Korean
<< Back
VID 50213
Severity 40
Port 139,445
Protocol TCP
Class SMB
Detailed Description The version of Adobe Acrobat installed on the remote Windows host is affected by multiple vulnerabilities.

Description
The version of Adobe Acrobat installed on the remote Windows host is a version prior or equal to 2015.006.30461, 2017.011.30110, or 2019.010.20064. It is, therefore, affected by multiple vulnerabilities:

- An unspecified use after free vulnerability. An authenticated, local attacker can exploit this to execute arbitrary code. (CVE-2018-16011)

- An unspecified elevation of privilege vulnerability. An authenticated, local attacker can exploit this to gain elevated privileges. (CVE-2018-16018)

* Note: This check requires an account with administrative privileges which can log into the host to scan. Absence of these conditions will result in the check not being performed and a False Negative for all vulnerable hosts.

* References:
https://helpx.adobe.com/security/products/acrobat/apsb19-02.html

* Platforms Affected:
Adobe Acrobat versions prior to 2017.011.30110
Microsoft Windows Any version
Linux Any version
Recommendation Upgrade to the latest version of Adobe Acrobat (2017.011.30113 or later), as described in the Adobe Security bulletin at https://helpx.adobe.com/security/products/acrobat/apsb19-02.html
Related URL CVE-2018-16011,CVE-2018-16018 (CVE)
Related URL (SecurityFocus)
Related URL (ISS)