CVSS: 8.8EPSS: 2%CPEs: 8EXPL: 0CVE-2018-5034 – Adobe Acrobat Pro DC ImageConversion EMF Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2018-5034
Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have a Buffer Errors vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user. Adobe Acrobat y Reader 2018.011.20040 y anteriores, 2017.011.30080 y anteriores y 2015.006.30418 y anteriores, tienen una vulnerabilidad de errores en el búfer. Su explotación con éxito podría permitir la ejecución arbitraria de código en el contexto del usuario actual. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Acrobat Pro DC. • http://www.securityfocus.com/bid/104701 http://www.securitytracker.com/id/1041250 https://helpx.adobe.com/security/products/acrobat/apsb18-21.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 12%CPEs: 8EXPL: 0CVE-2018-5032 – Adobe Acrobat Pro DC ImageConversion EMF JPEG Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2018-5032
Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have a Heap Overflow vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user. Adobe Acrobat y Reader 2018.011.20040 y anteriores, 2017.011.30080 y anteriores y 2015.006.30418 y anteriores, tienen una vulnerabilidad de desbordamiento de memoria dinámica (heap). Su explotación con éxito podría permitir la ejecución arbitraria de código en el contexto del usuario actual. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Acrobat Pro DC. • http://www.securitytracker.com/id/1041250 https://helpx.adobe.com/security/products/acrobat/apsb18-21.html • CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 2%CPEs: 8EXPL: 0CVE-2018-4995
https://notcve.org/view.php?id=CVE-2018-4995
Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have an XFA '\n' POST injection vulnerability. Successful exploitation could lead to a security bypass. Adobe Acrobat y Reader en versiones 2018.011.20038 y anteriores, 2017.011.30079 y anteriores y 2015.006.30417 y anteriores tienen una vulnerabilidad de inyección POST XFA '\n'. Su explotación con éxito podría resultar en una omisión de seguridad. • http://www.securitytracker.com/id/1040920 https://helpx.adobe.com/security/products/acrobat/apsb18-09.html • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') •
CVSS: 10.0EPSS: 1%CPEs: 8EXPL: 0CVE-2018-4983
https://notcve.org/view.php?id=CVE-2018-4983
Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have a Use-after-free vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user. Adobe Acrobat y Reader en versiones 2018.011.20038 y anteriores, 2017.011.30079 y anteriores y 2015.006.30417 y anteriores tienen una vulnerabilidad de uso de memoria previamente liberada. Su explotación con éxito podría permitir la ejecución de código arbitrario en el contexto del usuario actual. • http://www.securityfocus.com/bid/104169 http://www.securitytracker.com/id/1040920 https://helpx.adobe.com/security/products/acrobat/apsb18-09.html • CWE-416: Use After Free •
CVSS: 10.0EPSS: 1%CPEs: 8EXPL: 0CVE-2018-4959
https://notcve.org/view.php?id=CVE-2018-4959
Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have a Use-after-free vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user. Adobe Acrobat y Reader en versiones 2018.011.20038 y anteriores, 2017.011.30079 y anteriores y 2015.006.30417 y anteriores tienen una vulnerabilidad de uso de memoria previamente liberada. Su explotación con éxito podría permitir la ejecución de código arbitrario en el contexto del usuario actual. • http://www.securityfocus.com/bid/104169 http://www.securitytracker.com/id/1040920 https://helpx.adobe.com/security/products/acrobat/apsb18-09.html • CWE-416: Use After Free •