Main
Vulnerability Database
Exploits
ID:2682 - Exploit for Information disclosure in Adobe Acrobat and Adobe Reader - CVE-2018-4993
ID:2682 - Exploit for Information disclosure in Adobe Acrobat and Adobe Reader - CVE-2018-4993
Published: May 18, 2020
Vulnerability identifier: #VU12689
Vulnerability risk: Low
CVE-ID: CVE-2018-4993
CWE-ID: CWE-200
Exploitation vector: Remote access
Vulnerable software:
Adobe Acrobat
Adobe Reader
Adobe Acrobat
Adobe Reader
Link to public exploit:
Vulnerability description
The vulnerability allows a remote attacker to obtain potentially sensitive information on the target system.
The weakness exists due to NTLM SSO hash theft when handling malicious input. A remote attacker can trick the victim into opening a specially crafted .pdf file and gain access to arbitrary data.
The weakness exists due to NTLM SSO hash theft when handling malicious input. A remote attacker can trick the victim into opening a specially crafted .pdf file and gain access to arbitrary data.
Remediation
Update to version 2018.011.20040, 2017.011.30080 or 2015.006.30418.