Multiple vulnerabilities in Adobe Reader and Acrobat



Published: 2018-12-11 | Updated: 2019-02-12
Risk High
Patch available YES
Number of vulnerabilities 86
CVE-ID CVE-2018-15998
CVE-2018-15987
CVE-2018-16004
CVE-2018-19720
CVE-2018-16045
CVE-2018-16044
CVE-2018-19715
CVE-2018-19713
CVE-2018-19708
CVE-2018-19707
CVE-2018-19700
CVE-2018-19698
CVE-2018-16046
CVE-2018-16040
CVE-2018-16039
CVE-2018-16037
CVE-2018-16036
CVE-2018-16029
CVE-2018-16027
CVE-2018-16026
CVE-2018-16025
CVE-2018-16014
CVE-2018-16011
CVE-2018-16008
CVE-2018-16003
CVE-2018-15994
CVE-2018-15993
CVE-2018-15992
CVE-2018-15991
CVE-2018-15990
CVE-2018-19702
CVE-2018-16016
CVE-2018-16000
CVE-2018-15999
CVE-2018-15988
CVE-2018-19716
CVE-2018-16021
CVE-2018-12830
CVE-2018-19717
CVE-2018-19714
CVE-2018-19712
CVE-2018-19711
CVE-2018-19710
CVE-2018-19709
CVE-2018-19706
CVE-2018-19705
CVE-2018-19704
CVE-2018-19703
CVE-2018-19701
CVE-2018-19699
CVE-2018-16047
CVE-2018-16043
CVE-2018-16041
CVE-2018-16038
CVE-2018-16035
CVE-2018-16034
CVE-2018-16033
CVE-2018-16032
CVE-2018-16031
CVE-2018-16030
CVE-2018-16028
CVE-2018-16024
CVE-2018-16023
CVE-2018-16022
CVE-2018-16020
CVE-2018-16019
CVE-2018-16017
CVE-2018-16015
CVE-2018-16013
CVE-2018-16012
CVE-2018-16010
CVE-2018-16006
CVE-2018-16005
CVE-2018-16002
CVE-2018-16001
CVE-2018-15997
CVE-2018-15996
CVE-2018-15989
CVE-2018-15985
CVE-2018-15984
CVE-2018-19719
CVE-2018-16009
CVE-2018-16007
CVE-2018-15995
CVE-2018-15986
CVE-2018-16042
CWE-ID CWE-119
CWE-822
CWE-264
CWE-416
CWE-787
CWE-122
CWE-125
CWE-190
Exploitation vector Network
Public exploit N/A
Vulnerable software
Subscribe
Adobe Acrobat
Client/Desktop applications / Office applications

Adobe Reader
Client/Desktop applications / Office applications

Vendor Adobe

Security Bulletin

This security bulletin contains information about 86 vulnerabilities.

1) Memory corruption

EUVDB-ID: #VU16356

Risk: High

CVSSv3.1: 8.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2018-15998

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, trigger memory corruption and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

The vulnerability has been addressed in the versions 2015.006.30461, 2017.011.30110, 2019.010.20064.

Vulnerable software versions

Adobe Acrobat: 15.006.30306 - 19.008.20081

Adobe Reader: 2015.006.30306 - 2019.008.20081

External links

http://helpx.adobe.com/security/products/acrobat/apsb18-41.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Memory corruption

EUVDB-ID: #VU16357

Risk: High

CVSSv3.1: 8.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2018-15987

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, trigger memory corruption and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

The vulnerability has been addressed in the versions 2015.006.30461, 2017.011.30110, 2019.010.20064.

Vulnerable software versions

Adobe Acrobat: 15.006.30306 - 19.008.20081

Adobe Reader: 2015.006.30306 - 2019.008.20081

External links

http://helpx.adobe.com/security/products/acrobat/apsb18-41.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

3) Untrusted pointer dereference

EUVDB-ID: #VU16361

Risk: High

CVSSv3.1: 8.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2018-16004

CWE-ID: CWE-822 - Untrusted Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, dereference untrusted pointer and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

The vulnerability has been addressed in the versions 2015.006.30461, 2017.011.30110, 2019.010.20064.

Vulnerable software versions

Adobe Acrobat: 15.006.30306 - 19.008.20081

Adobe Reader: 2015.006.30306 - 2019.008.20081

External links

http://helpx.adobe.com/security/products/acrobat/apsb18-41.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

4) Untrusted pointer dereference

EUVDB-ID: #VU16362

Risk: High

CVSSv3.1: 8.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2018-19720

CWE-ID: CWE-822 - Untrusted Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, dereference untrusted pointer and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

The vulnerability has been addressed in the versions 2015.006.30461, 2017.011.30110, 2019.010.20064.

Vulnerable software versions

Adobe Acrobat: 15.006.30306 - 19.008.20081

Adobe Reader: 2015.006.30306 - 2019.008.20081

External links

http://helpx.adobe.com/security/products/acrobat/apsb18-41.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

5) Privilege escalation

EUVDB-ID: #VU16392

Risk: Low

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2018-16045

CWE-ID: CWE-264 - Permissions, Privileges, and Access Controls

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain elevated privileges on the target system.

The weakness exists due to improper privileges and access controls. A remote attacker can trick the victim into opening a specially crafted .pdf file, bypass security restrictions and gain elevated privileges to conduct further attacks.

Mitigation

The vulnerability has been addressed in the versions 2015.006.30461, 2017.011.30110, 2019.010.20064.

Vulnerable software versions

Adobe Acrobat: 15.006.30306 - 19.008.20081

Adobe Reader: 2015.006.30306 - 2019.008.20081

External links

http://helpx.adobe.com/security/products/acrobat/apsb18-41.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

6) Privilege escalation

EUVDB-ID: #VU16393

Risk: Low

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2018-16044

CWE-ID: CWE-264 - Permissions, Privileges, and Access Controls

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain elevated privileges on the target system.

The weakness exists due to improper privileges and access controls. A remote attacker can trick the victim into opening a specially crafted .pdf file, bypass security restrictions and gain elevated privileges to conduct further attacks.

Mitigation

The vulnerability has been addressed in the versions 2015.006.30461, 2017.011.30110, 2019.010.20064.

Vulnerable software versions

Adobe Acrobat: 15.006.30306 - 19.008.20081

Adobe Reader: 2015.006.30306 - 2019.008.20081

External links

http://helpx.adobe.com/security/products/acrobat/apsb18-41.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

7) Use-after-free error

EUVDB-ID: #VU16368

Risk: High

CVSSv3.1: 8.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2018-19715

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, trigger use-after-free error and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

The vulnerability has been addressed in the versions 2015.006.30461, 2017.011.30110, 2019.010.20064.

