigger a double free error and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsAdobe Reader: 2015.006.30306 - 2018.011.20063
Adobe Acrobat: 15.006.30306 - 18.011.20063
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb18-30.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU15137
Risk: Low
CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-12838
CWE-ID:
CWE-121 - Stack-based buffer overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to sensitive information.
The vulnerability exists due to a boundary error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, trigger stack overflow and gain access to sensitive information stored in memory.
MitigationInstall updates from vendor's website.
Vulnerable software versionsAdobe Reader: 2015.006.30306 - 2018.011.20063
Adobe Acrobat: 15.006.30306 - 18.011.20063
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb18-30.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU15136
Risk: High
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-12835
CWE-ID:
CWE-843 - Type confusion
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a type confusion error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, trigger type confusion error and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsAdobe Reader: 2015.006.30306 - 2018.011.20063
Adobe Acrobat: 15.006.30306 - 18.011.20063
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb18-30.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU15135
Risk: High
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-12858
CWE-ID:
CWE-843 - Type confusion
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a type confusion error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, trigger type confusion error and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsAdobe Reader: 2015.006.30306 - 2018.011.20063
Adobe Acrobat: 15.006.30306 - 18.011.20063
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb18-30.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU15134
Risk: High
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-12876
CWE-ID:
CWE-843 - Type confusion
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a type confusion error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, trigger type confusion error and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsAdobe Reader: 2015.006.30306 - 2018.011.20063
Adobe Acrobat: 15.006.30306 - 18.011.20063
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb18-30.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU15133
Risk: High
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-12769
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, trigger use-after-free error and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsAdobe Reader: 2015.006.30306 - 2018.011.20063
Adobe Acrobat: 15.006.30306 - 18.011.20063
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb18-30.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU15132
Risk: High
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-12831
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, trigger use-after-free error and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsAdobe Reader: 2015.006.30306 - 2018.011.20063
Adobe Acrobat: 15.006.30306 - 18.011.20063
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb18-30.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU15131
Risk: High
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-12852
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, trigger use-after-free error and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsAdobe Reader: 2015.006.30306 - 2018.011.20063
Adobe Acrobat: 15.006.30306 - 18.011.20063
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb18-30.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU15130
Risk: High
CVSSv3.1: 7.9 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C]
CVE-ID: CVE-2018-12863
CWE-ID:
CWE-416 - Use After Free
Exploit availability: Yes
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, trigger use-after-free error and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsAdobe Reader: 2015.006.30306 - 2018.011.20063
Adobe Acrobat: 15.006.30306 - 18.011.20063
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb18-30.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
EUVDB-ID: #VU15129
Risk: High
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-12877
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, trigger use-after-free error and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsAdobe Reader: 2015.006.30306 - 2018.011.20063
Adobe Acrobat: 15.006.30306 - 18.011.20063
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb18-30.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU15128
Risk: High
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-15920
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, trigger use-after-free error and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsAdobe Reader: 2015.006.30306 - 2018.011.20063
Adobe Acrobat: 15.006.30306 - 18.011.20063
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb18-30.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU15127
Risk: High
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-15924
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, trigger use-after-free error and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsAdobe Reader: 2015.006.30306 - 2018.011.20063
Adobe Acrobat: 15.006.30306 - 18.011.20063
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb18-30.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU15126
Risk: High
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-12832
CWE-ID:
CWE-122 - Heap-based Buffer Overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, trigger heap-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsAdobe Reader: 2015.006.30306 - 2018.011.20063
Adobe Acrobat: 15.006.30306 - 18.011.20063
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb18-30.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU15125
Risk: High
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-12833
CWE-ID:
CWE-122 - Heap-based Buffer Overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, trigger heap-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsAdobe Reader: 2015.006.30306 - 2018.011.20063
Adobe Acrobat: 15.006.30306 - 18.011.20063
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb18-30.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU15124
Risk: High
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-12836
CWE-ID:
CWE-122 - Heap-based Buffer Overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, trigger heap-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsAdobe Reader: 2015.006.30306 - 2018.011.20063
Adobe Acrobat: 15.006.30306 - 18.011.20063
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb18-30.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU15123
Risk: High
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-12837
CWE-ID:
CWE-122 - Heap-based Buffer Overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, trigger heap-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsAdobe Reader: 2015.006.30306 - 2018.011.20063
Adobe Acrobat: 15.006.30306 - 18.011.20063
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb18-30.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU15122
Risk: High
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-12846
CWE-ID:
CWE-122 - Heap-based Buffer Overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, trigger heap-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsAdobe Reader: 2015.006.30306 - 2018.011.20063
Adobe Acrobat: 15.006.30306 - 18.011.20063
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb18-30.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU15121
Risk: High
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-12847
CWE-ID:
CWE-122 - Heap-based Buffer Overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, trigger heap-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsAdobe Reader: 2015.006.30306 - 2018.011.20063
Adobe Acrobat: 15.006.30306 - 18.011.20063
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb18-30.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU15120
Risk: High
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-12851
CWE-ID:
CWE-122 - Heap-based Buffer Overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, trigger heap-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsAdobe Reader: 2015.006.30306 - 2018.011.20063
Adobe Acrobat: 15.006.30306 - 18.011.20063
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb18-30.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU15119
Risk: Low
CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-15968
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to sensitive information.
