6 matches found
Temporary Patch Released For Adobe Reader Zero-Day
A temporary patch has been released to address a zero-day vulnerability in Adobe Reader that could enable bad actors to steal victims’ hashed password values, known as “NTLM hashes.” 0patch on Monday released a micropatch for the flaw, found in Adobe Reader DC. The vulnerability, which has no...
Adobe Acrobat Reader DC JSON Stringify Remote Code Execution Vulnerability
Summary A specific JavaScript code embedded in a PDF file can lead to a use-after-free condition when opening a PDF document in Adobe Acrobat Reader DC 2018.011.20038. With careful memory manipulation, this can lead to arbitrary code execution. In order to trigger this vulnerability, the victim...
CVE-2018-4993
Adobe Acrobat/Reader affected versions: 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier. The CVE-2018-4993 entry documents an NTLM SSO hash theft vulnerability that could lead to information disclosure upon successful exploitation. Connected documents also d...
Adobe Acrobat 2017 Security Updates (APSB18-09) - Windows
Adobe Acrobat 2017 is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:adobe:acrobat";...
Adobe Acrobat 2017 Security Updates (APSB18-09) - Mac OS X
Adobe Acrobat 2017 is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:adobe:acrobat";...
Multiple PDF readers NTLMv2 Credential Theft (CVE-2018-4993)
A data leakage vulnerability exists in Multiple PDF readers. A remote attacker can exploit this vulnerability by enticing the target user to open a specially crafted PDF file. Successful results in leakage of the affected user's Net-NTLM credentials...