Vulnerable software versions

Adobe Acrobat: 15.006.30306 - 19.008.20081

Adobe Reader: 2015.006.30306 - 2019.008.20081

External links

http://helpx.adobe.com/security/products/acrobat/apsb18-41.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

8) Use-after-free error

EUVDB-ID: #VU16369

Risk: High

CVSSv3.1: 8.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2018-19713

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, trigger use-after-free error and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

The vulnerability has been addressed in the versions 2015.006.30461, 2017.011.30110, 2019.010.20064.

Vulnerable software versions

Adobe Acrobat: 15.006.30306 - 19.008.20081

Adobe Reader: 2015.006.30306 - 2019.008.20081

External links

http://helpx.adobe.com/security/products/acrobat/apsb18-41.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

9) Use-after-free error

EUVDB-ID: #VU16370

Risk: High

CVSSv3.1: 8.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2018-19708

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, trigger use-after-free error and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

The vulnerability has been addressed in the versions 2015.006.30461, 2017.011.30110, 2019.010.20064.

Vulnerable software versions

Adobe Acrobat: 15.006.30306 - 19.008.20081

Adobe Reader: 2015.006.30306 - 2019.008.20081

External links

http://helpx.adobe.com/security/products/acrobat/apsb18-41.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

10) Use-after-free error

EUVDB-ID: #VU16371

Risk: High

CVSSv3.1: 8.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2018-19707

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, trigger use-after-free error and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

The vulnerability has been addressed in the versions 2015.006.30461, 2017.011.30110, 2019.010.20064.

Vulnerable software versions

Adobe Acrobat: 15.006.30306 - 19.008.20081

Adobe Reader: 2015.006.30306 - 2019.008.20081

External links

http://helpx.adobe.com/security/products/acrobat/apsb18-41.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

11) Use-after-free error

EUVDB-ID: #VU16372

Risk: High

CVSSv3.1: 8.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2018-19700

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, trigger use-after-free error and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

The vulnerability has been addressed in the versions 2015.006.30461, 2017.011.30110, 2019.010.20064.

Vulnerable software versions

Adobe Acrobat: 15.006.30306 - 19.008.20081

Adobe Reader: 2015.006.30306 - 2019.008.20081

External links

http://helpx.adobe.com/security/products/acrobat/apsb18-41.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

12) Use-after-free error

EUVDB-ID: #VU16373

Risk: High

CVSSv3.1: 8.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2018-19698

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, trigger use-after-free error and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

The vulnerability has been addressed in the versions 2015.006.30461, 2017.011.30110, 2019.010.20064.

Vulnerable software versions

Adobe Acrobat: 15.006.30306 - 19.008.20081

Adobe Reader: 2015.006.30306 - 2019.008.20081

External links

http://helpx.adobe.com/security/products/acrobat/apsb18-41.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

13) Use-after-free error

EUVDB-ID: #VU16374

Risk: High

CVSSv3.1: 8.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2018-16046

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, trigger use-after-free error and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

The vulnerability has been addressed in the versions 2015.006.30461, 2017.011.30110, 2019.010.20064.

Vulnerable software versions

Adobe Acrobat: 15.006.30306 - 19.008.20081

Adobe Reader: 2015.006.30306 - 2019.008.20081

External links

http://helpx.adobe.com/security/products/acrobat/apsb18-41.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

14) Use-after-free error

EUVDB-ID: #VU16375

Risk: High

CVSSv3.1: 8.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2018-16040

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, trigger use-after-free error and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

The vulnerability has been addressed in the versions 2015.006.30461, 2017.011.30110, 2019.010.20064.

Vulnerable software versions

Adobe Acrobat: 15.006.30306 - 19.008.20081

Adobe Reader: 2015.006.30306 - 2019.008.20081

External links

http://helpx.adobe.com/security/products/acrobat/apsb18-41.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

15) Use-after-free error

EUVDB-ID: #VU16376

Risk: High

CVSSv3.1: 8.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2018-16039

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, trigger use-after-free error and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

The vulnerability has been addressed in the versions 2015.006.30461, 2017.011.30110, 2019.010.20064.

Vulnerable software versions

Adobe Acrobat: 15.006.30306 - 19.008.20081

Adobe Reader: 2015.006.30306 - 2019.008.20081

External links

http://helpx.adobe.com/security/products/acrobat/apsb18-41.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

16) Use-after-free error

EUVDB-ID: #VU16377

Risk: High

CVSSv3.1: 8.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2018-16037

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, trigger use-after-free error and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

The vulnerability has been addressed in the versions 2015.006.30461, 2017.011.30110, 2019.010.20064.

Vulnerable software versions

Adobe Acrobat: 15.006.30306 - 19.008.20081

Adobe Reader: 2015.006.30306 - 2019.008.20081

External links

http://helpx.adobe.com/security/products/acrobat/apsb18-41.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

17) Use-after-free error

EUVDB-ID: #VU16378

Risk: High

CVSSv3.1: 8.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2018-16036

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, trigger use-after-free error and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

The vulnerability has been addressed in the versions 2015.006.30461, 2017.011.30110, 2019.010.20064.

Vulnerable software versions

Adobe Acrobat: 15.006.30306 - 19.008.20081

Adobe Reader: 2015.006.30306 - 2019.008.20081

External links

http://helpx.adobe.com/security/products/acrobat/apsb18-41.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

18) Use-after-free error

EUVDB-ID: #VU16379

Risk: High

CVSSv3.1: 8.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2018-16029

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, trigger use-after-free error and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

The vulnerability has been addressed in the versions 2015.006.30461, 2017.011.30110, 2019.010.20064.

Vulnerable software versions

Adobe Acrobat: 15.006.30306 - 19.008.20081

Adobe Reader: 2015.006.30306 - 2019.008.20081

External links

http://helpx.adobe.com/security/products/acrobat/apsb18-41.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

19) Use-after-free error

EUVDB-ID: #VU16380

Risk: High

CVSSv3.1: 8.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2018-16027

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, trigger use-after-free error and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

The vulnerability has been addressed in the versions 2015.006.30461, 2017.011.30110, 2019.010.20064.

Vulnerable software versions

Adobe Acrobat: 15.006.30306 - 19.008.20081

Adobe Reader: 2015.006.30306 - 2019.008.20081

External links

http://helpx.adobe.com/security/products/acrobat/apsb18-41.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

20) Use-after-free error

EUVDB-ID: #VU16381

Risk: High

CVSSv3.1: 8.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2018-16026

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, trigger use-after-free error and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

The vulnerability has been addressed in the versions 2015.006.30461, 2017.011.30110, 2019.010.20064.