The vulnerability exists due to a boundary error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, trigger out-of-bounds read and gain access to sensitive information stored in memory.
MitigationInstall updates from vendor's website.
Vulnerable software versionsAdobe Reader: 2015.006.30306 - 2018.011.20063
Adobe Acrobat: 15.006.30306 - 18.011.20063
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb18-30.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU15118
Risk: Low
CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-12834
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to sensitive information.
The vulnerability exists due to a boundary error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, trigger out-of-bounds read and gain access to sensitive information stored in memory.
MitigationInstall updates from vendor's website.
Vulnerable software versionsAdobe Reader: 2015.006.30306 - 2018.011.20063
Adobe Acrobat: 15.006.30306 - 18.011.20063
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb18-30.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU15117
Risk: Low
CVSSv3.1: 3.9 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C]
CVE-ID: CVE-2018-12839
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: Yes
DescriptionThe vulnerability allows a remote attacker to gain access to sensitive information.
The vulnerability exists due to a boundary error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, trigger out-of-bounds read and gain access to sensitive information stored in memory.
MitigationInstall updates from vendor's website.
Vulnerable software versionsAdobe Reader: 2015.006.30306 - 2018.011.20063
Adobe Acrobat: 15.006.30306 - 18.011.20063
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb18-30.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
EUVDB-ID: #VU15116
Risk: Low
CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-12843
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to sensitive information.
The vulnerability exists due to a boundary error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, trigger out-of-bounds read and gain access to sensitive information stored in memory.
MitigationInstall updates from vendor's website.
Vulnerable software versionsAdobe Reader: 2015.006.30306 - 2018.011.20063
Adobe Acrobat: 15.006.30306 - 18.011.20063
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb18-30.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU15115
Risk: Low
CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-12844
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to sensitive information.
The vulnerability exists due to a boundary error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, trigger out-of-bounds read and gain access to sensitive information stored in memory.
MitigationInstall updates from vendor's website.
Vulnerable software versionsAdobe Reader: 2015.006.30306 - 2018.011.20063
Adobe Acrobat: 15.006.30306 - 18.011.20063
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb18-30.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU15114
Risk: Low
CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-12845
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to sensitive information.
The vulnerability exists due to a boundary error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, trigger out-of-bounds read and gain access to sensitive information stored in memory.
MitigationInstall updates from vendor's website.
Vulnerable software versionsAdobe Reader: 2015.006.30306 - 2018.011.20063
Adobe Acrobat: 15.006.30306 - 18.011.20063
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb18-30.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU15113
Risk: Low
CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-12856
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to sensitive information.
The vulnerability exists due to a boundary error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, trigger out-of-bounds read and gain access to sensitive information stored in memory.
MitigationInstall updates from vendor's website.
Vulnerable software versionsAdobe Reader: 2015.006.30306 - 2018.011.20063
Adobe Acrobat: 15.006.30306 - 18.011.20063
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb18-30.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU15112
Risk: Low
CVSSv3.1: 3.9 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C]
CVE-ID: CVE-2018-12857
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: Yes
DescriptionThe vulnerability allows a remote attacker to gain access to sensitive information.
The vulnerability exists due to a boundary error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, trigger out-of-bounds read and gain access to sensitive information stored in memory.
MitigationInstall updates from vendor's website.
