Lucene search
Sebastian Apelt (@bitshifter123)ZDI-18-1400HistoryDec 12, 2018 - 12:00 a.m.
Adobe Reader DC Onix32 Untrusted Pointer Dereference Remote Code Execution Vulnerability
2018-12-1200:00:00
Sebastian Apelt (@bitshifter123)
www.zerodayinitiative.com
12
EPSS
0.005
Percentile
76.3%
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of index files within Onix32.dll. The issue results from the lack of proper validation of a user-supplied value prior to dereferencing it as a pointer. An attacker can leverage this vulnerability to execute code in the context of the current process.
Related
prion
prion
Null pointer dereference
2019-01-18 17:29:00
cve
cve
CVE-2018-19720
2019-01-18 17:29:45
checkpoint_advisories
checkpoint_advisories
cvelist
cvelist
CVE-2018-19720
2019-01-18 17:00:00
nvd
nvd
CVE-2018-19720
2019-01-18 17:29:45
openvas
openvas
Adobe Reader 2017 Security Updates (APSB18-41) - Mac OS X
2018-12-13 00:00:00
Adobe Reader 2017 Security Updates (APSB18-41) - Windows
2018-12-13 00:00:00
Adobe Acrobat DC (Classic Track) Security Updates (APSB18-34) - Windows
2018-12-13 00:00:00
nessus
nessus
kaspersky
kaspersky
KLA11390 Multiple vulnerabilities in Adobe Acrobat and Reader
2018-12-11 00:00:00
adobe
adobe
APSB18-41 Security Updates Available for Adobe Acrobat and Reader
2018-12-11 00:00:00