| VID |
50222 |
| Severity |
40 |
| Port |
139,445 |
| Protocol |
TCP |
| Class |
SMB |
| Detailed Description |
The version of Adobe Reader installed on the remote Windows host is a version prior or equal to 2015.006.30417, 2017.011.30079, or 2018.011.20038. It is, therefore, affected by multiple vulnerabilities.
- Adobe Reader have a Double Free vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user. (CVE-2018-4990)
- Adobe Reader have an NTLM SSO hash theft vulnerability. Successful exploitation could lead to information disclosure. (CVE-2018-4993)
- Adobe Reader have an XFA '\n' POST injection vulnerability. Successful exploitation could lead to a security bypass.. (CVE-2018-4995)
* Note: This check requires an account with administrative privileges which can log into the host to scan. Absence of these conditions will result in the check not being performed and a False Negative for all vulnerable hosts.
* References:
https://helpx.adobe.com/security/products/acrobat/apsb18-09.html
* Platforms Affected:
Adobe Reader versions prior to 2017.011.30079
Microsoft Windows Any version
Linux Any version |
| Recommendation |
Upgrade to the latest version of Adobe Reader (2017.011.30080 or later), as described in the Adobe Security bulletin at https://helpx.adobe.com/security/products/acrobat/apsb18-09.html |
| Related URL |
CVE-2018-4990,CVE-2018-4993,CVE-2018-4995,CVE-2018-4996,CVE-2018-12812,CVE-2018-12815,CVE-2018-4947,CVE-2018-4948,CVE-2018-4949 (CVE) |
| Related URL |
104102,104167,104168,104169,104171,104172,104173,104174,104175,104176,104177 (SecurityFocus) |
| Related URL |
(ISS) |
|