Vulnerable software versionsAdobe Reader: 2015.006.30306 - 2018.011.20063
Adobe Acrobat: 15.006.30306 - 18.011.20063
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb18-30.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
EUVDB-ID: #VU15111
Risk: Low
CVSSv3.1: 3.9 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C]
CVE-ID: CVE-2018-12859
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: Yes
DescriptionThe vulnerability allows a remote attacker to gain access to sensitive information.
The vulnerability exists due to a boundary error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, trigger out-of-bounds read and gain access to sensitive information stored in memory.
MitigationInstall updates from vendor's website.
Vulnerable software versionsAdobe Reader: 2015.006.30306 - 2018.011.20063
Adobe Acrobat: 15.006.30306 - 18.011.20063
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb18-30.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
EUVDB-ID: #VU15110
Risk: Low
CVSSv3.1: 3.9 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C]
CVE-ID: CVE-2018-12866
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: Yes
DescriptionThe vulnerability allows a remote attacker to gain access to sensitive information.
The vulnerability exists due to a boundary error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, trigger out-of-bounds read and gain access to sensitive information stored in memory.
MitigationInstall updates from vendor's website.
Vulnerable software versionsAdobe Reader: 2015.006.30306 - 2018.011.20063
Adobe Acrobat: 15.006.30306 - 18.011.20063
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb18-30.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
EUVDB-ID: #VU15109
Risk: Low
CVSSv3.1: 3.9 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C]
CVE-ID: CVE-2018-12867
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: Yes
DescriptionThe vulnerability allows a remote attacker to gain access to sensitive information.
The vulnerability exists due to a boundary error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, trigger out-of-bounds read and gain access to sensitive information stored in memory.
MitigationInstall updates from vendor's website.
Vulnerable software versionsAdobe Reader: 2015.006.30306 - 2018.011.20063
Adobe Acrobat: 15.006.30306 - 18.011.20063
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb18-30.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
EUVDB-ID: #VU15108
Risk: Low
CVSSv3.1: 3.9 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C]
CVE-ID: CVE-2018-12869
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: Yes
DescriptionThe vulnerability allows a remote attacker to gain access to sensitive information.
The vulnerability exists due to a boundary error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, trigger out-of-bounds read and gain access to sensitive information stored in memory.
MitigationInstall updates from vendor's website.
Vulnerable software versionsAdobe Reader: 2015.006.30306 - 2018.011.20063
Adobe Acrobat: 15.006.30306 - 18.011.20063
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb18-30.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
EUVDB-ID: #VU15107
Risk: Low
CVSSv3.1: 3.9 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C]
CVE-ID: CVE-2018-12870
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: Yes
DescriptionThe vulnerability allows a remote attacker to gain access to sensitive information.
The vulnerability exists due to a boundary error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, trigger out-of-bounds read and gain access to sensitive information stored in memory.
MitigationInstall updates from vendor's website.
Vulnerable software versionsAdobe Reader: 2015.006.30306 - 2018.011.20063
Adobe Acrobat: 15.006.30306 - 18.011.20063
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb18-30.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
EUVDB-ID: #VU15106
Risk: Low
CVSSv3.1: 3.9 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C]
CVE-ID: CVE-2018-12871
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: Yes
DescriptionThe vulnerability allows a remote attacker to gain access to sensitive information.
The vulnerability exists due to a boundary error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, trigger out-of-bounds read and gain access to sensitive information stored in memory.
MitigationInstall updates from vendor's website.
Vulnerable software versionsAdobe Reader: 2015.006.30306 - 2018.011.20063
Adobe Acrobat: 15.006.30306 - 18.011.20063
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb18-30.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
EUVDB-ID: #VU15105
Risk: Low
CVSSv3.1: 3.9 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C]
CVE-ID: CVE-2018-12872
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: Yes
DescriptionThe vulnerability allows a remote attacker to gain access to sensitive information.
The vulnerability exists due to a boundary error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, trigger out-of-bounds read and gain access to sensitive information stored in memory.
MitigationInstall updates from vendor's website.
Vulnerable software versionsAdobe Reader: 2015.006.30306 - 2018.011.20063
Adobe Acrobat: 15.006.30306 - 18.011.20063
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb18-30.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
EUVDB-ID: #VU15104
Risk: Low
CVSSv3.1: 3.9 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C]
CVE-ID: CVE-2018-12873
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: Yes
DescriptionThe vulnerability allows a remote attacker to gain access to sensitive information.
The vulnerability exists due to a boundary error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, trigger out-of-bounds read and gain access to sensitive information stored in memory.
MitigationInstall updates from vendor's website.
