Korean
<< Back
VID 50223
Severity 40
Port 139,445
Protocol TCP
Class SMB
Detailed Description The version of Adobe Reader installed on the remote Windows host is a version prior or equal to 2015.006.30417, 2017.011.30079, or 2018.011.20038. It is, therefore, affected by multiple vulnerabilities.

- Adobe Reader have a Double Free vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user. (CVE-2018-4990)

- Adobe Reader have an NTLM SSO hash theft vulnerability. Successful exploitation could lead to information disclosure. (CVE-2018-4993)

- Adobe Reader have an XFA '\n' POST injection vulnerability. Successful exploitation could lead to a security bypass.. (CVE-2018-4995)

* Note: This check requires an account with administrative privileges which can log into the host to scan. Absence of these conditions will result in the check not being performed and a False Negative for all vulnerable hosts.

* References:
https://helpx.adobe.com/security/products/acrobat/apsb18-09.html

* Platforms Affected:
Adobe Reader versions prior to 2018.011.20038
Microsoft Windows Any version
Linux Any version
Recommendation Upgrade to the latest version of Adobe Reader (2018.011.20040 or later), as described in the Adobe Security bulletin at https://helpx.adobe.com/security/products/acrobat/apsb18-09.html
Related URL CVE-2018-4990,CVE-2018-4993,CVE-2018-4995,CVE-2018-4996,CVE-2018-12812,CVE-2018-12815,CVE-2018-4947,CVE-2018-4948,CVE-2018-4949 (CVE)
Related URL 104102,104167,104168,104169,104171,104172,104173,104174,104175,104176,104177 (SecurityFocus)
Related URL (ISS)