Published: 09/07/2018 Updated: 21/08/2019

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9

VMScore: 447

Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N

Adobe Acrobat and Reader versions 2018.011.20038 and previous versions, 2017.011.30079 and previous versions, and 2015.006.30417 and previous versions have an NTLM SSO hash theft vulnerability. Successful exploitation could lead to information disclosure.

Vulnerable Product	Search on Vulmon	Subscribe to Product
adobe acrobat_reader_dc
adobe acrobat_dc

Bad-Pdf Bad-PDF create malicious PDF file to steal NTLM(NTLMv1/NTLMv2) Hashes from windows machines, it utilize vulnerability disclosed by checkpoint team to create the malicious PDF file Bad-Pdf reads the NTLM hashes using Responder listener This method work on all PDF readers(Any version) most of the EDR/Endpoint solution fail to detect this attack Reference : res

POC Files for CVE-2019-17497

CVE-2019-17497 CVE Details PDF-XChange Editor before 803300 has an NTLM SSO hash theft vulnerability using crafted FDF or XFDF files (a related issue to CVE-2018-4993) For example, an NTLM hash is sent for a link to \attackerloca\C$\eeepdf without user interaction Original Writeup Since the original writeup didn't include the POC as files, I recreated them myself

Bad-Pdf Bad-PDF create malicious PDF file to steal NTLM(NTLMv1/NTLMv2) Hashes from windows machines, it utilize vulnerability disclosed by checkpoint team to create the malicious PDF file Bad-Pdf reads the NTLM hashes using Responder listener This method work on all PDF readers(Any version) most of the EDR/Endpoint solution fail to detect this attack Reference : res

Steal Net-NTLM Hash using Bad-PDF

Bad-Pdf Bad-PDF create malicious PDF file to steal NTLM(NTLMv1/NTLMv2) Hashes from windows machines, it utilize vulnerability disclosed by checkpoint team to create the malicious PDF file Bad-Pdf reads the NTLM hashes using Responder listener This method work on all PDF readers(Any version) most of the EDR/Endpoint solution fail to detect this attack Reference : res

Bad-Pdf Bad-PDF create malicious PDF file to steal NTLM(NTLMv1/NTLMv2) Hashes from windows machines, it utilize vulnerability disclosed by checkpoint team to create the malicious PDF file Bad-Pdf reads the NTLM hashes using Responder listener This method will owkr on most of the EDR/Endpoint solution fail to detect this attack Reference : researchcheckpointcom/ntlm

Lantern Shark is a static file analyzer written in HTML and Javascript.

Lantern Shark Lantern Shark is a file analyzer written in HTML and JavaScript It can extract metadata and embedded script code from multiple file types It also attempts to identify suspicious and malicious attributes of various file types A live demo of this project can be viewed here Additional Features Deobfuscation of extracted scripts via inserted comments Look for th

How many ways can a PDF mess up your PC? 47 in this Adobe update alone

The Register • Shaun Nichols in San Francisco • 14 May 2018

Tons of critical fixes for Reader, Acrobat and Photoshop Adobe: Two critical Flash security bugs fixed for the price of one

Adobe has posted security updates for Acrobat, Reader, and Photoshop, many of them critical fixes. The developer says the Acrobat and Reader update will address a total of 47 CVE-listed vulnerabilities, including two dozen remote code execution flaws in the PDF readers. Adobe notes that none of the bugs are being actively targeted yet. Of those 47 CVE entries, 13 are for use-after-free remote code execution bugs, while another seven allow remote code execution via heap overflow errors. The remai...

CVE-2018-4993

Vulnerability Summary

Vulnerability Trend

Github Repositories

Recent Articles

References

Vulmon Search

About

Products

Connect