Vulnerable software versionsAdobe Reader: 2015.006.30306 - 2018.011.20063
Adobe Acrobat: 15.006.30306 - 18.011.20063
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb18-30.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
EUVDB-ID: #VU15103
Risk: Low
CVSSv3.1: 3.9 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C]
CVE-ID: CVE-2018-12874
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: Yes
DescriptionThe vulnerability allows a remote attacker to gain access to sensitive information.
The vulnerability exists due to a boundary error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, trigger out-of-bounds read and gain access to sensitive information stored in memory.
MitigationInstall updates from vendor's website.
Vulnerable software versionsAdobe Reader: 2015.006.30306 - 2018.011.20063
Adobe Acrobat: 15.006.30306 - 18.011.20063
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb18-30.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
EUVDB-ID: #VU15102
Risk: Low
CVSSv3.1: 3.9 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C]
CVE-ID: CVE-2018-12875
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: Yes
DescriptionThe vulnerability allows a remote attacker to gain access to sensitive information.
The vulnerability exists due to a boundary error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, trigger out-of-bounds read and gain access to sensitive information stored in memory.
MitigationInstall updates from vendor's website.
Vulnerable software versionsAdobe Reader: 2015.006.30306 - 2018.011.20063
Adobe Acrobat: 15.006.30306 - 18.011.20063
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb18-30.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
EUVDB-ID: #VU15101
Risk: Low
CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-12878
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to sensitive information.
The vulnerability exists due to a boundary error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, trigger out-of-bounds read and gain access to sensitive information stored in memory.
MitigationInstall updates from vendor's website.
Vulnerable software versionsAdobe Reader: 2015.006.30306 - 2018.011.20063
Adobe Acrobat: 15.006.30306 - 18.011.20063
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb18-30.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU15100
Risk: Low
CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-12879
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to sensitive information.
The vulnerability exists due to a boundary error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, trigger out-of-bounds read and gain access to sensitive information stored in memory.
MitigationInstall updates from vendor's website.
Vulnerable software versionsAdobe Reader: 2015.006.30306 - 2018.011.20063
Adobe Acrobat: 15.006.30306 - 18.011.20063
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb18-30.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU15099
Risk: Low
CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-12880
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to sensitive information.
The vulnerability exists due to a boundary error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, trigger out-of-bounds read and gain access to sensitive information stored in memory.
MitigationInstall updates from vendor's website.
Vulnerable software versionsAdobe Reader: 2015.006.30306 - 2018.011.20063
Adobe Acrobat: 15.006.30306 - 18.011.20063
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb18-30.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU15098
Risk: Low
CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-15922
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to sensitive information.
The vulnerability exists due to a boundary error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, trigger out-of-bounds read and gain access to sensitive information stored in memory.
MitigationInstall updates from vendor's website.
Vulnerable software versionsAdobe Reader: 2015.006.30306 - 2018.011.20063
Adobe Acrobat: 15.006.30306 - 18.011.20063
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb18-30.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU15097
Risk: Low
CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-15923
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to sensitive information.
The vulnerability exists due to a boundary error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, trigger out-of-bounds read and gain access to sensitive information stored in memory.
MitigationInstall updates from vendor's website.
Vulnerable software versionsAdobe Reader: 2015.006.30306 - 2018.011.20063
Adobe Acrobat: 15.006.30306 - 18.011.20063
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb18-30.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU15096
Risk: Low
CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-15925
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to sensitive information.
The vulnerability exists due to a boundary error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, trigger out-of-bounds read and gain access to sensitive information stored in memory.
MitigationInstall updates from vendor's website.
Vulnerable software versionsAdobe Reader: 2015.006.30306 - 2018.011.20063
Adobe Acrobat: 15.006.30306 - 18.011.20063
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb18-30.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU15095
Risk: Low
CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-15926
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to sensitive information.
The vulnerability exists due to a boundary error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, trigger out-of-bounds read and gain access to sensitive information stored in memory.
MitigationInstall updates from vendor's website.
Vulnerable software versionsAdobe Reader: 2015.006.30306 - 2018.011.20063
Adobe Acrobat: 15.006.30306 - 18.011.20063
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb18-30.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU15094
Risk: Low
CVSSv3.1: 3.9 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C]
CVE-ID: CVE-2018-15927
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: Yes
DescriptionThe vulnerability allows a remote attacker to gain access to sensitive information.
