CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
Confidence
High
The version of Adobe Reader installed on the remote macOS host is a version prior to 2015.006.30434, 2017.011.30096, or 2018.011.20055. It is, therefore, affected by multiple vulnerabilities.
Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have a Double Free vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user. (CVE-2018-12782)
Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have a Heap Overflow vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user. (CVE-2018-12785, CVE-2018-12788, CVE-2018-12798, CVE-2018-5015, CVE-2018-5028, CVE-2018-5032, CVE-2018-5036, CVE-2018-5038, CVE-2018-5040, CVE-2018-5041, CVE-2018-5045, CVE-2018-5052, CVE-2018-5058, CVE-2018-5067)
Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have a Use-after-free vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user. (CVE-2018-12756, CVE-2018-12770, CVE-2018-12772, CVE-2018-12773, CVE-2018-12776, CVE-2018-12783, CVE-2018-12791, CVE-2018-12792, CVE-2018-12796, CVE-2018-12797, CVE-2018-5009, CVE-2018-5011, CVE-2018-5065)
Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user. (CVE-2018-12754, CVE-2018-12755, CVE-2018-12758, CVE-2018-12760, CVE-2018-12771, CVE-2018-12787, CVE-2018-5020, CVE-2018-5021, CVE-2018-5042, CVE-2018-5059, CVE-2018-5064, CVE-2018-5069, CVE-2018-5070)
Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have a Security Bypass vulnerability. Successful exploitation could lead to privilege escalation. (CVE-2018-12802)
Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. (CVE-2018-12757, CVE-2018-12761, CVE-2018-12762, CVE-2018-12763, CVE-2018-12764, CVE-2018-12765, CVE-2018-12766, CVE-2018-12767, CVE-2018-12768, CVE-2018-12774, CVE-2018-12777, CVE-2018-12779, CVE-2018-12780, CVE-2018-12781, CVE-2018-12786, CVE-2018-12789, CVE-2018-12790, CVE-2018-12795, CVE-2018-12803, CVE-2018-5010, CVE-2018-5014, CVE-2018-5016, CVE-2018-5017, CVE-2018-5018, CVE-2018-5019, CVE-2018-5022, CVE-2018-5023, CVE-2018-5024, CVE-2018-5025, CVE-2018-5026, CVE-2018-5027, CVE-2018-5029, CVE-2018-5031, CVE-2018-5033, CVE-2018-5035, CVE-2018-5039, CVE-2018-5044, CVE-2018-5046, CVE-2018-5047, CVE-2018-5048, CVE-2018-5049, CVE-2018-5050, CVE-2018-5051, CVE-2018-5053, CVE-2018-5054, CVE-2018-5055, CVE-2018-5056, CVE-2018-5060, CVE-2018-5061, CVE-2018-5062, CVE-2018-5063, CVE-2018-5066, CVE-2018-5068)
Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have a Type Confusion vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user. (CVE-2018-12793, CVE-2018-12794, CVE-2018-5057)
Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Untrusted pointer dereference vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user. (CVE-2018-5012, CVE-2018-5030)
Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have a Buffer Errors vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user. (CVE-2018-12784, CVE-2018-5034, CVE-2018-5037, CVE-2018-5043)
Note that Nessus has not tested for these issues but has instead relied only on the application’s self-reported version number.
#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
##
include('compat.inc');
if (description)
{
script_id(207077);
script_version("1.2");
script_set_attribute(attribute:"plugin_modification_date", value:"2024/09/13");
script_cve_id(
"CVE-2018-5009",
"CVE-2018-5010",
"CVE-2018-5011",
"CVE-2018-5012",
"CVE-2018-5014",
"CVE-2018-5015",
"CVE-2018-5016",
"CVE-2018-5017",
"CVE-2018-5018",
"CVE-2018-5019",
"CVE-2018-5020",
"CVE-2018-5021",
"CVE-2018-5022",
"CVE-2018-5023",
"CVE-2018-5024",
"CVE-2018-5025",
"CVE-2018-5026",
"CVE-2018-5027",
"CVE-2018-5028",
"CVE-2018-5029",
"CVE-2018-5030",
"CVE-2018-5031",
"CVE-2018-5032",
"CVE-2018-5033",
"CVE-2018-5034",
"CVE-2018-5035",
"CVE-2018-5036",
"CVE-2018-5037",
"CVE-2018-5038",
"CVE-2018-5039",
"CVE-2018-5040",
"CVE-2018-5041",
"CVE-2018-5042",
"CVE-2018-5043",
"CVE-2018-5044",
"CVE-2018-5045",
"CVE-2018-5046",
"CVE-2018-5047",
"CVE-2018-5048",
"CVE-2018-5049",
"CVE-2018-5050",
"CVE-2018-5051",
"CVE-2018-5052",
"CVE-2018-5053",
"CVE-2018-5054",
"CVE-2018-5055",
"CVE-2018-5056",
"CVE-2018-5057",
"CVE-2018-5058",
"CVE-2018-5059",
"CVE-2018-5060",
"CVE-2018-5061",
"CVE-2018-5062",
"CVE-2018-5063",
"CVE-2018-5064",
"CVE-2018-5065",
"CVE-2018-5066",
"CVE-2018-5067",
"CVE-2018-5068",
"CVE-2018-5069",
"CVE-2018-5070",
"CVE-2018-12754",
"CVE-2018-12755",
"CVE-2018-12756",
"CVE-2018-12757",
"CVE-2018-12758",
"CVE-2018-12760",
"CVE-2018-12761",
"CVE-2018-12762",
"CVE-2018-12763",
"CVE-2018-12764",
"CVE-2018-12765",
"CVE-2018-12766",
"CVE-2018-12767",
"CVE-2018-12768",
"CVE-2018-12770",
"CVE-2018-12771",
"CVE-2018-12772",
"CVE-2018-12773",
"CVE-2018-12774",
"CVE-2018-12776",
"CVE-2018-12777",
"CVE-2018-12779",
"CVE-2018-12780",
"CVE-2018-12781",
"CVE-2018-12782",
"CVE-2018-12783",
"CVE-2018-12784",
"CVE-2018-12785",
"CVE-2018-12786",
"CVE-2018-12787",
"CVE-2018-12788",
"CVE-2018-12789",
"CVE-2018-12790",
"CVE-2018-12791",
"CVE-2018-12792",
"CVE-2018-12793",
"CVE-2018-12794",
"CVE-2018-12795",
"CVE-2018-12796",
"CVE-2018-12797",
"CVE-2018-12798",
"CVE-2018-12802",
"CVE-2018-12803"
);
script_name(english:"Adobe Reader < 2015.006.30434 / 2017.011.30096 / 2018.011.20055 Multiple Vulnerabilities (APSB18-21) (macOS)");
script_set_attribute(attribute:"synopsis", value:
"The version of Adobe Reader installed on the remote macOS host is affected by multiple vulnerabilities.");
script_set_attribute(attribute:"description", value:
"The version of Adobe Reader installed on the remote macOS host is a version prior to 2015.006.30434, 2017.011.30096, or
2018.011.20055. It is, therefore, affected by multiple vulnerabilities.
- Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and
earlier versions have a Double Free vulnerability. Successful exploitation could lead to arbitrary code
execution in the context of the current user. (CVE-2018-12782)
- Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and
earlier versions have a Heap Overflow vulnerability. Successful exploitation could lead to arbitrary code
execution in the context of the current user. (CVE-2018-12785, CVE-2018-12788, CVE-2018-12798,
CVE-2018-5015, CVE-2018-5028, CVE-2018-5032, CVE-2018-5036, CVE-2018-5038, CVE-2018-5040, CVE-2018-5041,
CVE-2018-5045, CVE-2018-5052, CVE-2018-5058, CVE-2018-5067)
- Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and
earlier versions have a Use-after-free vulnerability. Successful exploitation could lead to arbitrary code
execution in the context of the current user. (CVE-2018-12756, CVE-2018-12770, CVE-2018-12772,
CVE-2018-12773, CVE-2018-12776, CVE-2018-12783, CVE-2018-12791, CVE-2018-12792, CVE-2018-12796,
CVE-2018-12797, CVE-2018-5009, CVE-2018-5011, CVE-2018-5065)
- Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and
earlier versions have an Out-of-bounds write vulnerability. Successful exploitation could lead to
arbitrary code execution in the context of the current user. (CVE-2018-12754, CVE-2018-12755,
CVE-2018-12758, CVE-2018-12760, CVE-2018-12771, CVE-2018-12787, CVE-2018-5020, CVE-2018-5021,
CVE-2018-5042, CVE-2018-5059, CVE-2018-5064, CVE-2018-5069, CVE-2018-5070)
- Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and
earlier versions have a Security Bypass vulnerability. Successful exploitation could lead to privilege
escalation. (CVE-2018-12802)
- Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and
earlier versions have an Out-of-bounds read vulnerability. Successful exploitation could lead to
information disclosure. (CVE-2018-12757, CVE-2018-12761, CVE-2018-12762, CVE-2018-12763, CVE-2018-12764,
CVE-2018-12765, CVE-2018-12766, CVE-2018-12767, CVE-2018-12768, CVE-2018-12774, CVE-2018-12777,
CVE-2018-12779, CVE-2018-12780, CVE-2018-12781, CVE-2018-12786, CVE-2018-12789, CVE-2018-12790,
CVE-2018-12795, CVE-2018-12803, CVE-2018-5010, CVE-2018-5014, CVE-2018-5016, CVE-2018-5017, CVE-2018-5018,
CVE-2018-5019, CVE-2018-5022, CVE-2018-5023, CVE-2018-5024, CVE-2018-5025, CVE-2018-5026, CVE-2018-5027,
CVE-2018-5029, CVE-2018-5031, CVE-2018-5033, CVE-2018-5035, CVE-2018-5039, CVE-2018-5044, CVE-2018-5046,
CVE-2018-5047, CVE-2018-5048, CVE-2018-5049, CVE-2018-5050, CVE-2018-5051, CVE-2018-5053, CVE-2018-5054,
CVE-2018-5055, CVE-2018-5056, CVE-2018-5060, CVE-2018-5061, CVE-2018-5062, CVE-2018-5063, CVE-2018-5066,
CVE-2018-5068)
- Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and
earlier versions have a Type Confusion vulnerability. Successful exploitation could lead to arbitrary code
execution in the context of the current user. (CVE-2018-12793, CVE-2018-12794, CVE-2018-5057)
- Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and
earlier versions have an Untrusted pointer dereference vulnerability. Successful exploitation could lead
to arbitrary code execution in the context of the current user. (CVE-2018-5012, CVE-2018-5030)
- Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and
earlier versions have a Buffer Errors vulnerability. Successful exploitation could lead to arbitrary code
execution in the context of the current user. (CVE-2018-12784, CVE-2018-5034, CVE-2018-5037,
CVE-2018-5043)
Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version
number.");
script_set_attribute(attribute:"see_also", value:"https://helpx.adobe.com/security/products/acrobat/apsb18-21.html");
script_set_attribute(attribute:"solution", value:
"Upgrade to Adobe Reader version 2015.006.30434 / 2017.011.30096 / 2018.011.20055 or later.");
script_set_attribute(attribute:"agent", value:"unix");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
script_set_cvss_temporal_vector("CVSS2#E:H/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:H/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2018-5070");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_set_attribute(attribute:"exploited_by_malware", value:"true");
script_set_attribute(attribute:"vuln_publication_date", value:"2018/07/10");
script_set_attribute(attribute:"patch_publication_date", value:"2018/07/10");
script_set_attribute(attribute:"plugin_publication_date", value:"2024/09/12");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"cpe:/a:adobe:acrobat_reader");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"MacOS X Local Security Checks");
script_copyright(english:"This script is Copyright (C) 2024 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("macosx_adobe_reader_installed.nasl");
script_require_keys("Host/local_checks_enabled", "Host/MacOSX/Version", "installed_sw/Adobe Reader");
exit(0);
}
include('vcf_extras.inc');
get_kb_item_or_exit('Host/local_checks_enabled');
os = get_kb_item('Host/MacOSX/Version');
if (empty_or_null(os)) audit(AUDIT_OS_NOT, 'Mac OS X');
var app_info = vcf::get_app_info(app:'Adobe Reader');
# vcf::adobe_reader::check_version_and_report will
# properly separate tracks when checking constraints.
# x.y.30zzz = DC Classic
# x.y.20zzz = DC Continuous
var constraints = [
{ 'min_version' : '15.6', 'max_version' : '15.006.30418', 'fixed_version' : '15.006.30434', 'track' : 'DC Classic' },
{ 'min_version' : '17.8', 'max_version' : '17.011.30080', 'fixed_version' : '17.011.30096', 'track' : 'DC Classic' },
{ 'min_version' : '15.7', 'max_version' : '18.011.20040', 'fixed_version' : '18.011.20055', 'track' : 'DC Continuous' }
];
vcf::adobe_acrobat::check_version_and_report(
app_info:app_info,
constraints:constraints,
max_segs:3,
severity:SECURITY_HOLE
);
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12754
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12755
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12756
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12757
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12758
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12760
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12761
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12762
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12763
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12764
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12765
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12766
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12767
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12768
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12770
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12771
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12772
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12773
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12774
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12776
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12777
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12779
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12780
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12781
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12782
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12783
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12784
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12785
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12786
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12787
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12788
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12789
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12790
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12791
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12792
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12793
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12794
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12795
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12796
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12797
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12798
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12802
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12803
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5009
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5010
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5011
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5012
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5014
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5015
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5016
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5017
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5018
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5019
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5020
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5021
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5022
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5023
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5024
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5025
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5026
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5027
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5028
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5029
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5030
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5031
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5032
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5033
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5034
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5035
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5036
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5037
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5038
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5039
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5040
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5041
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5042
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5043
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5044
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5045
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5046
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5047
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5048
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5049
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5050
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5051
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5052
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5053
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5054
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5055
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5056
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5057
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5058
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5059
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5060
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5061
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5062
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5063
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5064
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5065
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5066
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5067
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5068
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5069
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5070
helpx.adobe.com/security/products/acrobat/apsb18-21.html
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
Confidence
High