cbcvebase.
CVE-2018-4987
published 2018-07-09

CVE-2018-4987: Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have an Untrusted pointer dereference…

PriorityP349critical9.8CVSS 3.0
AVNACLPRNUINSUCHIHAH
EPSS
13.90%
96.1th percentile
Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have an Untrusted pointer dereference vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.

Affected

6 ranges
VendorProductVersion rangeFixed in
adobeacrobat_dc15.006.30060 – 15.006.30417
adobeacrobat_dc15.008.20082 – 18.011.20038
adobeacrobat_dc17.011.30059 – 17.011.30079
adobeacrobat_reader_dc15.006.30060 – 15.006.30417
adobeacrobat_reader_dc15.008.20082 – 18.011.20038
adobeacrobat_reader_dc17.011.30059 – 17.011.30079

CVSS provenance

nvdv3.09.8CRITICALCVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.010.0CRITICALAV:N/AC:L/Au:N/C:C/I:C/A:C
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.