CVE-2018-15924
published 2018-10-12CVE-2018-15924: Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011.30102 and earlier, and 2015.006.30452 and earlier have an use after free vulnerability…
high7.8CVSS 3.0
AVLACLPRNUIRSUCHIHAH
Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011.30102 and earlier, and 2015.006.30452 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution.
Affected
7 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| adobe | acrobat_dc | 15.006.30060 – 15.006.30452 | — |
| adobe | acrobat_dc | 15.008.20082 – 18.011.20063 | — |
| adobe | acrobat_dc | 17.011.30059 – 17.011.30102 | — |
| adobe | acrobat_reader_dc | 15.006.30060 – 15.006.30452 | — |
| adobe | acrobat_reader_dc | 15.008.20082 – 18.011.20063 | — |
| adobe | acrobat_reader_dc | 17.011.30059 – 17.011.30102 | — |
| adobe | adobe_acrobat_and_reader | — | — |
No detection rules found.
No public exploits indexed.
Unit42
Unit 42 Vulnerability Research October 2018 Disclosures – Adobe
blogs_unit42·2018-10-05·CVSS 7.8
CVE-2018-12769 [HIGH] Unit 42 Vulnerability Research October 2018 Disclosures – Adobe
As part of Unit 42’s ongoing threat research, we can now disclose that Palo Alto Networks Unit 42 researchers have discovered ten vulnerabilities addressed by the Adobe Product Security Incident Response Team (PSIRT) as part of their October 2018 APSB18-30 security update release.
CVE
Vulnerability Category
Impact
Maximum Severity Rating
Researcher(s)
CVE-2018-12769
Use After Free
Arbitrary Code Execution
Critical
Gal De Leon
CVE-2018-12832
Heap Overflow
Arbitrary Code Execution
Critical
Gal De Leon
CVE-2018-12836
Heap Overflow
Arbitrary Code Execution
Critical
Gal De Leon
CVE-2018-12846
Heap Overflow
Arbitrary Code Execution
Critical
Gal De Leon
CVE-2018-15920
Use After Free
Arbitrary Code Execution
Critical
Gal De Leon
CVE-2018-15924
Use After Free
Arbitrary Code Execution
Critica
Unit42
Unit 42 Vulnerability Research October 2018 Disclosures – Adobe
blogs_unit42·2018-10-05·CVSS 7.8
[HIGH] Unit 42 Vulnerability Research October 2018 Disclosures – Adobe
## Unit 42 Vulnerability Research October 2018 Disclosures – Adobe
Unit 42
Published: October 5, 2018
Threat Research
Vulnerabilities
Adobe
As part of Unit 42’s ongoing threat research, we can now disclose that Palo Alto Networks Unit 42 researchers have discovered ten vulnerabilities addressed by the Adobe Product Security Incident Response Team (PSIRT) as part of their October 2018 APSB18-30 security update release .
CVE
Vulnerability Category
Impact
Maximum Severity Rating
Researcher(s)
CVE-2018-12769
Use After Free
Arbitrary Code Execution
Critical
Gal De Leon
CVE-2018-12832
Heap Overflow
Arbitrary Code Execution
Critical
Gal De Leon
CVE-2018-12836
Heap Overflow
Arbitrary Code Execution
Critical
Gal De Leon
CVE-2018-12846
Heap Overflow
Arbitrary Code Execu
2018-10-12
Published