Vulnerable software versions

Adobe Acrobat: 15.006.30306 - 19.008.20081

Adobe Reader: 2015.006.30306 - 2019.008.20081

External links

http://helpx.adobe.com/security/products/acrobat/apsb18-41.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

21) Use-after-free error

EUVDB-ID: #VU16382

Risk: High

CVSSv3.1: 8.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2018-16025

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, trigger use-after-free error and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

The vulnerability has been addressed in the versions 2015.006.30461, 2017.011.30110, 2019.010.20064.

Vulnerable software versions

Adobe Acrobat: 15.006.30306 - 19.008.20081

Adobe Reader: 2015.006.30306 - 2019.008.20081

External links

http://helpx.adobe.com/security/products/acrobat/apsb18-41.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

22) Use-after-free error

EUVDB-ID: #VU16383

Risk: High

CVSSv3.1: 8.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2018-16014

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, trigger use-after-free error and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

The vulnerability has been addressed in the versions 2015.006.30461, 2017.011.30110, 2019.010.20064.

Vulnerable software versions

Adobe Acrobat: 15.006.30306 - 19.008.20081

Adobe Reader: 2015.006.30306 - 2019.008.20081

External links

http://helpx.adobe.com/security/products/acrobat/apsb18-41.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

23) Use-after-free error

EUVDB-ID: #VU16384

Risk: High

CVSSv3.1: 8.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2018-16011

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, trigger use-after-free error and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

The vulnerability has been addressed in the versions 2015.006.30464, 2017.011.30113, 2019.010.20069.

Vulnerable software versions

Adobe Acrobat: 15.006.30306 - 19.010.20064

Adobe Reader: 2015.006.30306 - 2019.010.20064

External links

http://helpx.adobe.com/security/products/acrobat/apsb19-02.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

24) Use-after-free error

EUVDB-ID: #VU16385

Risk: High

CVSSv3.1: 8.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2018-16008

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, trigger use-after-free error and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

The vulnerability has been addressed in the versions 2015.006.30461, 2017.011.30110, 2019.010.20064.

Vulnerable software versions

Adobe Acrobat: 15.006.30306 - 19.008.20081

Adobe Reader: 2015.006.30306 - 2019.008.20081

External links

http://helpx.adobe.com/security/products/acrobat/apsb18-41.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

25) Use-after-free error

EUVDB-ID: #VU16386

Risk: High

CVSSv3.1: 8.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2018-16003

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, trigger use-after-free error and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

The vulnerability has been addressed in the versions 2015.006.30461, 2017.011.30110, 2019.010.20064.

Vulnerable software versions

Adobe Acrobat: 15.006.30306 - 19.008.20081

Adobe Reader: 2015.006.30306 - 2019.008.20081

External links

http://helpx.adobe.com/security/products/acrobat/apsb18-41.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

26) Use-after-free error

EUVDB-ID: #VU16387

Risk: High

CVSSv3.1: 8.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2018-15994

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, trigger use-after-free error and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

The vulnerability has been addressed in the versions 2015.006.30461, 2017.011.30110, 2019.010.20064.

Vulnerable software versions

Adobe Acrobat: 15.006.30306 - 19.008.20081

Adobe Reader: 2015.006.30306 - 2019.008.20081

External links

http://helpx.adobe.com/security/products/acrobat/apsb18-41.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

27) Use-after-free error

EUVDB-ID: #VU16388

Risk: High

CVSSv3.1: 8.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2018-15993

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, trigger use-after-free error and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

The vulnerability has been addressed in the versions 2015.006.30461, 2017.011.30110, 2019.010.20064.

Vulnerable software versions

Adobe Acrobat: 15.006.30306 - 19.008.20081

Adobe Reader: 2015.006.30306 - 2019.008.20081

External links

http://helpx.adobe.com/security/products/acrobat/apsb18-41.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

28) Use-after-free error

EUVDB-ID: #VU16389

Risk: High

CVSSv3.1: 8.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2018-15992

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, trigger use-after-free error and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

The vulnerability has been addressed in the versions 2015.006.30461, 2017.011.30110, 2019.010.20064.

Vulnerable software versions

Adobe Acrobat: 15.006.30306 - 19.008.20081

Adobe Reader: 2015.006.30306 - 2019.008.20081

External links

http://helpx.adobe.com/security/products/acrobat/apsb18-41.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

29) Use-after-free error

EUVDB-ID: #VU16390

Risk: High

CVSSv3.1: 8.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2018-15991

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, trigger use-after-free error and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

The vulnerability has been addressed in the versions 2015.006.30461, 2017.011.30110, 2019.010.20064.

Vulnerable software versions

Adobe Acrobat: 15.006.30306 - 19.008.20081

Adobe Reader: 2015.006.30306 - 2019.008.20081

External links

http://helpx.adobe.com/security/products/acrobat/apsb18-41.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

30) Use-after-free error

EUVDB-ID: #VU16391

Risk: High

CVSSv3.1: 8.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2018-15990

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, trigger use-after-free error and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

The vulnerability has been addressed in the versions 2015.006.30461, 2017.011.30110, 2019.010.20064.

Vulnerable software versions

Adobe Acrobat: 15.006.30306 - 19.008.20081

Adobe Reader: 2015.006.30306 - 2019.008.20081

External links

http://helpx.adobe.com/security/products/acrobat/apsb18-41.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

31) Out-of-bounds write

EUVDB-ID: #VU16363

Risk: High

CVSSv3.1: 8.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2018-19702

CWE-ID: CWE-787 - Out-of-bounds write

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, trigger out-of-bounds write and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

The vulnerability has been addressed in the versions 2015.006.30461, 2017.011.30110, 2019.010.20064.

Vulnerable software versions

Adobe Acrobat: 15.006.30306 - 19.008.20081

Adobe Reader: 2015.006.30306 - 2019.008.20081

External links

http://helpx.adobe.com/security/products/acrobat/apsb18-41.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

32) Out-of-bounds write

EUVDB-ID: #VU16364

Risk: High

CVSSv3.1: 8.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2018-16016

CWE-ID: CWE-787 - Out-of-bounds write

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, trigger out-of-bounds write and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

The vulnerability has been addressed in the versions 2015.006.30461, 2017.011.30110, 2019.010.20064.

Vulnerable software versions

Adobe Acrobat: 15.006.30306 - 19.008.20081

Adobe Reader: 2015.006.30306 - 2019.008.20081

External links

http://helpx.adobe.com/security/products/acrobat/apsb18-41.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

33) Out-of-bounds write

EUVDB-ID: #VU16365

Risk: High

CVSSv3.1: 8.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2018-16000

CWE-ID: CWE-787 - Out-of-bounds write

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, trigger out-of-bounds write and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

The vulnerability has been addressed in the versions 2015.006.30461, 2017.011.30110, 2019.010.20064.