The vulnerability exists due to a boundary error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, trigger out-of-bounds read and gain access to sensitive information stored in memory.
MitigationInstall updates from vendor's website.
Vulnerable software versionsAdobe Reader: 2015.006.30306 - 2018.011.20063
Adobe Acrobat: 15.006.30306 - 18.011.20063
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb18-30.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
EUVDB-ID: #VU15093
Risk: Low
CVSSv3.1: 3.9 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C]
CVE-ID: CVE-2018-15932
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: Yes
DescriptionThe vulnerability allows a remote attacker to gain access to sensitive information.
The vulnerability exists due to a boundary error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, trigger out-of-bounds read and gain access to sensitive information stored in memory.
MitigationInstall updates from vendor's website.
Vulnerable software versionsAdobe Reader: 2015.006.30306 - 2018.011.20063
Adobe Acrobat: 15.006.30306 - 18.011.20063
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb18-30.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
EUVDB-ID: #VU15092
Risk: Low
CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-15942
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to sensitive information.
The vulnerability exists due to a boundary error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, trigger out-of-bounds read and gain access to sensitive information stored in memory.
MitigationInstall updates from vendor's website.
Vulnerable software versionsAdobe Reader: 2015.006.30306 - 2018.011.20063
Adobe Acrobat: 15.006.30306 - 18.011.20063
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb18-30.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU15091
Risk: Low
CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-15943
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to sensitive information.
The vulnerability exists due to a boundary error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, trigger out-of-bounds read and gain access to sensitive information stored in memory.
MitigationInstall updates from vendor's website.
Vulnerable software versionsAdobe Reader: 2015.006.30306 - 2018.011.20063
Adobe Acrobat: 15.006.30306 - 18.011.20063
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb18-30.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU15090
Risk: Low
CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-15946
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to sensitive information.
The vulnerability exists due to a boundary error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, trigger out-of-bounds read and gain access to sensitive information stored in memory.
MitigationInstall updates from vendor's website.
Vulnerable software versionsAdobe Reader: 2015.006.30306 - 2018.011.20063
Adobe Acrobat: 15.006.30306 - 18.011.20063
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb18-30.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU15089
Risk: Low
CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-15947
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to sensitive information.
The vulnerability exists due to a boundary error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, trigger out-of-bounds read and gain access to sensitive information stored in memory.
MitigationInstall updates from vendor's website.
Vulnerable software versionsAdobe Reader: 2015.006.30306 - 2018.011.20063
Adobe Acrobat: 15.006.30306 - 18.011.20063
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb18-30.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU15088
Risk: Low
CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-15948
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to sensitive information.
The vulnerability exists due to a boundary error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, trigger out-of-bounds read and gain access to sensitive information stored in memory.
MitigationInstall updates from vendor's website.
Vulnerable software versionsAdobe Reader: 2015.006.30306 - 2018.011.20063
Adobe Acrobat: 15.006.30306 - 18.011.20063
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb18-30.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU15087
Risk: Low
CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-15949
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to sensitive information.
The vulnerability exists due to a boundary error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, trigger out-of-bounds read and gain access to sensitive information stored in memory.
MitigationInstall updates from vendor's website.
Vulnerable software versionsAdobe Reader: 2015.006.30306 - 2018.011.20063
Adobe Acrobat: 15.006.30306 - 18.011.20063
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb18-30.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU15086
Risk: Low
CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-15950
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to sensitive information.
The vulnerability exists due to a boundary error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, trigger out-of-bounds read and gain access to sensitive information stored in memory.
MitigationInstall updates from vendor's website.
Vulnerable software versionsAdobe Reader: 2015.006.30306 - 2018.011.20063
Adobe Acrobat: 15.006.30306 - 18.011.20063
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb18-30.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU15085
Risk: Low
CVSSv3.1: 3.9 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C]
CVE-ID: CVE-2018-15953
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: Yes
DescriptionThe vulnerability allows a remote attacker to gain access to sensitive information.
The vulnerability exists due to a boundary error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, trigger out-of-bounds read and gain access to sensitive information stored in memory.
MitigationInstall updates from vendor's website.
Vulnerable software versionsAdobe Reader: 2015.006.30306 - 2018.011.20063
Adobe Acrobat: 15.006.30306 - 18.011.20063
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb18-30.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
EUVDB-ID: #VU15084
Risk: Low
CVSSv3.1: 3.9 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C]
CVE-ID: CVE-2018-15956
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: Yes
DescriptionThe vulnerability allows a remote attacker to gain access to sensitive information.
