KLA11252 Multiple vulnerabilities in Adobe Acrobat and Acrobat Reader

Multiple serious vulnerabilities have been found in Adobe Acrobat and Acrobat Reader. Malicious users can exploit these vulnerabilities to execute arbitrary code, obtain sensitive information and bypass security restrictions. Below is a complete list of vulnerabilities:

1. A double free vulnerability can be exploited remotely via specially crafted JPEG2000 image to execute arbitrary code;
2. Multiple heap buffer overflow vulnerabilities can be exploited remotely to execute arbitrary code;
3. Multiple use-after-free vulnerabilities can be exploited remotely to execute arbitrary code;
4. An out-of-bounds write vulnerability can be exploited remotely to execute arbitrary code;
5. A security bypass vulnerability can be exploited remotely to obtain sensitive information;
6. Multiple out-of-bounds read vulnerabilities can be exploited remotely to obtain sensitive information;
7. A type confusion vulnerability can be exploited remotely to execute arbitrary code;
8. An untrusted pointer dereference vulnerability can be exploited remotely to execute arbitrary code;
9. A memory corruption vulnerability can be exploited remotely to obtain sensitive information;
10. A NTLM SSO hash theft vulnerability can be exploited remotely to obtain sensitive information;
11. A HTTP POST new line injection vulnerability can be exploited remotely via XFA submission to bypass security restrictions;

Original advisories

APSB18-09

Exploitation

Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.

Related products

Adobe-Acrobat

Adobe-Acrobat-Reader-DC-Continuous

Adobe-Acrobat-Reader-DC-Classic

Adobe-Acrobat-DC-Continuous

Adobe-Acrobat-DC-Classic

Adobe-Acrobat-Reader-2017

Adobe-Acrobat-2017

Adobe-Acrobat-Reader

CVE list

CVE-2018-4990 critical

CVE-2018-4947 critical

CVE-2018-4948 critical

CVE-2018-4966 critical

CVE-2018-4968 critical

CVE-2018-4978 critical

CVE-2018-4982 critical

CVE-2018-4984 critical

CVE-2018-4996 critical

CVE-2018-4952 critical

CVE-2018-4954 critical

CVE-2018-4958 critical

CVE-2018-4959 critical

CVE-2018-4961 critical

CVE-2018-4971 critical

CVE-2018-4974 critical

CVE-2018-4977 critical

CVE-2018-4980 critical

CVE-2018-4983 critical

CVE-2018-4988 critical

CVE-2018-4989 critical

CVE-2018-4950 critical

CVE-2018-4979 high

CVE-2018-4949 critical

CVE-2018-4951 high

CVE-2018-4955 critical

CVE-2018-4956 critical

CVE-2018-4957 critical

CVE-2018-4960 critical

CVE-2018-4962 critical

CVE-2018-4963 critical

CVE-2018-4964 critical

CVE-2018-4967 critical

CVE-2018-4969 critical

CVE-2018-4970 critical

CVE-2018-4972 high

CVE-2018-4973 critical

CVE-2018-4975 critical

CVE-2018-4976 critical

CVE-2018-4981 critical

CVE-2018-4986 critical

CVE-2018-4985 critical

CVE-2018-4953 critical

CVE-2018-4987 critical

CVE-2018-4965 critical

CVE-2018-4993 critical

CVE-2018-4995 critical

CVE-2018-12812 critical

CVE-2018-12815 critical

Solution

Upgrade to latest versionDownload Adobe Acrobat Reader DC

Download Adobe Acrobat DC

Impacts

• ACE

Arbitrary code execution. Exploitation of vulnerabilities with this impact can lead to executing by abuser any code or commands at vulnerable machine or process.

• OSI

Obtain sensitive information. Exploitation of vulnerabilities with this impact can lead to capturing by abuser information, critical for user or system.

• SB

Security bypass. Exploitation of vulnerabilities with this impact can lead to performing actions restricted by current security settings.

Affected Products

• Adobe Acrobat DC earlier than 2018.011.20040Adobe Acrobat Reader DC earlier than 2018.011.20040Adobe Acrobat 2017 earlier than 2017.011.30080Adobe Acrobat Reader 2017 earlier than 2017.011.30080Adobe Acrobat DC (Classic 2015) earlier than 2015.006.30418Adobe Acrobat Reader DC (Classic 2015) earlier than 2015.006.30418