Vulnerable software versions

Adobe Acrobat: 15.006.30306 - 19.008.20081

Adobe Reader: 2015.006.30306 - 2019.008.20081

External links

http://helpx.adobe.com/security/products/acrobat/apsb18-41.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

34) Out-of-bounds write

EUVDB-ID: #VU16366

Risk: High

CVSSv3.1: 8.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2018-15999

CWE-ID: CWE-787 - Out-of-bounds write

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, trigger out-of-bounds write and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

The vulnerability has been addressed in the versions 2015.006.30461, 2017.011.30110, 2019.010.20064.

Vulnerable software versions

Adobe Acrobat: 15.006.30306 - 19.008.20081

Adobe Reader: 2015.006.30306 - 2019.008.20081

External links

http://helpx.adobe.com/security/products/acrobat/apsb18-41.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

35) Out-of-bounds write

EUVDB-ID: #VU16367

Risk: High

CVSSv3.1: 8.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2018-15988

CWE-ID: CWE-787 - Out-of-bounds write

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, trigger out-of-bounds write and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

The vulnerability has been addressed in the versions 2015.006.30461, 2017.011.30110, 2019.010.20064.

Vulnerable software versions

Adobe Acrobat: 15.006.30306 - 19.008.20081

Adobe Reader: 2015.006.30306 - 2019.008.20081

External links

http://helpx.adobe.com/security/products/acrobat/apsb18-41.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

36) Heap-based buffer overflow

EUVDB-ID: #VU16358

Risk: High

CVSSv3.1: 8.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2018-19716

CWE-ID: CWE-122 - Heap-based Buffer Overflow

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to heap-based buffer overflow when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, trigger memory corruption and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

The vulnerability has been addressed in the versions 2015.006.30461, 2017.011.30110, 2019.010.20064.

Vulnerable software versions

Adobe Acrobat: 15.006.30306 - 19.008.20081

Adobe Reader: 2015.006.30306 - 2019.008.20081

External links

http://helpx.adobe.com/security/products/acrobat/apsb18-41.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

37) Heap-based buffer overflow

EUVDB-ID: #VU16359

Risk: High

CVSSv3.1: 8.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2018-16021

CWE-ID: CWE-122 - Heap-based Buffer Overflow

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to heap-based buffer overflow when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, trigger memory corruption and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

The vulnerability has been addressed in the versions 2015.006.30461, 2017.011.30110, 2019.010.20064.

Vulnerable software versions

Adobe Acrobat: 15.006.30306 - 19.008.20081

Adobe Reader: 2015.006.30306 - 2019.008.20081

External links

http://helpx.adobe.com/security/products/acrobat/apsb18-41.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

38) Heap-based buffer overflow

EUVDB-ID: #VU16360

Risk: High

CVSSv3.1: 8.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2018-12830

CWE-ID: CWE-122 - Heap-based Buffer Overflow

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to heap-based buffer overflow when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, trigger memory corruption and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

The vulnerability has been addressed in the versions 2015.006.30461, 2017.011.30110, 2019.010.20064.

Vulnerable software versions

Adobe Acrobat: 15.006.30306 - 19.008.20081

Adobe Reader: 2015.006.30306 - 2019.008.20081

External links

http://helpx.adobe.com/security/products/acrobat/apsb18-41.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

39) Out-of-bounds read

EUVDB-ID: #VU16400

Risk: Low

CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2018-19717

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a remote attacker to obtain potentially sensitive information on the target system.

The vulnerability exists due to a boundary error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, trigger out-of-bounds read and gain access to important data.

Mitigation

The vulnerability has been addressed in the versions 2015.006.30461, 2017.011.30110, 2019.010.20064.

Vulnerable software versions

Adobe Acrobat: 15.006.30306 - 19.008.20081

Adobe Reader: 2015.006.30306 - 2019.008.20081

External links

http://helpx.adobe.com/security/products/acrobat/apsb18-41.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

40) Out-of-bounds read

EUVDB-ID: #VU16401

Risk: Low

CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2018-19714

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a remote attacker to obtain potentially sensitive information on the target system.

The vulnerability exists due to a boundary error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, trigger out-of-bounds read and gain access to important data.

Mitigation

The vulnerability has been addressed in the versions 2015.006.30461, 2017.011.30110, 2019.010.20064.

Vulnerable software versions

Adobe Acrobat: 15.006.30306 - 19.008.20081

Adobe Reader: 2015.006.30306 - 2019.008.20081

External links

http://helpx.adobe.com/security/products/acrobat/apsb18-41.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

41) Out-of-bounds read

EUVDB-ID: #VU16402

Risk: Low

CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2018-19712

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a remote attacker to obtain potentially sensitive information on the target system.

The vulnerability exists due to a boundary error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, trigger out-of-bounds read and gain access to important data.

Mitigation

The vulnerability has been addressed in the versions 2015.006.30461, 2017.011.30110, 2019.010.20064.

Vulnerable software versions

Adobe Acrobat: 15.006.30306 - 19.008.20081

Adobe Reader: 2015.006.30306 - 2019.008.20081

External links

http://helpx.adobe.com/security/products/acrobat/apsb18-41.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

42) Out-of-bounds read

EUVDB-ID: #VU16403

Risk: Low

CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2018-19711

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a remote attacker to obtain potentially sensitive information on the target system.

The vulnerability exists due to a boundary error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, trigger out-of-bounds read and gain access to important data.

Mitigation

The vulnerability has been addressed in the versions 2015.006.30461, 2017.011.30110, 2019.010.20064.

Vulnerable software versions

Adobe Acrobat: 15.006.30306 - 19.008.20081

Adobe Reader: 2015.006.30306 - 2019.008.20081

External links

http://helpx.adobe.com/security/products/acrobat/apsb18-41.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

43) Out-of-bounds read

EUVDB-ID: #VU16404

Risk: Low

CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2018-19710

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a remote attacker to obtain potentially sensitive information on the target system.

The vulnerability exists due to a boundary error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, trigger out-of-bounds read and gain access to important data.

Mitigation

The vulnerability has been addressed in the versions 2015.006.30461, 2017.011.30110, 2019.010.20064.

Vulnerable software versions

Adobe Acrobat: 15.006.30306 - 19.008.20081

Adobe Reader: 2015.006.30306 - 2019.008.20081

External links

http://helpx.adobe.com/security/products/acrobat/apsb18-41.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

44) Out-of-bounds read

EUVDB-ID: #VU16405

Risk: Low

CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2018-19709

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a remote attacker to obtain potentially sensitive information on the target system.

The vulnerability exists due to a boundary error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, trigger out-of-bounds read and gain access to important data.

Mitigation

The vulnerability has been addressed in the versions 2015.006.30461, 2017.011.30110, 2019.010.20064.

