Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
kasperskyKaspersky LabKLA11283
HistoryJul 10, 2018 - 12:00 a.m.

KLA11283 Multiple vulnerabilities in Adobe Acrobat&Reader

2018-07-1000:00:00
Kaspersky Lab
threats.kaspersky.com
114

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.4 High

AI Score

Confidence

High

0.122 Low

EPSS

Percentile

95.4%

JSON

Multiple vulnerabilities was found in Adobe Acrobat&Reader.

Original advisories

Prenotification Security Advisory for Adobe Acrobat and Reader | APSB18-21

Exploitation

Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.

Related products

Adobe-Acrobat-Reader-DC-Continuous

Adobe-Acrobat-Reader-DC-Classic

Adobe-Acrobat-DC-Continuous

Adobe-Acrobat-DC-Classic

Adobe-Acrobat-Reader-2017

Adobe-Acrobat-2017

CVE list

CVE-2018-12782 critical

CVE-2018-5015 high

CVE-2018-5028 high

CVE-2018-5032 high

CVE-2018-5036 high

CVE-2018-5038 high

CVE-2018-5040 high

CVE-2018-5041 high

CVE-2018-5045 high

CVE-2018-5052 high

CVE-2018-5058 high

CVE-2018-5067 high

CVE-2018-12785 critical

CVE-2018-12788 high

CVE-2018-12798 critical

CVE-2018-5009 critical

CVE-2018-5011 critical

CVE-2018-5065 high

CVE-2018-12756 critical

CVE-2018-12770 high

CVE-2018-12772 high

CVE-2018-12773 high

CVE-2018-12776 high

CVE-2018-12783 high

CVE-2018-12791 critical

CVE-2018-12792 critical

CVE-2018-12796 critical

CVE-2018-12797 critical

CVE-2018-5020 high

CVE-2018-5021 critical

CVE-2018-5042 high

CVE-2018-5059 high

CVE-2018-5064 critical

CVE-2018-5069 critical

CVE-2018-5070 critical

CVE-2018-12754 critical

CVE-2018-12755 critical

CVE-2018-12758 critical

CVE-2018-12760 critical

CVE-2018-12771 high

CVE-2018-12787 critical

CVE-2018-12802 critical

CVE-2018-5010 warning

CVE-2018-12803 warning

CVE-2018-5014 warning

CVE-2018-5016 warning

CVE-2018-5017 warning

CVE-2018-5018 warning

CVE-2018-5019 warning

CVE-2018-5022 warning

CVE-2018-5023 warning

CVE-2018-5024 warning

CVE-2018-5025 warning

CVE-2018-5026 warning

CVE-2018-5027 warning

CVE-2018-5029 warning

CVE-2018-5031 warning

CVE-2018-5033 warning

CVE-2018-5035 warning

CVE-2018-5039 warning

CVE-2018-5044 warning

CVE-2018-5046 warning

CVE-2018-5047 warning

CVE-2018-5048 warning

CVE-2018-5049 warning

CVE-2018-5050 warning

CVE-2018-5051 warning

CVE-2018-5053 warning

CVE-2018-5054 warning

CVE-2018-5055 warning

CVE-2018-5056 warning

CVE-2018-5060 warning

CVE-2018-5061 warning

CVE-2018-5062 warning

CVE-2018-5063 warning

CVE-2018-5066 warning

CVE-2018-5068 warning

CVE-2018-12757 warning

CVE-2018-12761 warning

CVE-2018-12762 warning

CVE-2018-12763 warning

CVE-2018-12764 warning

CVE-2018-12765 warning

CVE-2018-12766 warning

CVE-2018-12767 warning

CVE-2018-12768 warning

CVE-2018-12774 warning

CVE-2018-12777 warning

CVE-2018-12779 warning

CVE-2018-12780 warning

CVE-2018-12781 warning

CVE-2018-12786 warning

CVE-2018-12789 warning

CVE-2018-12790 warning

CVE-2018-12795 warning

CVE-2018-5057 high

CVE-2018-12793 warning

CVE-2018-12794 high

CVE-2018-5012 high

CVE-2018-5030 high

CVE-2018-5034 high

CVE-2018-5037 high

CVE-2018-5043 high

CVE-2018-12784 critical

Solution

Upgrade to latest versionDownload Adobe Acrobat Reader DC

Download Adobe Acrobat DC

Impacts

  • ACE

Arbitrary code execution. Exploitation of vulnerabilities with this impact can lead to executing by abuser any code or commands at vulnerable machine or process.

  • OSI

Obtain sensitive information. Exploitation of vulnerabilities with this impact can lead to capturing by abuser information, critical for user or system.

