Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2018-12754

Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.

Published

2018-07-20T19:29:00.227

Last Modified

2024-11-21T03:45:44.350

Status

Modified

Source

[email protected]

Severity

CVSSv3.0: 9.8 (CRITICAL)

CVSSv2 Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

  • Access Vector: NETWORK
  • Access Complexity: LOW
  • Authentication: NONE
  • Confidentiality Impact: COMPLETE
  • Integrity Impact: COMPLETE
  • Availability Impact: COMPLETE
Exploitability Score

10.0

Impact Score

10.0

Weaknesses
  • Type: Primary
    CWE-787
Affected Vendors & Products
Type Vendor Product Version/Range Vulnerable?
Application adobe acrobat_dc ≤ 15.006.30418 Yes
Application adobe acrobat_dc ≤ 18.011.20040 Yes
Application adobe acrobat_dc ≤ 17.011.30080 Yes
Application adobe acrobat_reader_dc ≤ 15.006.30418 Yes
Application adobe acrobat_reader_dc ≤ 18.011.20040 Yes
Application adobe acrobat_reader_dc ≤ 17.011.30080 Yes
Operating System apple mac_os_x - No
Operating System microsoft windows - No
References