CyberSec.Space Logo
返回 CVE 瀏覽器

CVE-2018-4872

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.1400%
EPSS Percentile29.88th
Published2018年2月27日
Last Modified2024年11月21日

Vulnerability Description

An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions. This vulnerability is a security bypass vulnerability that leads to a sandbox escape. Specifically, the vulnerability exists in the way a cross call is handled.

Affected Platforms (CPE)

📦
Adobe

Acrobat

>= 17.0 and <= 17.011.30070
📦
Adobe

Acrobat Dc

>= - and <= 18.009.20050
📦
Adobe

Acrobat Dc

>= 15.0 and <= 15.006.30394
📦
Adobe

Acrobat Reader

>= 17.0 and <= 17.011.30070
📦
Adobe

Acrobat Reader Dc

>= - and <= 18.009.20050
📦
Adobe

Acrobat Reader Dc

>= 15.0 and <= 15.006.30394

References & Advisories

🔗 http://www.securityfocus.com/bid/102993
🔗 http://www.securitytracker.com/id/1040364
🔗 https://helpx.adobe.com/security/products/acrobat/apsb18-02.html
🔗 http://www.securityfocus.com/bid/102993
🔗 http://www.securitytracker.com/id/1040364
🔗 https://helpx.adobe.com/security/products/acrobat/apsb18-02.html

相關漏洞威脅

CVE-2004-063110.0

Buffer overflow in the uudecoding feature for Adobe Acrobat Reader 5.0.5 and 5.0.6 for Unix and Linux, and possibly other versions...

CVE-2013-273310.0

Buffer overflow in Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and 11.x before 11.0.03 allows attackers to exec...

CVE-2004-063010.0

The uudecoding feature in Adobe Acrobat Reader 5.0.5 and 5.0.6 for Unix and Linux, and possibly other versions including those bef...

CVE-2004-115210.0

Buffer overflow in the mailListIsPdf function in Adobe Acrobat Reader 5.09 for Unix allows remote attackers to execute arbitrary c...