Kaspersky Threats

Дата обнаружения

09/04/2019

Уровень угрозы

Critical

Описание

Multiple vulnerabilities were found in Adobe Acrobat and Reader. Malicious users can exploit these vulnerabilities to execute arbitrary code, obtain sensitive information.

Below is a complete list of vulnerabilities:

Multiple out-of-bounds read vulnerabilities can be exploited remotely to obtain sensitive information;
Multiple out-of-bounds write vulnerabilities can be exploited remotely to execute arbitrary code;
Multiple type confusion vulnerabilities can be exploited remotely to execute arbitrary code;
Multiple use after free vulnerabilities can be exploited remotely to execute arbitrary code;
Multiple heap overflow vulnerabilities can be exploited remotely to execute arbitrary code.

Эксплуатация

Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.

Пораженные продукты

Acrobat DC Continuous 2019.010.20098 and earlier versions for Windows and macOS
Acrobat Reader DC Continuous 2019.010.20098 and earlier versions for Windows and macOS
Acrobat 2017 2017.011.30127 and earlier version for Windows and macOS
Acrobat Reader 2017.011.30127 and earlier version for Windows and macOS
Acrobat DC Classic 2015.006.30482 and earlier versions for Windows and macOS
Acrobat Reader DC Classic 2015.006.30482 and earlier versions for Windows and macOS

Решение

Update to the latest version
Download Adobe Acrobat Reader DC

Первичный источник обнаружения

Security updates available for Adobe Acrobat and Reader | APSB19-17

Оказываемое влияние

?

ACE

[?]

OSI

[?]

Связанные продукты

Adobe Acrobat Reader DC Continuous
Adobe Acrobat Reader DC Classic
Adobe Acrobat DC Continuous
Adobe Acrobat DC Classic
Adobe Acrobat Reader 2017
Adobe Acrobat 2017

CVE-IDS