CVE-2018-4966
published 2018-07-09CVE-2018-4966: Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have a Heap Overflow vulnerability…
PriorityP353critical9.8CVSS 3.0
AVNACLPRNUINSUCHIHAH
EPSS
15.98%
96.5th percentile
Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have a Heap Overflow vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.
Affected
6 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| adobe | acrobat_dc | >= 15.006.30417 < 15.006.30418 | 15.006.30418 |
| adobe | acrobat_dc | >= 17.011.30079 < 17.011.30080 | 17.011.30080 |
| adobe | acrobat_dc | >= 18.011.20038 < 18.011.20040 | 18.011.20040 |
| adobe | acrobat_reader_dc | >= 15.006.30417 < 15.006.30418 | 15.006.30418 |
| adobe | acrobat_reader_dc | >= 17.011.30079 < 17.011.30080 | 17.011.30080 |
| adobe | acrobat_reader_dc | >= 18.011.20038 < 18.011.20040 | 18.011.20040 |
CVSS provenance
nvdv3.09.8CRITICALCVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.010.0CRITICALAV:N/AC:L/Au:N/C:C/I:C/A:C
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No public exploits indexed.
Checkpoint
25th December – Threat Intelligence Report
blogs_checkpoint·2023-12-25·CVSS 7.5
CVE-2023-4966 [HIGH] 25th December – Threat Intelligence Report
Latest Publications
CPR Podcast Channel
AI Research
Web 3.0 Security
Intelligence Reports
ThreatCloud AI
Threat Intelligence & Research
Zero Day Protection
Sandblast File Analysis
About Us
SUBSCRIBE
2026
2025
2024
2023
2022
2021
2020
2019
2018
2017
2016
## 25th December – Threat Intelligence Report
For the latest discoveries in cyber research for the week of 25th December, please download our Threat_Intelligence Bulletin .
TOP ATTACKS AND BREACHES
Australia’s largest non-profit healthcare provider, St. Vincent’s Health Australia, experienced a cyberattack resulting in data theft from its networks. Vincent’s operates public and private hospitals, as well as elderly care facilities across New South Wales, Victoria, and Queensland, employing over 20,000 staff.
Xfin
Zscaler
Zscaler protects against 38 new vulnerabilities for Adobe Fl
blogs_zscaler
Zscaler protects against 38 new vulnerabilities for Adobe Fl
Provide users with seamless, secure, reliable access to applications and data.
Build and run secure cloud apps, enable zero trust cloud connectivity, and protect workloads from data center to cloud.
Provide zero trust connectivity for IoT and OT devices and secure remote access to OT systems.
Provide zero trust site-to-site connectivity and reliable access to B2B apps for partners.
Industry Report
Zscaler: A Leader in the 2025 Gartner® Magic Quadrant™ for Security Service Edge (SSE)
USE CASES
INDUSTRY & MARKET SOLUTIONS
PARTNERS
TECHNOLOGY PARTNERS
Resource Center
Events & Trainings
Security Research & Services
Tools
Community & Support
CXO REVOLUTIONARIES
Amplifying the voices of real-world digital and zero trust pioneers
Discover how it began and where it’s going
Meet o
2018-07-09
Published