CVE-2018-4883 – Adobe Acrobat Pro DC ImageConversion EMF EMR_EXTTEXTOUTA Options Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2018-4883
An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions. This vulnerability occurs because of computation that reads data that is past the end of the target buffer; the computation is part of the image conversion engine that handles Enhanced Metafile Format (EMF). A successful attack can lead to sensitive data exposure. Se ha descubierto un problema en Adobe Acrobat Reader 2018.009.20050 y anteriores, 2017.011.30070 y anteriores y 2015.006.30394 y anteriores. Esta vulnerabilidad ocurre debido un cálculo que lee datos más allá del final del búfer objetivo; el cálculo forma parte del motor de conversión de imágenes que gestiona Enhanced Metafile Format (EMF). • http://www.securityfocus.com/bid/102996 http://www.securitytracker.com/id/1040364 https://helpx.adobe.com/security/products/acrobat/apsb18-02.html • CWE-125: Out-of-bounds Read •
CVE-2018-4885 – Adobe Acrobat Pro DC ImageConversion EMF Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2018-4885
An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions. This vulnerability occurs as a result of computation that reads data that is past the end of the target buffer; the computation is part of Enhanced Metafile Format processing engine (within the image conversion module). A successful attack can lead to sensitive data exposure. Se ha descubierto un problema en Adobe Acrobat Reader 2018.009.20050 y anteriores, 2017.011.30070 y anteriores y 2015.006.30394 y anteriores. Esta vulnerabilidad ocurre como resultado de un cálculo que lee datos más allá del final del búfer objetivo; el cálculo forma parte del motor de procesamiento de Enhanced Metafile Format (en el módulo de conversión de imágenes). • http://www.securityfocus.com/bid/102996 http://www.securitytracker.com/id/1040364 https://helpx.adobe.com/security/products/acrobat/apsb18-02.html https://www.zerodayinitiative.com/advisories/ZDI-18-182 • CWE-125: Out-of-bounds Read •
CVE-2018-4888 – Adobe Reader DC XFA dashDot Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2018-4888
An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions. This vulnerability is an instance of a use after free vulnerability. The vulnerability is triggered by a crafted PDF file that can cause a memory access violation exception in the XFA engine because of a dangling reference left as a consequence of freeing an object in the computation that manipulates internal nodes in a graph representation of a document object model used in XFA. Successful exploitation could lead to arbitrary code execution. Se ha descubierto un problema en Adobe Acrobat Reader 2018.009.20050 y anteriores, 2017.011.30070 y anteriores y 2015.006.30394 y anteriores. • http://www.securityfocus.com/bid/102995 http://www.securitytracker.com/id/1040364 https://helpx.adobe.com/security/products/acrobat/apsb18-02.html • CWE-416: Use After Free •
CVE-2018-4887 – Adobe Acrobat Pro DC ImageConversion EMF Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2018-4887
An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions. This vulnerability occurs as a result of computation that reads data that is past the end of the target buffer; the computation is part of the Unicode mapping module that is invoked when processing Enhanced Metafile Format (EMF) data (during image conversion). A successful attack can lead to sensitive data exposure. Se ha descubierto un problema en Adobe Acrobat Reader 2018.009.20050 y anteriores, 2017.011.30070 y anteriores y 2015.006.30394 y anteriores. Esta vulnerabilidad ocurre como resultado de un cálculo que lee datos más allá del final del búfer objetivo; el cálculo forma parte del módulo de mapeo Unicode que se invoca cuando se procesan datos Enhanced Metafile Format (durante la conversión de imágenes). • http://www.securityfocus.com/bid/102996 http://www.securitytracker.com/id/1040364 https://helpx.adobe.com/security/products/acrobat/apsb18-02.html • CWE-125: Out-of-bounds Read •
CVE-2018-4910 – Adobe Acrobat Pro DC OCG setIntent Heap-based Buffer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2018-4910
An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions. This vulnerability is an instance of a heap overflow vulnerability in the JavaScript engine. The vulnerability is triggered by a PDF file with crafted JavaScript code that manipulates the optional content group (OCG). A successful attack can lead to code corruption, control-flow hijack, or a code re-use attack. Se ha descubierto un problema en Adobe Acrobat Reader 2018.009.20050 y anteriores, 2017.011.30070 y anteriores y 2015.006.30394 y anteriores. • http://www.securityfocus.com/bid/102992 http://www.securitytracker.com/id/1040364 https://helpx.adobe.com/security/products/acrobat/apsb18-02.html • CWE-787: Out-of-bounds Write •