CVE-2018-4887 – Adobe Acrobat Pro DC ImageConversion EMF Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2018-4887
An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions. This vulnerability occurs as a result of computation that reads data that is past the end of the target buffer; the computation is part of the Unicode mapping module that is invoked when processing Enhanced Metafile Format (EMF) data (during image conversion). A successful attack can lead to sensitive data exposure. Se ha descubierto un problema en Adobe Acrobat Reader 2018.009.20050 y anteriores, 2017.011.30070 y anteriores y 2015.006.30394 y anteriores. Esta vulnerabilidad ocurre como resultado de un cálculo que lee datos más allá del final del búfer objetivo; el cálculo forma parte del módulo de mapeo Unicode que se invoca cuando se procesan datos Enhanced Metafile Format (durante la conversión de imágenes). • http://www.securityfocus.com/bid/102996 http://www.securitytracker.com/id/1040364 https://helpx.adobe.com/security/products/acrobat/apsb18-02.html • CWE-125: Out-of-bounds Read •
CVE-2018-4910 – Adobe Acrobat Pro DC OCG setIntent Heap-based Buffer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2018-4910
An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions. This vulnerability is an instance of a heap overflow vulnerability in the JavaScript engine. The vulnerability is triggered by a PDF file with crafted JavaScript code that manipulates the optional content group (OCG). A successful attack can lead to code corruption, control-flow hijack, or a code re-use attack. Se ha descubierto un problema en Adobe Acrobat Reader 2018.009.20050 y anteriores, 2017.011.30070 y anteriores y 2015.006.30394 y anteriores. • http://www.securityfocus.com/bid/102992 http://www.securitytracker.com/id/1040364 https://helpx.adobe.com/security/products/acrobat/apsb18-02.html • CWE-787: Out-of-bounds Write •
CVE-2018-4913 – Adobe Acrobat Pro DC XFA picture Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2018-4913
An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions. This vulnerability is an instance of a use after free vulnerability in the XFA engine, related to DOM manipulation. The vulnerability is triggered by crafted XFA script definitions in a PDF file. Successful exploitation could lead to arbitrary code execution. Se ha descubierto un problema en Adobe Acrobat Reader 2018.009.20050 y anteriores, 2017.011.30070 y anteriores y 2015.006.30394 y anteriores. • http://www.securityfocus.com/bid/102995 http://www.securitytracker.com/id/1040364 https://helpx.adobe.com/security/products/acrobat/apsb18-02.html https://www.zerodayinitiative.com/advisories/ZDI-18-176 • CWE-416: Use After Free •
CVE-2018-4912 – Adobe Acrobat Pro DC ImageConversion JPEG2000 Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2018-4912
An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions. This vulnerability occurs as a result of computation that reads data that is past the end of the target buffer; the computation is part of the image conversion module that handles JPEG 2000 data. A successful attack can lead to sensitive data exposure. Se ha descubierto un problema en Adobe Acrobat Reader 2018.009.20050 y anteriores, 2017.011.30070 y anteriores y 2015.006.30394 y anteriores. Esta vulnerabilidad ocurre como resultado de un cálculo que lee datos más allá del final del búfer objetivo; el cálculo forma parte del módulo de conversión de imágenes que analiza datos JPEG 2000. • http://www.securityfocus.com/bid/102996 http://www.securitytracker.com/id/1040364 https://helpx.adobe.com/security/products/acrobat/apsb18-02.html • CWE-125: Out-of-bounds Read •
CVE-2018-4905 – Adobe Acrobat Pro DC ImageConversion XPS TIFF YCbCrCoefficients Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2018-4905
An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions. This vulnerability occurs as a result of computation that reads data that is past the end of the target buffer; the computation is part of TIFF processing within the XPS module. A successful attack can lead to sensitive data exposure. Se ha descubierto un problema en Adobe Acrobat Reader 2018.009.20050 y anteriores, 2017.011.30070 y anteriores y 2015.006.30394 y anteriores. Esta vulnerabilidad ocurre como resultado de un cálculo que lee datos más allá del final del búfer objetivo; el cálculo forma parte del procesamiento TIFF en el módulo XPS. • http://www.securityfocus.com/bid/102996 http://www.securitytracker.com/id/1040364 https://helpx.adobe.com/security/products/acrobat/apsb18-02.html https://www.zerodayinitiative.com/advisories/ZDI-18-171 • CWE-125: Out-of-bounds Read •