Korean

<< Back VID 50218 Severity 40 Port 139,445 Protocol TCP Class SMB Detailed Description The version of Adobe Reader installed on the remote Windows host is a version prior or equal to 2015.006.30394, 2017.011.30070, or 2018.009.20050. It is, therefore, affected by multiple vulnerabilities. - The vulnerability is caused by the computation that writes data past the end of the intended buffer; the computation is part of the document identity representation. An attacker can potentially leverage the vulnerability to corrupt sensitive data or execute arbitrary code. (CVE-2018-4901) - This vulnerability is an instance of a use after free vulnerability in the rendering engine. The vulnerability is triggered by a crafted PDF file containing a video annotation (and corresponding media files) that is activated by the embedded JavaScript. Successful exploitation could lead to arbitrary code execution. (CVE-2018-4902) - This vulnerability occurs as a result of computation that reads data that is past the end of the target buffer; the computation is part of the TIFF processing within the XPS module. A successful attack can lead to sensitive data exposure. (CVE-2018-4903) * Note: This check requires an account with administrative privileges which can log into the host to scan. Absence of these conditions will result in the check not being performed and a False Negative for all vulnerable hosts. * References: https://helpx.adobe.com/security/products/acrobat/apsb18-02.html * Platforms Affected: Adobe Reader versions prior to 2015.006.30394 Microsoft Windows Any version Linux Any version Recommendation Upgrade to the latest version of Adobe Reader (2015.006.30413 or later), as described in the Adobe Security bulletin at https://helpx.adobe.com/security/products/acrobat/apsb18-02.html Related URL CVE-2018-4901,CVE-2018-4902,CVE-2018-4903,CVE-2018-4904,CVE-2018-4905,CVE-2018-4906,CVE-2018-4907,CVE-2018-4908,CVE-2018-4909,CVE-2018-4910 (CVE) Related URL 102992,102993,102994,102995,102996 (SecurityFocus) Related URL (ISS)