Use After Free Vulnerability in Adobe Acrobat Reader
CVE-2018-4911
Key Information:
- Vendor
- Adobe
- Vendor
- CVE Published:
- 27 February 2018
Summary
A use after free vulnerability was identified in Adobe Acrobat Reader affecting specific versions. This flaw arises within the JavaScript API related to the bookmark functionality and can be exploited through specially crafted JavaScript code embedded in PDF files. Attackers can potentially exploit this vulnerability to achieve code corruption, control-flow hijacking, or execute code reuse attacks, posing significant risks to users' systems.
Affected Version(s)
Adobe Acrobat Reader 2018.009.20050 and earlier , 2017.011.30070 and earlier , 2015.006.30394 and earlier Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions
References
EPSS Score
6% chance of being exploited in the next 30 days.
CVSS V3.1
Timeline
Vulnerability published
Vulnerability Reserved