Vulnerable software versions

Adobe Acrobat: 15.006.30306 - 19.008.20081

Adobe Reader: 2015.006.30306 - 2019.008.20081

External links

http://helpx.adobe.com/security/products/acrobat/apsb18-41.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

45) Out-of-bounds read

EUVDB-ID: #VU16406

Risk: Low

CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2018-19706

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a remote attacker to obtain potentially sensitive information on the target system.

The vulnerability exists due to a boundary error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, trigger out-of-bounds read and gain access to important data.

Mitigation

The vulnerability has been addressed in the versions 2015.006.30461, 2017.011.30110, 2019.010.20064.

Vulnerable software versions

Adobe Acrobat: 15.006.30306 - 19.008.20081

Adobe Reader: 2015.006.30306 - 2019.008.20081

External links

http://helpx.adobe.com/security/products/acrobat/apsb18-41.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

46) Out-of-bounds read

EUVDB-ID: #VU16407

Risk: Low

CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2018-19705

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a remote attacker to obtain potentially sensitive information on the target system.

The vulnerability exists due to a boundary error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, trigger out-of-bounds read and gain access to important data.

Mitigation

The vulnerability has been addressed in the versions 2015.006.30461, 2017.011.30110, 2019.010.20064.

Vulnerable software versions

Adobe Acrobat: 15.006.30306 - 19.008.20081

Adobe Reader: 2015.006.30306 - 2019.008.20081

External links

http://helpx.adobe.com/security/products/acrobat/apsb18-41.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

47) Out-of-bounds read

EUVDB-ID: #VU16408

Risk: Low

CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2018-19704

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a remote attacker to obtain potentially sensitive information on the target system.

The vulnerability exists due to a boundary error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, trigger out-of-bounds read and gain access to important data.

Mitigation

The vulnerability has been addressed in the versions 2015.006.30461, 2017.011.30110, 2019.010.20064.

Vulnerable software versions

Adobe Acrobat: 15.006.30306 - 19.008.20081

Adobe Reader: 2015.006.30306 - 2019.008.20081

External links

http://helpx.adobe.com/security/products/acrobat/apsb18-41.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

48) Out-of-bounds read

EUVDB-ID: #VU16409

Risk: Low

CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2018-19703

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a remote attacker to obtain potentially sensitive information on the target system.

The vulnerability exists due to a boundary error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, trigger out-of-bounds read and gain access to important data.

Mitigation

The vulnerability has been addressed in the versions 2015.006.30461, 2017.011.30110, 2019.010.20064.

Vulnerable software versions

Adobe Acrobat: 15.006.30306 - 19.008.20081

Adobe Reader: 2015.006.30306 - 2019.008.20081

External links

http://helpx.adobe.com/security/products/acrobat/apsb18-41.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

49) Out-of-bounds read

EUVDB-ID: #VU16410

Risk: Low

CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2018-19701

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a remote attacker to obtain potentially sensitive information on the target system.

The vulnerability exists due to a boundary error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, trigger out-of-bounds read and gain access to important data.

Mitigation

The vulnerability has been addressed in the versions 2015.006.30461, 2017.011.30110, 2019.010.20064.

Vulnerable software versions

Adobe Acrobat: 15.006.30306 - 19.008.20081

Adobe Reader: 2015.006.30306 - 2019.008.20081

External links

http://helpx.adobe.com/security/products/acrobat/apsb18-41.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

50) Out-of-bounds read

EUVDB-ID: #VU16411

Risk: Low

CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2018-19699

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a remote attacker to obtain potentially sensitive information on the target system.

The vulnerability exists due to a boundary error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, trigger out-of-bounds read and gain access to important data.

Mitigation

The vulnerability has been addressed in the versions 2015.006.30461, 2017.011.30110, 2019.010.20064.

Vulnerable software versions

Adobe Acrobat: 15.006.30306 - 19.008.20081

Adobe Reader: 2015.006.30306 - 2019.008.20081

External links

http://helpx.adobe.com/security/products/acrobat/apsb18-41.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

51) Out-of-bounds read

EUVDB-ID: #VU16412

Risk: Low

CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2018-16047

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a remote attacker to obtain potentially sensitive information on the target system.

The vulnerability exists due to a boundary error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, trigger out-of-bounds read and gain access to important data.

Mitigation

The vulnerability has been addressed in the versions 2015.006.30461, 2017.011.30110, 2019.010.20064.

Vulnerable software versions

Adobe Acrobat: 15.006.30306 - 19.008.20081

Adobe Reader: 2015.006.30306 - 2019.008.20081

External links

http://helpx.adobe.com/security/products/acrobat/apsb18-41.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

52) Out-of-bounds read

EUVDB-ID: #VU16413

Risk: Low

CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2018-16043

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a remote attacker to obtain potentially sensitive information on the target system.

The vulnerability exists due to a boundary error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, trigger out-of-bounds read and gain access to important data.

Mitigation

The vulnerability has been addressed in the versions 2015.006.30461, 2017.011.30110, 2019.010.20064.

Vulnerable software versions

Adobe Acrobat: 15.006.30306 - 19.008.20081

Adobe Reader: 2015.006.30306 - 2019.008.20081

External links

http://helpx.adobe.com/security/products/acrobat/apsb18-41.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

53) Out-of-bounds read

EUVDB-ID: #VU16414

Risk: Low

CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2018-16041

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a remote attacker to obtain potentially sensitive information on the target system.

The vulnerability exists due to a boundary error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, trigger out-of-bounds read and gain access to important data.

Mitigation

The vulnerability has been addressed in the versions 2015.006.30461, 2017.011.30110, 2019.010.20064.

Vulnerable software versions

Adobe Acrobat: 15.006.30306 - 19.008.20081

Adobe Reader: 2015.006.30306 - 2019.008.20081

External links

http://helpx.adobe.com/security/products/acrobat/apsb18-41.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

54) Out-of-bounds read

EUVDB-ID: #VU16415

Risk: Low

CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2018-16038

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a remote attacker to obtain potentially sensitive information on the target system.

The vulnerability exists due to a boundary error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, trigger out-of-bounds read and gain access to important data.

Mitigation

The vulnerability has been addressed in the versions 2015.006.30461, 2017.011.30110, 2019.010.20064.

Vulnerable software versions

Adobe Acrobat: 15.006.30306 - 19.008.20081

Adobe Reader: 2015.006.30306 - 2019.008.20081

External links

http://helpx.adobe.com/security/products/acrobat/apsb18-41.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

55) Out-of-bounds read

EUVDB-ID: #VU16416

Risk: Low

CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2018-16035

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a remote attacker to obtain potentially sensitive information on the target system.

The vulnerability exists due to a boundary error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, trigger out-of-bounds read and gain access to important data.

