Out-of-Bounds Write Vulnerability in Adobe Acrobat and Reader
CVE-2018-4997
8.8HIGH
Key Information:
- Vendor
- Adobe
- Vendor
- CVE Published:
- 9 July 2018
Summary
Adobe Acrobat and Reader are affected by an out-of-bounds write vulnerability that arises from insufficient validation in the handling of user-supplied data. If exploited, this vulnerability could allow an attacker to execute arbitrary code in the context of the current user, potentially leading to data compromise or system control. It is crucial for users of affected versions to apply security updates to mitigate the risks associated with this vulnerability.
Affected Version(s)
Adobe Acrobat and Reader 2018.009.20050 and earlier, 2017.011.30070 and earlier, and 2015.006.30394 and earlier Adobe Acrobat and Reader 2018.009.20050 and earlier, 2017.011.30070 and earlier, and 2015.006.30394 and earlier versions
References
CVSS V3.1
Score:
8.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved