Vulnerability Details : CVE-2018-12831
Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011.30102 and earlier, and 2015.006.30452 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution.
Vulnerability category: Memory Corruption
Exploit prediction scoring system (EPSS) score for CVE-2018-12831
Probability of exploitation activity in the next 30 days: 0.54%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 77 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2018-12831
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
---|---|---|---|---|---|
9.3
|
HIGH | AV:N/AC:M/Au:N/C:C/I:C/A:C |
8.6
|
10.0
|
NIST |
7.8
|
HIGH | CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
1.8
|
5.9
|
NIST |
CWE ids for CVE-2018-12831
-
Referencing memory after it has been freed can cause a program to crash, use unexpected values, or execute code.Assigned by: nvd@nist.gov (Primary)
References for CVE-2018-12831
-
http://www.securityfocus.com/bid/105441
Adobe Acrobat and Reader APSB18-30 Multiple Arbitrary Code Execution VulnerabilitiesThird Party Advisory;VDB Entry
-
http://www.securitytracker.com/id/1041809
Adobe Acrobat/Reader Multiple Flaws Let Remote Users Bypass Security, Obtain Potentially Sensitive Information, and Execute Arbitrary Code - SecurityTrackerThird Party Advisory;VDB Entry
-
https://helpx.adobe.com/security/products/acrobat/apsb18-30.html
Adobe Security BulletinVendor Advisory
Products affected by CVE-2018-12831
- Adobe » Acrobat Dc » Classic EditionVersions from including (>=) 17.011.30059 and up to, including, (<=) 17.011.30102cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*
- Adobe » Acrobat Dc » Classic EditionVersions from including (>=) 15.006.30060 and up to, including, (<=) 15.006.30452cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*
- Adobe » Acrobat Dc » Continuous EditionVersions from including (>=) 15.008.20082 and up to, including, (<=) 18.011.20063cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*
- Adobe » Acrobat Reader Dc » Classic EditionVersions from including (>=) 15.006.30060 and up to, including, (<=) 15.006.30452cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*
- Adobe » Acrobat Reader Dc » Continuous EditionVersions from including (>=) 15.008.20082 and up to, including, (<=) 18.011.20063cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*
- Adobe » Acrobat Reader Dc » Classic EditionVersions from including (>=) 17.011.30059 and up to, including, (<=) 17.011.30102cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*