Mitigation

The vulnerability has been addressed in the versions 2015.006.30461, 2017.011.30110, 2019.010.20064.

Vulnerable software versions

Adobe Acrobat: 15.006.30306 - 19.008.20081

Adobe Reader: 2015.006.30306 - 2019.008.20081

External links

http://helpx.adobe.com/security/products/acrobat/apsb18-41.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

56) Out-of-bounds read

EUVDB-ID: #VU16417

Risk: Low

CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2018-16034

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a remote attacker to obtain potentially sensitive information on the target system.

The vulnerability exists due to a boundary error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, trigger out-of-bounds read and gain access to important data.

Mitigation

The vulnerability has been addressed in the versions 2015.006.30461, 2017.011.30110, 2019.010.20064.

Vulnerable software versions

Adobe Acrobat: 15.006.30306 - 19.008.20081

Adobe Reader: 2015.006.30306 - 2019.008.20081

External links

http://helpx.adobe.com/security/products/acrobat/apsb18-41.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

57) Out-of-bounds read

EUVDB-ID: #VU16418

Risk: Low

CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2018-16033

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a remote attacker to obtain potentially sensitive information on the target system.

The vulnerability exists due to a boundary error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, trigger out-of-bounds read and gain access to important data.

Mitigation

The vulnerability has been addressed in the versions 2015.006.30461, 2017.011.30110, 2019.010.20064.

Vulnerable software versions

Adobe Acrobat: 15.006.30306 - 19.008.20081

Adobe Reader: 2015.006.30306 - 2019.008.20081

External links

http://helpx.adobe.com/security/products/acrobat/apsb18-41.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

58) Out-of-bounds read

EUVDB-ID: #VU16419

Risk: Low

CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2018-16032

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a remote attacker to obtain potentially sensitive information on the target system.

The vulnerability exists due to a boundary error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, trigger out-of-bounds read and gain access to important data.

Mitigation

The vulnerability has been addressed in the versions 2015.006.30461, 2017.011.30110, 2019.010.20064.

Vulnerable software versions

Adobe Acrobat: 15.006.30306 - 19.008.20081

Adobe Reader: 2015.006.30306 - 2019.008.20081

External links

http://helpx.adobe.com/security/products/acrobat/apsb18-41.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

59) Out-of-bounds read

EUVDB-ID: #VU16420

Risk: Low

CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2018-16031

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a remote attacker to obtain potentially sensitive information on the target system.

The vulnerability exists due to a boundary error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, trigger out-of-bounds read and gain access to important data.

Mitigation

The vulnerability has been addressed in the versions 2015.006.30461, 2017.011.30110, 2019.010.20064.

Vulnerable software versions

Adobe Acrobat: 15.006.30306 - 19.008.20081

Adobe Reader: 2015.006.30306 - 2019.008.20081

External links

http://helpx.adobe.com/security/products/acrobat/apsb18-41.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

60) Out-of-bounds read

EUVDB-ID: #VU16421

Risk: Low

CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2018-16030

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a remote attacker to obtain potentially sensitive information on the target system.

The vulnerability exists due to a boundary error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, trigger out-of-bounds read and gain access to important data.

Mitigation

The vulnerability has been addressed in the versions 2015.006.30461, 2017.011.30110, 2019.010.20064.

Vulnerable software versions

Adobe Acrobat: 15.006.30306 - 19.008.20081

Adobe Reader: 2015.006.30306 - 2019.008.20081

External links

http://helpx.adobe.com/security/products/acrobat/apsb18-41.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

61) Out-of-bounds read

EUVDB-ID: #VU16422

Risk: Low

CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2018-16028

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a remote attacker to obtain potentially sensitive information on the target system.

The vulnerability exists due to a boundary error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, trigger out-of-bounds read and gain access to important data.

Mitigation

The vulnerability has been addressed in the versions 2015.006.30461, 2017.011.30110, 2019.010.20064.

Vulnerable software versions

Adobe Acrobat: 15.006.30306 - 19.008.20081

Adobe Reader: 2015.006.30306 - 2019.008.20081

External links

http://helpx.adobe.com/security/products/acrobat/apsb18-41.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

62) Out-of-bounds read

EUVDB-ID: #VU16423

Risk: Low

CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2018-16024

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a remote attacker to obtain potentially sensitive information on the target system.

The vulnerability exists due to a boundary error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, trigger out-of-bounds read and gain access to important data.

Mitigation

The vulnerability has been addressed in the versions 2015.006.30461, 2017.011.30110, 2019.010.20064.

Vulnerable software versions

Adobe Acrobat: 15.006.30306 - 19.008.20081

Adobe Reader: 2015.006.30306 - 2019.008.20081

External links

http://helpx.adobe.com/security/products/acrobat/apsb18-41.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

63) Out-of-bounds read

EUVDB-ID: #VU16424

Risk: Low

CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2018-16023

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a remote attacker to obtain potentially sensitive information on the target system.

The vulnerability exists due to a boundary error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, trigger out-of-bounds read and gain access to important data.

Mitigation

The vulnerability has been addressed in the versions 2015.006.30461, 2017.011.30110, 2019.010.20064.

Vulnerable software versions

Adobe Acrobat: 15.006.30306 - 19.008.20081

Adobe Reader: 2015.006.30306 - 2019.008.20081

External links

http://helpx.adobe.com/security/products/acrobat/apsb18-41.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

64) Out-of-bounds read

EUVDB-ID: #VU16425

Risk: Low

CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2018-16022

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a remote attacker to obtain potentially sensitive information on the target system.

The vulnerability exists due to a boundary error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, trigger out-of-bounds read and gain access to important data.

Mitigation

The vulnerability has been addressed in the versions 2015.006.30461, 2017.011.30110, 2019.010.20064.

Vulnerable software versions

Adobe Acrobat: 15.006.30306 - 19.008.20081

Adobe Reader: 2015.006.30306 - 2019.008.20081

External links

http://helpx.adobe.com/security/products/acrobat/apsb18-41.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

65) Out-of-bounds read

EUVDB-ID: #VU16426

Risk: Low

CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2018-16020

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a remote attacker to obtain potentially sensitive information on the target system.

The vulnerability exists due to a boundary error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, trigger out-of-bounds read and gain access to important data.

Mitigation

The vulnerability has been addressed in the versions 2015.006.30461, 2017.011.30110, 2019.010.20064.

Vulnerable software versions

Adobe Acrobat: 15.006.30306 - 19.008.20081

Adobe Reader: 2015.006.30306 - 2019.008.20081

External links

http://helpx.adobe.com/security/products/acrobat/apsb18-41.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

66) Out-of-bounds read

EUVDB-ID: #VU16427

Risk: Low

CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2018-16019

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a remote attacker to obtain potentially sensitive information on the target system.