The vulnerability exists due to a boundary error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, trigger out-of-bounds read and gain access to sensitive information stored in memory.
MitigationInstall updates from vendor's website.
Vulnerable software versionsAdobe Reader: 2015.006.30306 - 2018.011.20063
Adobe Acrobat: 15.006.30306 - 18.011.20063
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb18-30.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
EUVDB-ID: #VU15083
Risk: High
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-12759
CWE-ID:
CWE-787 - Out-of-bounds write
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, trigger out-of-bounds write and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsAdobe Reader: 2015.006.30306 - 2018.011.20063
Adobe Acrobat: 15.006.30306 - 18.011.20063
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb18-30.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU15082
Risk: High
CVSSv3.1: 7.9 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C]
CVE-ID: CVE-2018-12860
CWE-ID:
CWE-787 - Out-of-bounds write
Exploit availability: Yes
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, trigger out-of-bounds write and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsAdobe Reader: 2015.006.30306 - 2018.011.20063
Adobe Acrobat: 15.006.30306 - 18.011.20063
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb18-30.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
EUVDB-ID: #VU15081
Risk: High
CVSSv3.1: 7.9 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C]
CVE-ID: CVE-2018-12861
CWE-ID:
CWE-787 - Out-of-bounds write
Exploit availability: Yes
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, trigger out-of-bounds write and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsAdobe Reader: 2015.006.30306 - 2018.011.20063
Adobe Acrobat: 15.006.30306 - 18.011.20063
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb18-30.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
EUVDB-ID: #VU15080
Risk: High
CVSSv3.1: 7.9 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C]
CVE-ID: CVE-2018-12862
CWE-ID:
CWE-787 - Out-of-bounds write
Exploit availability: Yes
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, trigger out-of-bounds write and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsAdobe Reader: 2015.006.30306 - 2018.011.20063
Adobe Acrobat: 15.006.30306 - 18.011.20063
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb18-30.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
EUVDB-ID: #VU15079
Risk: High
CVSSv3.1: 7.9 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C]
CVE-ID: CVE-2018-12864
CWE-ID:
CWE-787 - Out-of-bounds write
Exploit availability: Yes
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, trigger out-of-bounds write and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsAdobe Reader: 2015.006.30306 - 2018.011.20063
Adobe Acrobat: 15.006.30306 - 18.011.20063
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb18-30.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
EUVDB-ID: #VU15078
Risk: High
CVSSv3.1: 7.9 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C]
CVE-ID: CVE-2018-12865
CWE-ID:
CWE-787 - Out-of-bounds write
Exploit availability: Yes
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, trigger out-of-bounds write and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsAdobe Reader: 2015.006.30306 - 2018.011.20063
Adobe Acrobat: 15.006.30306 - 18.011.20063
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb18-30.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
EUVDB-ID: #VU15077
Risk: High
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-12868
CWE-ID:
CWE-787 - Out-of-bounds write
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, trigger out-of-bounds write and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsAdobe Reader: 2015.006.30306 - 2018.011.20063
Adobe Acrobat: 15.006.30306 - 18.011.20063
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb18-30.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU15076
Risk: High
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-15928
CWE-ID:
CWE-787 - Out-of-bounds write
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, trigger out-of-bounds write and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsAdobe Reader: 2015.006.30306 - 2018.011.20063
Adobe Acrobat: 15.006.30306 - 18.011.20063
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb18-30.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU15075
Risk: High
CVSSv3.1: 7.9 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C]
CVE-ID: CVE-2018-15929
CWE-ID:
CWE-787 - Out-of-bounds write
Exploit availability: Yes
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, trigger out-of-bounds write and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsAdobe Reader: 2015.006.30306 - 2018.011.20063
Adobe Acrobat: 15.006.30306 - 18.011.20063
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb18-30.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
EUVDB-ID: #VU15074
Risk: High
CVSSv3.1: 7.9 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C]
CVE-ID: CVE-2018-15933
CWE-ID:
CWE-787 - Out-of-bounds write
Exploit availability: Yes
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, trigger out-of-bounds write and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsAdobe Reader: 2015.006.30306 - 2018.011.20063
Adobe Acrobat: 15.006.30306 - 18.011.20063
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb18-30.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
EUVDB-ID: #VU15073
Risk: High
CVSSv3.1: 7.9 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C]
CVE-ID: CVE-2018-15934
CWE-ID:
CWE-787 - Out-of-bounds write
Exploit availability: Yes
