Integer Overflow Vulnerability in Adobe Acrobat and Reader
CVE-2018-15986

5.5MEDIUM

Key Information:

Vendor: Adobe
Status: Acrobat Dc; Acrobat Reader Dc
Vendor: CVE Published:; 18 January 2019

What is CVE-2018-15986?

Adobe Acrobat and Reader contain an integer overflow vulnerability that can lead to potential information disclosure. Attackers may exploit this vulnerability by crafting malicious files that, when opened, can trigger the overflow condition, ultimately revealing sensitive information to unauthorized parties.

References

https://helpx.adobe.com/security/products/acrobat/apsb18-...

x_refsource_CONFIRM

http://www.securityfocus.com/bid/106160

vdb-entryx_refsource_BID

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jan 18, 2019
Vulnerability Reserved
Aug 28, 2018