The vulnerability exists due to a boundary error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, trigger out-of-bounds read and gain access to important data.

Mitigation

The vulnerability has been addressed in the versions 2015.006.30461, 2017.011.30110, 2019.010.20064.

Vulnerable software versions

Adobe Acrobat: 15.006.30306 - 19.008.20081

Adobe Reader: 2015.006.30306 - 2019.008.20081

External links

http://helpx.adobe.com/security/products/acrobat/apsb18-41.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

67) Out-of-bounds read

EUVDB-ID: #VU16428

Risk: Low

CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2018-16017

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a remote attacker to obtain potentially sensitive information on the target system.

The vulnerability exists due to a boundary error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, trigger out-of-bounds read and gain access to important data.

Mitigation

The vulnerability has been addressed in the versions 2015.006.30461, 2017.011.30110, 2019.010.20064.

Vulnerable software versions

Adobe Acrobat: 15.006.30306 - 19.008.20081

Adobe Reader: 2015.006.30306 - 2019.008.20081

External links

http://helpx.adobe.com/security/products/acrobat/apsb18-41.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

68) Out-of-bounds read

EUVDB-ID: #VU16429

Risk: Low

CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2018-16015

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a remote attacker to obtain potentially sensitive information on the target system.

The vulnerability exists due to a boundary error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, trigger out-of-bounds read and gain access to important data.

Mitigation

The vulnerability has been addressed in the versions 2015.006.30461, 2017.011.30110, 2019.010.20064.

Vulnerable software versions

Adobe Acrobat: 15.006.30306 - 19.008.20081

Adobe Reader: 2015.006.30306 - 2019.008.20081

External links

http://helpx.adobe.com/security/products/acrobat/apsb18-41.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

69) Out-of-bounds read

EUVDB-ID: #VU16430

Risk: Low

CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2018-16013

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a remote attacker to obtain potentially sensitive information on the target system.

The vulnerability exists due to a boundary error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, trigger out-of-bounds read and gain access to important data.

Mitigation

The vulnerability has been addressed in the versions 2015.006.30461, 2017.011.30110, 2019.010.20064.

Vulnerable software versions

Adobe Acrobat: 15.006.30306 - 19.008.20081

Adobe Reader: 2015.006.30306 - 2019.008.20081

External links

http://helpx.adobe.com/security/products/acrobat/apsb18-41.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

70) Out-of-bounds read

EUVDB-ID: #VU16431

Risk: Low

CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2018-16012

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a remote attacker to obtain potentially sensitive information on the target system.

The vulnerability exists due to a boundary error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, trigger out-of-bounds read and gain access to important data.

Mitigation

The vulnerability has been addressed in the versions 2015.006.30461, 2017.011.30110, 2019.010.20064.

Vulnerable software versions

Adobe Acrobat: 15.006.30306 - 19.008.20081

Adobe Reader: 2015.006.30306 - 2019.008.20081

External links

http://helpx.adobe.com/security/products/acrobat/apsb18-41.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

71) Out-of-bounds read

EUVDB-ID: #VU16432

Risk: Low

CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2018-16010

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a remote attacker to obtain potentially sensitive information on the target system.

The vulnerability exists due to a boundary error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, trigger out-of-bounds read and gain access to important data.

Mitigation

The vulnerability has been addressed in the versions 2015.006.30461, 2017.011.30110, 2019.010.20064.

Vulnerable software versions

Adobe Acrobat: 15.006.30306 - 19.008.20081

Adobe Reader: 2015.006.30306 - 2019.008.20081

External links

http://helpx.adobe.com/security/products/acrobat/apsb18-41.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

72) Out-of-bounds read

EUVDB-ID: #VU16433

Risk: Low

CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2018-16006

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a remote attacker to obtain potentially sensitive information on the target system.

The vulnerability exists due to a boundary error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, trigger out-of-bounds read and gain access to important data.

Mitigation

The vulnerability has been addressed in the versions 2015.006.30461, 2017.011.30110, 2019.010.20064.

Vulnerable software versions

Adobe Acrobat: 15.006.30306 - 19.008.20081

Adobe Reader: 2015.006.30306 - 2019.008.20081

External links

http://helpx.adobe.com/security/products/acrobat/apsb18-41.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

73) Out-of-bounds read

EUVDB-ID: #VU16434

Risk: Low

CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2018-16005

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a remote attacker to obtain potentially sensitive information on the target system.

The vulnerability exists due to a boundary error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, trigger out-of-bounds read and gain access to important data.

Mitigation

The vulnerability has been addressed in the versions 2015.006.30461, 2017.011.30110, 2019.010.20064.

Vulnerable software versions

Adobe Acrobat: 15.006.30306 - 19.008.20081

Adobe Reader: 2015.006.30306 - 2019.008.20081

External links

http://helpx.adobe.com/security/products/acrobat/apsb18-41.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

74) Out-of-bounds read

EUVDB-ID: #VU16435

Risk: Low

CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2018-16002

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a remote attacker to obtain potentially sensitive information on the target system.

The vulnerability exists due to a boundary error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, trigger out-of-bounds read and gain access to important data.

Mitigation

The vulnerability has been addressed in the versions 2015.006.30461, 2017.011.30110, 2019.010.20064.

Vulnerable software versions

Adobe Acrobat: 15.006.30306 - 19.008.20081

Adobe Reader: 2015.006.30306 - 2019.008.20081

External links

http://helpx.adobe.com/security/products/acrobat/apsb18-41.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

75) Out-of-bounds read

EUVDB-ID: #VU16436

Risk: Low

CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2018-16001

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a remote attacker to obtain potentially sensitive information on the target system.

The vulnerability exists due to a boundary error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, trigger out-of-bounds read and gain access to important data.

Mitigation

The vulnerability has been addressed in the versions 2015.006.30461, 2017.011.30110, 2019.010.20064.

Vulnerable software versions

Adobe Acrobat: 15.006.30306 - 19.008.20081

Adobe Reader: 2015.006.30306 - 2019.008.20081

External links

http://helpx.adobe.com/security/products/acrobat/apsb18-41.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

76) Out-of-bounds read

EUVDB-ID: #VU16437

Risk: Low

CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2018-15997

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a remote attacker to obtain potentially sensitive information on the target system.

The vulnerability exists due to a boundary error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, trigger out-of-bounds read and gain access to important data.

Mitigation

The vulnerability has been addressed in the versions 2015.006.30461, 2017.011.30110, 2019.010.20064.

Vulnerable software versions

Adobe Acrobat: 15.006.30306 - 19.008.20081

Adobe Reader: 2015.006.30306 - 2019.008.20081

External links

http://helpx.adobe.com/security/products/acrobat/apsb18-41.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

77) Out-of-bounds read

EUVDB-ID: #VU16438

Risk: Low

CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2018-15996

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a remote attacker to obtain potentially sensitive information on the target system.

