Lucene search

[email protected]CVE-2018-16042

HistoryJan 18, 2019 - 5:29 p.m.

CVE-2018-16042

2019-01-1817:29:00

CWE-347

[email protected]

web.nvd.nist.gov

346

adobe

acrobat

reader

cve-2018-16042

security bypass

information disclosure

vulnerability

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

7.3 High

AI Score

Confidence

Low

6.4 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:P/A:N

0.485 Medium

EPSS

Percentile

97.5%

JSON

Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008.20080 and earlier, 2019.008.20081 and earlier, 2017.011.30106 and earlier version, 2017.011.30105 and earlier version, 2015.006.30457 and earlier, and 2015.006.30456 and earlier have a security bypass vulnerability. Successful exploitation could lead to information disclosure.

CPENameOperatorVersion
adobe:acrobat_dcadobe acrobat dcle15.006.30457
adobe:acrobat_dcadobe acrobat dcle19.008.20081
adobe:acrobat_dcadobe acrobat dcle17.011.30106
adobe:acrobat_reader_dcadobe acrobat reader dcle15.006.30457
adobe:acrobat_reader_dcadobe acrobat reader dcle19.008.20081
adobe:acrobat_reader_dcadobe acrobat reader dcle17.011.30106
adobe:readeradobe readereq11.0.10
adobe:readeradobe readereq11.0.23
iskysoft:pdf_editor_6iskysoft pdf editor 6eq6.4.2.3521
iskysoft:pdfelement6iskysoft pdfelement6eq6.8.0.3523

CPE	Name	Operator	Version
adobe:acrobat_dc	adobe acrobat dc	le	15.006.30457
adobe:acrobat_dc	adobe acrobat dc	le	19.008.20081
adobe:acrobat_dc	adobe acrobat dc	le	17.011.30106
adobe:acrobat_reader_dc	adobe acrobat reader dc	le	15.006.30457
adobe:acrobat_reader_dc	adobe acrobat reader dc	le	19.008.20081
adobe:acrobat_reader_dc	adobe acrobat reader dc	le	17.011.30106
adobe:reader	adobe reader	eq	11.0.10
adobe:reader	adobe reader	eq	11.0.23
iskysoft:pdf_editor_6	iskysoft pdf editor 6	eq	6.4.2.3521
iskysoft:pdfelement6	iskysoft pdfelement6	eq	6.8.0.3523

Rows per page:

1-10 of 211

References

www.securityfocus.com/bid/106159

helpx.adobe.com/security/products/acrobat/apsb18-41.html

pdf-insecurity.org/signature/evaluation_2018.html

pdf-insecurity.org/signature/signature.html

www.pdfa.org/recently-identified-pdf-digital-signature-vulnerabilities/

Social References

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

7.3 High

AI Score

Confidence

Low

6.4 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:P/A:N

0.485 Medium

EPSS

Percentile

97.5%

JSON

Related for CVE-2018-16042

checkpoint_advisories1 prion1 kaspersky1 openvas12 nessus4 adobe1