Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
talosblog[email protected] (Warren Mercer)TALOSBLOG:E89C3607ED6143C88E65B06729E1F294
HistoryJul 10, 2018 - 10:31 a.m.

Vulnerability Spotlight: Multiple Adobe Acrobat DC Remote Code Execution Vulnerabilties

2018-07-1010:31:00
[email protected] (Warren Mercer)
feedproxy.google.com
29

0.022 Low

EPSS

Percentile

88.1%

JSON

Discovered by Aleksandar Nikolic of Cisco Talos

Overview

Today, Talos is releasing details of new vulnerabilities within Adobe Acrobat Reader DC. Adobe Acrobat Reader is the most popular and most feature-rich PDF reader. It has a big user base, is usually a default PDF reader on systems and integrates into web browsers as a plugin for rendering PDFs. As such, tricking a user into visiting a malicious web page or sending a specially crafted email attachment can be enough to trigger these vulnerabilities.

TALOS-2018-0569 - Adobe Acrobat Reader DC Collab.drivers Remote Code Execution Vulnerability (CVE-2018-12812)

A specific JavaScript code embedded in a PDF file can lead to an object type confusion when opening a PDF document in Adobe Acrobat Reader DC 2018.011.20038. With careful memory manipulation, this can lead to arbitrary code execution. In order to trigger this vulnerability, the victim would need to open the malicious file or access a malicious web page. Detailed vulnerability information can be found here.

TALOS-2018-0590 - Adobe Acrobat Reader DC Collab newWrStreamToCosObj Remote Code Execution Vulnerability (CVE-2018-12756)

A specific JavaScript code embedded in a PDF file can lead to an object type confusion when opening a PDF document in Adobe Acrobat Reader DC 2018.011.20038. With careful memory manipulation, this can lead to arbitrary code execution. In order to trigger this vulnerability, victim would need to open the malicious file or access a malicious web page. Detailed vulnerability information can be found here.

TALOS-2018-0592 - Adobe Acrobat Reader DC JSON Stringify Remote Code Execution Vulnerability (CVE-2018-12815)

A specific JavaScript code embedded in a PDF file can lead to a use-after-free condition when opening a PDF document in Adobe Acrobat Reader DC 2018.011.20038. With careful memory manipulation, this can lead to arbitrary code execution. In order to trigger this vulnerability, victim would need to open the malicious file or access a malicious web page. Detailed vulnerability information can be found here.

Known vulnerable versions

Adobe Acrobat Reader DC 2018.011.20038

Coverage

The following Snort Rules will detect exploitation attempts. Note that additional rules may be released at a future date and current rules are subject to change pending additional vulnerability information. For the most current rule information, please refer to your FireSIGHT Management Center or Snort.org.

Snort Rules: 46292-46293, 46550-46551, 46634-46635

Related

checkpoint_advisories 3
prion 3
talos 3
cve 3
adobe 3
openvas 20
nessus 8
trendmicroblog 1
checkpoint_advisories
checkpoint_advisories
Adobe Acrobat Reader DC Collab Remote Code Execution (CVE-2018-12812)
2018-07-15 00:00:00
Adobe Acrobat and Reader Use After Free (APSB18-21: CVE-2018-12756)
2018-07-10 00:00:00
Adobe Acrobat and Reader Use After Free (APSB18-09 : CVE-2018-12815)
2018-07-15 00:00:00
prion
prion
Double free
2018-07-20 19:29:00
Type confusion
2018-07-20 19:29:00
Double free
2018-07-20 19:29:00
talos
talos
Adobe Acrobat Reader DC Collab newWrStreamToCosObj Remote Code Execution Vulnerability
2018-07-10 00:00:00
Adobe Acrobat Reader DC Collab.drivers Remote Code Execution Vulnerability
2018-07-10 00:00:00
Adobe Acrobat Reader DC JSON Stringify Remote Code Execution Vulnerability
2018-07-10 00:00:00
cve
cve
CVE-2018-12756
2018-07-20 19:29:00
CVE-2018-12815
2018-07-20 19:29:00
CVE-2018-12812
2018-07-20 19:29:00
adobe
adobe
APSB18-27 Security update available for Adobe Digital Editions
2018-10-09 00:00:00
APSB18-09 Security Updates Available for Adobe Acrobat and Reader
2018-05-14 00:00:00
APSB18-21 Security updates available for Adobe Acrobat and Reader
2018-07-10 00:00:00
openvas
openvas
Adobe Acrobat 2017 Security Updates (APSB18-09) - Mac OS X
2018-05-15 00:00:00
Adobe Acrobat DC (Classic Track) Security Updates (APSB18-09) - Mac OS X
2018-05-15 00:00:00
Adobe Reader DC (Classic Track) Security Updates (APSB18-09) - Windows
2018-05-15 00:00:00
nessus
nessus
Adobe Acrobat < 2015.006.30418 / 2017.011.30080 / 2018.011.20040 Multiple Vulnerabilities (APSB18-09)
2018-05-17 00:00:00
Adobe Reader < 2015.006.30418 / 2017.011.30080 / 2018.011.20040 Multiple Vulnerabilities (APSB18-09) (macOS)
2018-05-17 00:00:00
Adobe Acrobat < 2015.006.30418 / 2017.011.30080 / 2018.011.20040 Multiple Vulnerabilities (APSB18-09) (macOS)
2018-05-17 00:00:00
trendmicroblog
trendmicroblog
Zero-Day Coverage Update – Week of July 16, 2018
2018-07-20 15:24:42

0.022 Low

EPSS

Percentile

88.1%

JSON
Related for TALOSBLOG:E89C3607ED6143C88E65B06729E1F294
checkpoint_advisories3prion3talos3cve3adobe3openvas20nessus8trendmicroblog1