  • SB

Security bypass. Exploitation of vulnerabilities with this impact can lead to performing actions restricted by current security settings.

  • PE

Privilege escalation. Exploitation of vulnerabilities with this impact can lead to performing by abuser actions, which are normally disallowed for current role.

Affected Products

  • Acrobat DC Continuous earlier than 2018.011.20055Acrobat Reader DC Continuous earlier than 2018.011.20055Acrobat DC Classic 2017 earlier than 2017.011.30096Acrobat Reader DC Classic 2017 earlier than 2017.011.30096Acrobat DC Classic 2015 earlier than 2015.006.30434Acrobat Reader DC Classic 2015 earlier than 2015.006.30434

Related

nessus 4
openvas 12
trendmicroblog 1
adobe 1
nvd 33
prion 32
checkpoint_advisories 30
zdi 19
cve 31
cvelist 34
talos 1
srcincite 1
nessus
nessus
Adobe Reader <= 2015.006.30418 / 2017.011.30080 / 2018.011.20040 Multiple Vulnerabilities (APSB18-21)
2018-07-12 00:00:00
Adobe Reader < 15.006.30434 / 17.011.30096 / 18.011.20055 Multiple Vulnerabilities (APSB18-21) (macOS)
2018-07-12 00:00:00
Adobe Acrobat < 15.006.30434 / 17.011.30096 / 18.011.20055 Multiple Vulnerabilities (APSB18-21) (macOS)
2018-07-12 00:00:00
openvas
openvas
Adobe Acrobat DC (Continuous Track) Multiple Vulnerabilities (APSB18-21) - Windows
2018-07-12 00:00:00
Adobe Acrobat 2017 Multiple Vulnerabilities (APSB18-21) - Mac OS X
2018-07-12 00:00:00
Adobe Acrobat Reader DC (Continuous Track) Multiple Vulnerabilities (APSB18-21) - Mac OS X
2018-07-12 00:00:00
trendmicroblog
trendmicroblog
Zero-Day Coverage Update – Week of July 16, 2018
2018-07-20 15:24:42
adobe
adobe
APSB18-21 Security updates available for Adobe Acrobat and Reader
2018-07-10 00:00:00
nvd
nvd
CVE-2018-12798
2018-07-20 19:29:02
CVE-2018-12766
2018-07-20 19:29:00
CVE-2018-12796
2018-07-20 19:29:02
prion
prion
Double free
2018-07-20 19:29:00
Out-of-bounds
2018-07-20 19:29:00
Type confusion
2018-07-20 19:29:00
checkpoint_advisories
checkpoint_advisories
Adobe Acrobat and Reader Type Confusion (APSB18-21: CVE-2018-12793)
2018-07-10 00:00:00
Adobe Acrobat and Reader Use After Free (APSB18-21: CVE-2018-12796)
2018-07-10 00:00:00
Adobe Acrobat and Reader Out-of-bounds write (APSB18-21: CVE-2018-12755)
2018-07-10 00:00:00
zdi
zdi
Adobe Acrobat Pro DC HTML2PDF HTML Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
2018-07-16 00:00:00
Adobe Acrobat Pro DC ImageConversion EMF EMR_ALPHABLEND Out-Of-Bounds Read Information Disclosure Vulnerability
2018-07-16 00:00:00
Adobe Acrobat Pro DC ImageConversion EMF EMR_ALPHABLEND Heap-based Buffer Overflow Remote Code Execution Vulnerability
2018-07-16 00:00:00
cve
cve
CVE-2018-12774
2018-07-20 19:29:01
CVE-2018-12792
2018-07-20 19:29:01
CVE-2018-12765
2018-07-20 19:29:00
cvelist
cvelist
CVE-2018-12789
2018-07-20 19:00:00
CVE-2018-12792
2018-07-20 19:00:00
CVE-2018-12766
2018-07-20 19:00:00
talos
talos
Adobe Acrobat Reader DC Collab newWrStreamToCosObj Remote Code Execution Vulnerability
2018-07-10 00:00:00
srcincite
srcincite
SRC-2018-0022 : Adobe Acrobat Pro DC HTML2PDF HTML Parsing window getMatchedCSSRules Use-After-Free Remote Code Execution Vulnerability
2018-06-05 00:00:00

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.4 High

AI Score

Confidence

High

0.122 Low

EPSS

Percentile

95.4%

JSON
Related for KLA11283
nessus4openvas12trendmicroblog1adobe1nvd33prion32checkpoint_advisories30zdi19cve31cvelist34talos1srcincite1