The vulnerability exists due to a boundary error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, trigger out-of-bounds read and gain access to important data.

Mitigation

The vulnerability has been addressed in the versions 2015.006.30461, 2017.011.30110, 2019.010.20064.

Vulnerable software versions

Adobe Acrobat: 15.006.30306 - 19.008.20081

Adobe Reader: 2015.006.30306 - 2019.008.20081

External links

http://helpx.adobe.com/security/products/acrobat/apsb18-41.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

78) Out-of-bounds read

EUVDB-ID: #VU16439

Risk: Low

CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2018-15989

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a remote attacker to obtain potentially sensitive information on the target system.

The vulnerability exists due to a boundary error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, trigger out-of-bounds read and gain access to important data.

Mitigation

The vulnerability has been addressed in the versions 2015.006.30461, 2017.011.30110, 2019.010.20064.

Vulnerable software versions

Adobe Acrobat: 15.006.30306 - 19.008.20081

Adobe Reader: 2015.006.30306 - 2019.008.20081

External links

http://helpx.adobe.com/security/products/acrobat/apsb18-41.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

79) Out-of-bounds read

EUVDB-ID: #VU16440

Risk: Low

CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2018-15985

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a remote attacker to obtain potentially sensitive information on the target system.

The vulnerability exists due to a boundary error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, trigger out-of-bounds read and gain access to important data.

Mitigation

The vulnerability has been addressed in the versions 2015.006.30461, 2017.011.30110, 2019.010.20064.

Vulnerable software versions

Adobe Acrobat: 15.006.30306 - 19.008.20081

Adobe Reader: 2015.006.30306 - 2019.008.20081

External links

http://helpx.adobe.com/security/products/acrobat/apsb18-41.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

80) Out-of-bounds read

EUVDB-ID: #VU16441

Risk: Low

CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2018-15984

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a remote attacker to obtain potentially sensitive information on the target system.

The vulnerability exists due to a boundary error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, trigger out-of-bounds read and gain access to important data.

Mitigation

The vulnerability has been addressed in the versions 2015.006.30461, 2017.011.30110, 2019.010.20064.

Vulnerable software versions

Adobe Acrobat: 15.006.30306 - 19.008.20081

Adobe Reader: 2015.006.30306 - 2019.008.20081

External links

http://helpx.adobe.com/security/products/acrobat/apsb18-41.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

81) Out-of-bounds read

EUVDB-ID: #VU16442

Risk: Low

CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2018-19719

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a remote attacker to obtain potentially sensitive information on the target system.

The vulnerability exists due to a boundary error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, trigger out-of-bounds read and gain access to important data.

Mitigation

The vulnerability has been addressed in the versions 2015.006.30461, 2017.011.30110, 2019.010.20064.

Vulnerable software versions

Adobe Acrobat: 15.006.30306 - 19.008.20081

Adobe Reader: 2015.006.30306 - 2019.008.20081

External links

http://helpx.adobe.com/security/products/acrobat/apsb18-41.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

82) Integer overflow

EUVDB-ID: #VU16396

Risk: Low

CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2018-16009

CWE-ID: CWE-190 - Integer overflow

Exploit availability: No

Description

The vulnerability allows a remote attacker to obtain potentially sensitive information on the target system.

The vulnerability exists due to a boundary error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, trigger integer overflow and gain access to arbitrary data.

Mitigation

The vulnerability has been addressed in the versions 2015.006.30461, 2017.011.30110, 2019.010.20064.

Vulnerable software versions

Adobe Acrobat: 15.006.30306 - 19.008.20081

Adobe Reader: 2015.006.30306 - 2019.008.20081

External links

http://helpx.adobe.com/security/products/acrobat/apsb18-41.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

83) Integer overflow

EUVDB-ID: #VU16397

Risk: Low

CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2018-16007

CWE-ID: CWE-190 - Integer overflow

Exploit availability: No

Description

The vulnerability allows a remote attacker to obtain potentially sensitive information on the target system.

The vulnerability exists due to a boundary error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, trigger integer overflow and gain access to arbitrary data.

Mitigation

The vulnerability has been addressed in the versions 2015.006.30461, 2017.011.30110, 2019.010.20064.

Vulnerable software versions

Adobe Acrobat: 15.006.30306 - 19.008.20081

Adobe Reader: 2015.006.30306 - 2019.008.20081

External links

http://helpx.adobe.com/security/products/acrobat/apsb18-41.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

84) Integer overflow

EUVDB-ID: #VU16398

Risk: Low

CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2018-15995

CWE-ID: CWE-190 - Integer overflow

Exploit availability: No

Description

The vulnerability allows a remote attacker to obtain potentially sensitive information on the target system.

The vulnerability exists due to a boundary error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, trigger integer overflow and gain access to arbitrary data.

Mitigation

The vulnerability has been addressed in the versions 2015.006.30461, 2017.011.30110, 2019.010.20064.

Vulnerable software versions

Adobe Acrobat: 15.006.30306 - 19.008.20081

Adobe Reader: 2015.006.30306 - 2019.008.20081

External links

http://helpx.adobe.com/security/products/acrobat/apsb18-41.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

85) Integer overflow

EUVDB-ID: #VU16399

Risk: Low

CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2018-15986

CWE-ID: CWE-190 - Integer overflow

Exploit availability: No

Description

The vulnerability allows a remote attacker to obtain potentially sensitive information on the target system.

The vulnerability exists due to a boundary error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, trigger integer overflow and gain access to arbitrary data.

Mitigation

The vulnerability has been addressed in the versions 2015.006.30461, 2017.011.30110, 2019.010.20064.

Vulnerable software versions

Adobe Acrobat: 15.006.30306 - 19.008.20081

Adobe Reader: 2015.006.30306 - 2019.008.20081

External links

http://helpx.adobe.com/security/products/acrobat/apsb18-41.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

86) Information disclosure

EUVDB-ID: #VU16395

Risk: Low

CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2018-16042

CWE-ID: CWE-264 - Permissions, Privileges, and Access Controls

Exploit availability: No

Description

The vulnerability allows a remote attacker to obtain potentially sensitive information on the target system.

The weakness exists due to improper privileges and access controls. A remote attacker can trick the victim into opening a specially crafted .pdf file, bypass security restrictions and gain access to arbitrary data.

Mitigation

The vulnerability has been addressed in the versions 2015.006.30461, 2017.011.30110, 2019.010.20064.

Vulnerable software versions

Adobe Acrobat: 15.006.30306 - 19.008.20081

Adobe Reader: 2015.006.30306 - 2019.008.20081

External links

http://helpx.adobe.com/security/products/acrobat/apsb18-41.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###