Recent Vulnerabilities Research Posts Trends Blog About Contact

Published: 27/02/2018 Updated: 16/03/2018

CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6

CVSS v3 Base Score: 8.8 | Impact Score: 5.9 | Exploitability Score: 2.8

VMScore: 605

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P

An issue exists in Adobe Acrobat Reader 2018.009.20050 and previous versions versions, 2017.011.30070 and previous versions versions, 2015.006.30394 and previous versions versions. This vulnerability is an instance of a use after free vulnerability. The vulnerability is triggered by a crafted PDF file that can cause a memory access violation exception in the XFA engine because of a dangling reference left as a consequence of freeing an object in the computation that manipulates internal nodes in a graph representation of a document object model used in XFA. Successful exploitation could lead to arbitrary code execution.

Vulnerable Product	Search on Vulmon	Subscribe to Product
adobe acrobat dc
adobe acrobat reader dc
adobe acrobat reader
adobe acrobat

CWE-416 https://helpx.adobe.com/security/products/acrobat/apsb18-02.html http://www.securitytracker.com/id/1040364 http://www.securityfocus.com/bid/102995 https://nvd.nist.gov

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2018-4888

Vulnerability Summary

References

Vulmon Search

About

Products

Connect