ID:2722 - Exploit for Out-of-bounds read in Adobe Reader and Adobe Acrobat - CVE-2018-5063

CSH
CYBERSECURITY HELP
Sign In REGISTER
 
Main Vulnerability Database Exploits ID:2722 - Exploit for Out-of-bounds read in Adobe Reader and Adobe Acrobat - CVE-2018-5063

ID:2722 - Exploit for Out-of-bounds read in Adobe Reader and Adobe Acrobat - CVE-2018-5063

Published: May 18, 2020


Vulnerability identifier: #VU13734
Vulnerability risk: Low
CVE-ID: CVE-2018-5063
CWE-ID: CWE-125
Exploitation vector: Remote access
Vulnerable software:
Adobe Reader
Adobe Acrobat

Link to public exploit:


Vulnerability description

The vulnerability allows a remote attacker to gain access to sensitive information.

The vulnerability exists due to a boundary error when processing .pdf files in the Extensible Stylesheet Language Transformations (XSLT) engine. A remote attacker can trick the user into opening a specially crafted .pdf file, trigger an out-of-bounds read error and gain access to sensitive information stored in memory or cause application crash.


Remediation

Install updates from vendor's website.