Kaspersky ID:
KLA11324
Detect Date:
10/01/2018
Updated:
01/22/2024

Description

Multiple serious vulnerabilities were found in Adobe Acrobat and Reader. Malicious users can exploit these vulnerabilities to execute arbitrary code, obtain sensitive information and gain privileges. Below is a complete list of vulnerabilities:

  1. Multiple out-of-bounds write vulnerabilities can be exploited remotely to execute arbitrary code;
  2. Multiple out-of-bounds read vulnerabilities can be exploited remotely to obtain sensitive information;
  3. Multiple heap overflow vulnerabilities can be exploited remotely to execute arbitrary code;
  4. Multiple use-after-free vulnerabilities can be exploited remotely to execute arbitrary code;
  5. Multiple type confusion vulnerabilities can be exploited remotely to execute arbitrary code;
  6. A stack overflow vulnerability can be exploited remotely to obtain sensitive information;
  7. A double free vulnerability can be exploited remotely to execute arbitrary code;
  8. Multiple integer overflow vulnerabilities can be exploited remotely to obtain sensitive information;
  9. Multiple buffer errors vulnerabilities can be exploited remotely to execute arbitrary code;
  10. Multiple untrusted pointer dereference vulnerabilities can be exploited remotely to execute arbitrary code;
  11. A security bypass vulnerability can be exploited remotely to gain privileges.

Original advisories

Exploitation

Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.

Related products

CVE list

  • CVE-2018-15955
    critical
  • CVE-2018-15954
    critical
  • CVE-2018-15952
    critical
  • CVE-2018-15945
    critical
  • CVE-2018-15944
    critical
  • CVE-2018-15941
    critical
  • CVE-2018-15940
    critical
  • CVE-2018-15939
    critical
  • CVE-2018-15938
    critical
  • CVE-2018-15936
    critical
  • CVE-2018-15935
    critical
  • CVE-2018-15934
    critical
  • CVE-2018-15933
    critical
  • CVE-2018-15929
    critical
  • CVE-2018-15928
    critical
  • CVE-2018-12868
    critical
  • CVE-2018-12865
    critical
  • CVE-2018-12864
    critical
  • CVE-2018-12862
    critical
  • CVE-2018-12861
    critical
  • CVE-2018-12860
    critical
  • CVE-2018-12759
    critical
  • CVE-2018-15956
    warning
  • CVE-2018-15953
    warning
  • CVE-2018-15950
    warning
  • CVE-2018-15949
    warning
  • CVE-2018-15948
    warning
  • CVE-2018-15947
    warning
  • CVE-2018-15946
    warning
  • CVE-2018-15943
    warning
  • CVE-2018-15942
    warning
  • CVE-2018-15932
    warning
  • CVE-2018-15927
    warning
  • CVE-2018-15926
    warning
  • CVE-2018-15925
    warning
  • CVE-2018-15923
    warning
  • CVE-2018-15922
    warning
  • CVE-2018-12880
    warning
  • CVE-2018-12879
    warning
  • CVE-2018-12878
    warning
  • CVE-2018-12875
    warning
  • CVE-2018-12874
    warning
  • CVE-2018-12873
    warning
  • CVE-2018-12872
    warning
  • CVE-2018-12871
    warning
  • CVE-2018-12870
    warning
  • CVE-2018-12869
    warning
  • CVE-2018-12867
    warning
  • CVE-2018-12866
    warning
  • CVE-2018-12859
    warning
  • CVE-2018-12857
    warning
  • CVE-2018-12856
    warning
  • CVE-2018-12845
    warning
  • CVE-2018-12844
    warning
  • CVE-2018-12843
    warning
  • CVE-2018-12839
    warning
  • CVE-2018-12834
    warning
  • CVE-2018-15968
    warning
  • CVE-2018-12851
    critical
  • CVE-2018-12847
    high
  • CVE-2018-12846
    critical
  • CVE-2018-12837
    critical
  • CVE-2018-12836
    critical
  • CVE-2018-12833
    critical
  • CVE-2018-12832
    critical
  • CVE-2018-15924
    critical
  • CVE-2018-15920
    critical
  • CVE-2018-12877
    critical
  • CVE-2018-12863
    critical
  • CVE-2018-12852
    critical
  • CVE-2018-12831
    critical
  • CVE-2018-12769
    critical
  • CVE-2018-12876
    critical
  • CVE-2018-12858
    critical
  • CVE-2018-12835
    critical
  • CVE-2018-12838
    warning
  • CVE-2018-12841
    critical
  • CVE-2018-12881
    warning
  • CVE-2018-12842
    warning
  • CVE-2018-15951
    critical
  • CVE-2018-12855
    critical
  • CVE-2018-12853
    critical
  • CVE-2018-15937
    critical
  • CVE-2018-15931
    critical
  • CVE-2018-15930
    critical
  • CVE-2018-15966
    critical
  • CVE-2018-15977
    warning
  • CVE-2018-19722
    warning
  • CVE-2018-15921
    warning

Read more

Find out the statistics of the vulnerabilities spreading in your region on statistics.securelist.com

Found an inaccuracy in the description of this vulnerability? Let us know!
Kaspersky Next
Let’s go Next: redefine your business’s cybersecurity
Learn more
New Kaspersky!
Your digital life deserves complete protection!
Learn more
Confirm changes?
Your message has been sent successfully.