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, trigger out-of-bounds write and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsAdobe Reader: 2015.006.30306 - 2018.011.20063
Adobe Acrobat: 15.006.30306 - 18.011.20063
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb18-30.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
EUVDB-ID: #VU15072
Risk: High
CVSSv3.1: 7.9 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C]
CVE-ID: CVE-2018-15935
CWE-ID:
CWE-787 - Out-of-bounds write
Exploit availability: Yes
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, trigger out-of-bounds write and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsAdobe Reader: 2015.006.30306 - 2018.011.20063
Adobe Acrobat: 15.006.30306 - 18.011.20063
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb18-30.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
EUVDB-ID: #VU15071
Risk: High
CVSSv3.1: 7.9 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C]
CVE-ID: CVE-2018-15936
CWE-ID:
CWE-787 - Out-of-bounds write
Exploit availability: Yes
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, trigger out-of-bounds write and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsAdobe Reader: 2015.006.30306 - 2018.011.20063
Adobe Acrobat: 15.006.30306 - 18.011.20063
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb18-30.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
EUVDB-ID: #VU15070
Risk: High
CVSSv3.1: 7.9 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C]
CVE-ID: CVE-2018-15938
CWE-ID:
CWE-787 - Out-of-bounds write
Exploit availability: Yes
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, trigger out-of-bounds write and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsAdobe Reader: 2015.006.30306 - 2018.011.20063
Adobe Acrobat: 15.006.30306 - 18.011.20063
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb18-30.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
EUVDB-ID: #VU15069
Risk: High
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-15939
CWE-ID:
CWE-787 - Out-of-bounds write
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, trigger out-of-bounds write and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsAdobe Reader: 2015.006.30306 - 2018.011.20063
Adobe Acrobat: 15.006.30306 - 18.011.20063
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb18-30.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU15068
Risk: High
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-15940
CWE-ID:
CWE-787 - Out-of-bounds write
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, trigger out-of-bounds write and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsAdobe Reader: 2015.006.30306 - 2018.011.20063
Adobe Acrobat: 15.006.30306 - 18.011.20063
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb18-30.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU15067
Risk: High
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-15941
CWE-ID:
CWE-787 - Out-of-bounds write
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, trigger out-of-bounds write and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsAdobe Reader: 2015.006.30306 - 2018.011.20063
Adobe Acrobat: 15.006.30306 - 18.011.20063
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb18-30.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU15066
Risk: High
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-15944
CWE-ID:
CWE-787 - Out-of-bounds write
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, trigger out-of-bounds write and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsAdobe Reader: 2015.006.30306 - 2018.011.20063
Adobe Acrobat: 15.006.30306 - 18.011.20063
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb18-30.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU15065
Risk: High
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-15945
CWE-ID:
CWE-787 - Out-of-bounds write
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, trigger out-of-bounds write and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsAdobe Reader: 2015.006.30306 - 2018.011.20063
Adobe Acrobat: 15.006.30306 - 18.011.20063
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb18-30.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU15064
Risk: High
CVSSv3.1: 7.9 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C]
CVE-ID: CVE-2018-15952
CWE-ID:
CWE-787 - Out-of-bounds write
Exploit availability: Yes
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, trigger out-of-bounds write and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsAdobe Reader: 2015.006.30306 - 2018.011.20063
Adobe Acrobat: 15.006.30306 - 18.011.20063
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb18-30.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
EUVDB-ID: #VU15063
Risk: High
CVSSv3.1: 7.9 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C]
CVE-ID: CVE-2018-15954
CWE-ID:
CWE-787 - Out-of-bounds write
Exploit availability: Yes
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, trigger out-of-bounds write and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsAdobe Reader: 2015.006.30306 - 2018.011.20063
Adobe Acrobat: 15.006.30306 - 18.011.20063
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb18-30.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
EUVDB-ID: #VU15062
Risk: High
CVSSv3.1: 7.9 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C]
CVE-ID: CVE-2018-15955
CWE-ID:
CWE-787 - Out-of-bounds write
Exploit availability: Yes
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, trigger out-of-bounds write and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsAdobe Reader: 2015.006.30306 - 2018.011.20063
Adobe Acrobat: 15.006.30306 - 18.011.20063
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb18-30.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.