Home

CVE-2018-4961

Description

Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have a Use-after-free vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.

Risk Information

Base Score
9.8
MODERATE
Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
2.22

Associated Vulnerability

VulnerabilityOS Platform
Adobe Acrobat 2017 MUI (Classic Track) update - All languages (17.011.30068)Windows
Adobe Acrobat 2017 MUI (Classic Track) update - All languages (17.011.30070)Windows
Adobe Acrobat 2017 MUI (Classic Track) update - All languages (17.011.30078) - APSB18-02Windows
Adobe Acrobat 2017 MUI (Classic Track) update - All languages (17.011.30079)Windows
Adobe Acrobat 2017 MUI (Classic Track) update - All languages 17.011.30080 (APSB18-09)Windows
Adobe Acrobat 2017 MUI (Classic Track) update - All languages 17.011.30096 (APSB18-21)Windows
Adobe Acrobat 2017 MUI (Classic Track) update - All languages 17.011.30099 (APSB18-29)Windows
Adobe Acrobat 2017 MUI (Classic Track) update - All languages 17.011.30102 (APSB18-34)Windows
Adobe Acrobat 2017 MUI (Classic Track) update - All languages 17.011.30105 (APSB18-30)Windows
Upgrade Adobe flash player 30.0.0.113 to latest versionWindows
Adobe Acrobat DC Pro and Standard (Classic Track) update - All languages 15.006.30418 (APSB18-09)Windows
Adobe Acrobat Reader 2017 MUI (Classic Track) update - All languages 17.011.30080 (APSB18-09)Windows
Multiple vulnerabilities affected in Acrobat DC 18.011.20038Windows
Multiple vulnerabilities affected in Acrobat Reader 17.011.30059Windows
Multiple Vulnerabilities are affected in Adobe Acrobat DC for MAC 15.006.30417Mac
Multiple Vulnerabilities are affected in Adobe Acrobat DC for MAC 17.011.30079Mac
Multiple Vulnerabilities are affected in Adobe Acrobat Reader DC for MAC 18.011.20038Mac

Patch Details

Click to see the patches provided by ManageEngine for this CVE
Patch IDPatch Description
PATCH-306922Adobe Acrobat 2017 MUI (Classic Track) update - All languages (17.011.30068)
PATCH-306953Adobe Acrobat 2017 MUI (Classic Track) update - All languages (17.011.30070)
PATCH-307125Adobe Acrobat 2017 MUI (Classic Track) update - All languages (17.011.30078) - APSB18-02
PATCH-307182Adobe Acrobat 2017 MUI (Classic Track) update - All languages (17.011.30079)
PATCH-307527Adobe Acrobat 2017 MUI (Classic Track) update - All languages 17.011.30080 (APSB18-09)
PATCH-307785Adobe Acrobat 2017 MUI (Classic Track) update - All languages 17.011.30096 (APSB18-21)
PATCH-307931Adobe Acrobat 2017 MUI (Classic Track) update - All languages 17.011.30099 (APSB18-29)
PATCH-308102Adobe Acrobat 2017 MUI (Classic Track) update - All languages 17.011.30102 (APSB18-34)
PATCH-308169Adobe Acrobat 2017 MUI (Classic Track) update - All languages 17.011.30105 (APSB18-30)
PATCH-307525Adobe Acrobat DC Pro and Standard (Classic Track) update - All languages 15.006.30418 (APSB18-09)
PATCH-307528Adobe Acrobat Reader 2017 MUI (Classic Track) update - All languages 17.011.30080 (APSB18-09)
PATCH-307530Adobe Acrobat Reader DC (Continuous Track) update - All languages 18.011.20040 (APSB18-09)
PATCH-315465Adobe Acrobat Reader MUI DC (Classic Track) update - All languages (15.006.30527) (APSB20-48)
PATCH-611991Adobe Acrobat DC for MAC (25.001.20693)(Deployment-Only)
PATCH-611991Adobe Acrobat DC for MAC (25.001.20693)(Deployment-Only)
PATCH-611989Adobe Acrobat Reader DC for MAC (25.001.20693)(Deployment-Only)

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234