CVE-2018-12874
published 2018-10-12CVE-2018-12874: Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011.30102 and earlier, and 2015.006.30452 and earlier have an out-of-bounds read…
medium5.5CVSS 3.0
AVLACLPRNUIRSUCHINAN
Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011.30102 and earlier, and 2015.006.30452 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.
Affected
8 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| adobe | acrobat_dc | 15.006.30060 – 15.006.30452 | — |
| adobe | acrobat_dc | 15.008.20082 – 18.011.20063 | — |
| adobe | acrobat_dc | 17.011.30059 – 17.011.30102 | — |
| adobe | acrobat_reader_dc | 15.006.30060 – 15.006.30452 | — |
| adobe | acrobat_reader_dc | 15.008.20082 – 18.011.20063 | — |
| adobe | acrobat_reader_dc | 17.011.30059 – 17.011.30102 | — |
| adobe | adobe_acrobat_and_reader | — | — |
| videolan | vlc_media_player | >= 0 < 3.0.7.1-0ubuntu18.04.1 | 3.0.7.1-0ubuntu18.04.1 |
CVSS provenance
nvdv3.05.5MEDIUMCVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
osv9.1CRITICAL
GHSA
GHSA-x4m3-5762-4q47: Adobe Acrobat and Reader versions 2018
ghsa_unreviewed·2022-05-13
CVE-2018-12874 [MEDIUM] CWE-125 GHSA-x4m3-5762-4q47: Adobe Acrobat and Reader versions 2018
Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011.30102 and earlier, and 2015.006.30452 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.
OSV
vlc vulnerabilities
osv·2019-07-25·CVSS 9.1
CVE-2018-19857 vlc vulnerabilities
vlc vulnerabilities
It was discovered that the VLC CAF demuxer incorrectly handled certain
files. If a user were tricked into opening a specially-crafted CAF file, a
remote attacker could use this issue to cause VLC to crash, resulting in a
denial of service. This issue only affected Ubuntu 18.04 LTS.
(CVE-2018-19857)
It was discovered that the VLC Matroska demuxer incorrectly handled certain
files. If a user were tricked into opening a specially-crafted MKV file, a
remote attacker could use this issue to cause VLC to crash, resulting in a
denial of service, or possibly execute arbitrary code. (CVE-2019-12874)
It was discovered that the VLC MP4 demuxer incorrectly handled certain
files. If a user were tricked into opening a specially-crafted MP4 file, a
remote attacker could use this is
No detection rules found.
No public exploits indexed.
http://www.securityfocus.com/bid/105439http://www.securitytracker.com/id/1041809https://helpx.adobe.com/security/products/acrobat/apsb18-30.htmlhttps://research.checkpoint.com/2018/50-adobe-cves-in-50-days/http://www.securityfocus.com/bid/105439http://www.securitytracker.com/id/1041809https://helpx.adobe.com/security/products/acrobat/apsb18-30.htmlhttps://research.checkpoint.com/2018/50-adobe-cves-in-50-days/
2018-10-12
Published