CyberSec.Space Logo
Back to CVE Browser

CVE-2018-4872

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.1400%
EPSS Percentile29.88th
PublishedFeb 27, 2018
Last ModifiedNov 21, 2024

Vulnerability Description

An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions. This vulnerability is a security bypass vulnerability that leads to a sandbox escape. Specifically, the vulnerability exists in the way a cross call is handled.

Affected Platforms (CPE)

πŸ“¦
Adobe

Acrobat

>= 17.0 and <= 17.011.30070
πŸ“¦
Adobe

Acrobat Dc

>= - and <= 18.009.20050
πŸ“¦
Adobe

Acrobat Dc

>= 15.0 and <= 15.006.30394
πŸ“¦
Adobe

Acrobat Reader

>= 17.0 and <= 17.011.30070
πŸ“¦
Adobe

Acrobat Reader Dc

>= - and <= 18.009.20050
πŸ“¦
Adobe

Acrobat Reader Dc

>= 15.0 and <= 15.006.30394

References & Advisories

πŸ”— http://www.securityfocus.com/bid/102993
πŸ”— http://www.securitytracker.com/id/1040364
πŸ”— https://helpx.adobe.com/security/products/acrobat/apsb18-02.html
πŸ”— http://www.securityfocus.com/bid/102993
πŸ”— http://www.securitytracker.com/id/1040364
πŸ”— https://helpx.adobe.com/security/products/acrobat/apsb18-02.html

Related Vulnerabilities

CVE-2004-063110.0

Buffer overflow in the uudecoding feature for Adobe Acrobat Reader 5.0.5 and 5.0.6 for Unix and Linux, and possibly other versions...

CVE-2013-273310.0

Buffer overflow in Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and 11.x before 11.0.03 allows attackers to exec...

CVE-2004-063010.0

The uudecoding feature in Adobe Acrobat Reader 5.0.5 and 5.0.6 for Unix and Linux, and possibly other versions including those bef...

CVE-2004-115210.0

Buffer overflow in the mailListIsPdf function in Adobe Acrobat Reader 5.09 for Unix allows remote attackers to execute arbitrary c...