4.3
CVSSv2

CVE-2018-15932

Published: 12/10/2018 Updated: 24/02/2020
CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6
CVSS v3 Base Score: 5.5 | Impact Score: 3.6 | Exploitability Score: 1.8
VMScore: 384
Vector: AV:N/AC:M/Au:N/C:P/I:N/A:N

Vulnerability Summary

Adobe Acrobat and Reader versions 2018.011.20063 and previous versions, 2017.011.30102 and previous versions, and 2015.006.30452 and previous versions have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.

Vulnerability Trend

Affected Products

Vendor Product Versions
AdobeAcrobat Dc15.006.30060, 15.006.30094, 15.006.30096, 15.006.30097, 15.006.30119, 15.006.30121, 15.006.30172, 15.006.30173, 15.006.30174, 15.006.30198, 15.006.30201, 15.006.30243, 15.006.30244, 15.006.30279, 15.006.30280, 15.006.30306, 15.006.30352, 15.006.30354, 15.006.30355, 15.006.30392, 15.006.30394, 15.006.30413, 15.006.30416, 15.006.30417, 15.006.30418, 15.006.30434, 15.006.30448, 15.006.30452, 15.008.20082, 15.009.20069, 15.009.20071, 15.009.20077, 15.009.20079, 15.010.20056, 15.010.20059, 15.010.20060, 15.016.20039, 15.016.20041, 15.016.20045, 15.017.20050, 15.017.20053, 15.020.20039, 15.020.20042, 15.023.20053, 15.023.20056, 15.023.20070, 17.000.0000, 17.009.20044, 17.009.20058, 17.011.30059, 17.011.30065, 17.011.30066, 17.011.30068, 17.011.30070, 17.011.30078, 17.011.30079, 17.011.30080, 17.011.30096, 17.011.30099, 17.011.30102, 17.012.20093, 17.012.20095, 17.012.20096, 17.012.20098, 18.009.20044, 18.009.20050, 18.011.20038, 18.011.20040, 18.011.20055, 18.011.20058, 18.011.20063
AdobeAcrobat Reader Dc15.006.30060, 15.006.30094, 15.006.30096, 15.006.30097, 15.006.30119, 15.006.30121, 15.006.30172, 15.006.30173, 15.006.30174, 15.006.30198, 15.006.30201, 15.006.30243, 15.006.30244, 15.006.30279, 15.006.30280, 15.006.30306, 15.006.30352, 15.006.30354, 15.006.30355, 15.006.30392, 15.006.30394, 15.006.30416, 15.006.30417, 15.006.30418, 15.006.30434, 15.006.30448, 15.006.30452, 15.008.20082, 15.009.20069, 15.009.20071, 15.009.20077, 15.009.20079, 15.010.20056, 15.010.20059, 15.010.20060, 15.016.20039, 15.016.20041, 15.016.20045, 15.017.20050, 15.017.20053, 15.020.20039, 15.020.20042, 15.023.20053, 15.023.20056, 15.023.20070, 17.000.0000, 17.009.20044, 17.009.20058, 17.011.30059, 17.011.30065, 17.011.30066, 17.011.30068, 17.011.30070, 17.011.30078, 17.011.30079, 17.011.30080, 17.011.30096, 17.011.30099, 17.011.30102, 17.012.20093, 17.012.20095, 17.012.20098, 18.009.20044, 18.009.20050, 18.011.20038, 18.011.20040, 18.011.20055, 18.011.20063

Vendor Advisories

<!-- version component --> Security bulletin for Adobe Acrobat and Reader | APSB18-30 Semantic table{width:100%} Semantic table th{border:0px; font-size:13px; font-weight: 300; vertical-align: top; padding-left: 8px; background-color: #EFEFEF;} Semantic table td{border:0px; font-size:13px; font-weight: ...

Github Repositories

My little changes Inspired shell-stormorg/blog/In-Memory-fuzzing-with-Pin/ Many of applications can not be fuzzed through traditional AFL approach For example windows services require initial procedure In same time WINAFL not deliver fuzz data into target process It makes the tested application through stdin/readfile or sockets However, firstly, it is a bit slow met

WinAFL Original AFL code written by Michal Zalewski &lt;lcamtuf@googlecom&gt; Windows fork written and maintained by Ivan Fratric &lt;ifratric@googlecom&gt; Copyright 2016 Google Inc All Rights Reserved Licensed under the Apache License, Version 20 (the "License"); you may not use this file except in compliance with the License

WinAFL Original AFL code written by Michal Zalewski &lt;lcamtuf@googlecom&gt; Windows fork written and maintained by Ivan Fratric &lt;ifratric@googlecom&gt; Copyright 2016 Google Inc All Rights Reserved Licensed under the Apache License, Version 20 (the "License"); you may not use this file except in compliance with the License

my changes to winafl