KLA11193
Multiple vulnerabilities in Adobe Arcobat&Reader
Updated: 06/26/2019
Detect date
?
02/13/2018
Severity
?
Critical
Description

Multiple serious vulnerabilities have been found in Adobe Acrobat and Adobe Reader. Malicious users can exploit these vulnerabilities to execute arbitrary code and gain priveleges.

Below is a complete list of vulnerabilities:

  1. Use-after-free vulnerabilities can be exploited to execute arbitrary code;
  2. Heap buffer overflow vulnerabilities can be exploited to execute arbitrary code;
  3. Out-of-bounds write vulnerabilities can be exploited to execute arbitrary code;
  4. Security Mitigation Bypass vulnerability can be exploited remotely to gain priveleges;
  5. Out-of-bounds read vulnerabilities can be exploited remotely to execute arbitrary code;
Affected products

Acrobat DC 2018.009.20050 and earlier versions
Acrobat Reader DC (Continuous Track) 2018.009.20050 and earlier versions
Acrobat 2017 2017.011.30070 and earlier versions
Acrobat Reader 2017 2017.011.30070 and earlier versions
Acrobat DC (Classic Track) 2015.006.30394 and earlier versions 
Acrobat Reader DC (Classic Track) 2015.006.30394 and earlier versions

Solution

Update to the latest versions
Download Adobe Acrobat DC
Download Adobe Acrobat Reader DC

Original advisories

Adobe Security Bulletin

Impacts
?
ACE 
[?]

PE 
[?]
Related products
Adobe Acrobat
Adobe Acrobat Reader DC Continuous
Adobe Acrobat Reader DC Classic
Adobe Acrobat DC Continuous
Adobe Acrobat DC Classic
Adobe Acrobat Reader
CVE-IDS
?
CVE-2018-487210.0Critical
CVE-2018-48906.8High
CVE-2018-49046.8High
CVE-2018-49106.8High
CVE-2018-491710.0Critical
CVE-2018-48886.8High
CVE-2018-48926.8High
CVE-2018-49026.8High
CVE-2018-49116.8High
CVE-2018-49136.8High
CVE-2018-487910.0Critical
CVE-2018-489510.0Critical
CVE-2018-48986.8High
CVE-2018-49016.8High
CVE-2018-49156.8High
CVE-2018-49166.8High
CVE-2018-491810.0Critical
CVE-2018-48804.3Warning
CVE-2018-48814.3Warning
CVE-2018-48824.3Warning
CVE-2018-48834.3Warning
CVE-2018-48844.3Warning
CVE-2018-48854.3Warning
CVE-2018-48864.3Warning
CVE-2018-48874.3Warning
CVE-2018-48894.3Warning
CVE-2018-48914.3Warning
CVE-2018-48934.3Warning
CVE-2018-48944.3Warning
CVE-2018-48964.3Warning
CVE-2018-48974.3Warning
CVE-2018-48994.3Warning
CVE-2018-49004.3Warning
CVE-2018-49034.3Warning
CVE-2018-49054.3Warning
CVE-2018-49064.3Warning
CVE-2018-49074.3Warning
CVE-2018-49084.3Warning
CVE-2018-49094.3Warning
CVE-2018-49124.3Warning
CVE-2018-49144.3Warning