[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244625

 
 

909

 
 

193379

 
 

277

Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2018-4879Date: (C)2018-03-03   (M)2024-02-26


An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions. The vulnerability is caused by the computation that writes data past the end of the intended buffer; the computation is part of the image conversion module that processes Enhanced Metafile Format Plus (EMF+) data. An attacker can potentially leverage the vulnerability to corrupt sensitive data or execute arbitrary code.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V3 Severity:CVSS V2 Severity:
CVSS Score : 9.8CVSS Score : 10.0
Exploit Score: 3.9Exploit Score: 10.0
Impact Score: 5.9Impact Score: 10.0
 
CVSS V3 Metrics:CVSS V2 Metrics:
Attack Vector: NETWORKAccess Vector: NETWORK
Attack Complexity: LOWAccess Complexity: LOW
Privileges Required: NONEAuthentication: NONE
User Interaction: NONEConfidentiality: COMPLETE
Scope: UNCHANGEDIntegrity: COMPLETE
Confidentiality: HIGHAvailability: COMPLETE
Integrity: HIGH 
Availability: HIGH 
  
Reference:
BID-102994
SECTRACK-1040364
https://helpx.adobe.com/security/products/acrobat/apsb18-02.html

CPE    108
cpe:/a:adobe:acrobat_dc:15.006.30172::~~classic~~~
cpe:/a:adobe:acrobat_reader_dc:17.009.20044::~~continuous~~~
cpe:/a:adobe:acrobat_dc:15.006.30119::~~classic~~~
cpe:/a:adobe:acrobat_dc:15.010.20060::~~continuous~~~
...
CWE    1
CWE-787
OVAL    4
oval:org.secpod.oval:def:44104
oval:org.secpod.oval:def:44143
oval:org.secpod.oval:def:43922
oval:org.secpod.oval:def:43961
...

© SecPod Technologies