CVE-2018-5012
Description
Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Untrusted pointer dereference vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.
Risk Information
Base Score
8.8
MODERATE
Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
15.691
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Adobe Acrobat 2017 MUI (Classic Track) update - All languages (17.011.30068) | Windows |
| Adobe Acrobat 2017 MUI (Classic Track) update - All languages (17.011.30070) | Windows |
| Adobe Acrobat 2017 MUI (Classic Track) update - All languages (17.011.30078) - APSB18-02 | Windows |
| Adobe Acrobat 2017 MUI (Classic Track) update - All languages (17.011.30079) | Windows |
| Adobe Acrobat 2017 MUI (Classic Track) update - All languages 17.011.30080 (APSB18-09) | Windows |
| Adobe Acrobat 2017 MUI (Classic Track) update - All languages 17.011.30096 (APSB18-21) | Windows |
| Adobe Acrobat 2017 MUI (Classic Track) update - All languages 17.011.30099 (APSB18-29) | Windows |
| Adobe Acrobat 2017 MUI (Classic Track) update - All languages 17.011.30102 (APSB18-34) | Windows |
| Adobe Acrobat 2017 MUI (Classic Track) update - All languages 17.011.30105 (APSB18-30) | Windows |
| Upgrade Foxit Reader Enterprise 9.0.1.1049 to latest version | Windows |
| Upgrade foxit_reader 9.0.1.1049 to latest version | Windows |
| Adobe Acrobat Reader 2017 MUI (Classic Track) update - All languages 17.011.30096 (APSB18-21) | Windows |
| Adobe Acrobat DC Pro and Standard (Classic Track) update - All languages 15.006.30434 (APSB18-21) | Windows |
| Multiple vulnerabilities affected in Acrobat DC 18.011.20040 | Windows |
| Multiple vulnerabilities affected in Acrobat Reader 17.011.30059 | Windows |
| Multiple Vulnerabilities are affected in Adobe Acrobat DC for MAC 15.006.30418 | Mac |
| Multiple Vulnerabilities are affected in Adobe Acrobat DC for MAC 17.011.30080 | Mac |
| Multiple Vulnerabilities are affected in Adobe Acrobat Reader DC for MAC 18.011.20040 | Mac |
Patch Details
Click to see the patches provided by ManageEngine for this CVE
| Patch ID | Patch Description |
|---|---|
| PATCH-306922 | Adobe Acrobat 2017 MUI (Classic Track) update - All languages (17.011.30068) |
| PATCH-306953 | Adobe Acrobat 2017 MUI (Classic Track) update - All languages (17.011.30070) |
| PATCH-307125 | Adobe Acrobat 2017 MUI (Classic Track) update - All languages (17.011.30078) - APSB18-02 |
| PATCH-307182 | Adobe Acrobat 2017 MUI (Classic Track) update - All languages (17.011.30079) |
| PATCH-307527 | Adobe Acrobat 2017 MUI (Classic Track) update - All languages 17.011.30080 (APSB18-09) |
| PATCH-307785 | Adobe Acrobat 2017 MUI (Classic Track) update - All languages 17.011.30096 (APSB18-21) |
| PATCH-307931 | Adobe Acrobat 2017 MUI (Classic Track) update - All languages 17.011.30099 (APSB18-29) |
| PATCH-308102 | Adobe Acrobat 2017 MUI (Classic Track) update - All languages 17.011.30102 (APSB18-34) |
| PATCH-308169 | Adobe Acrobat 2017 MUI (Classic Track) update - All languages 17.011.30105 (APSB18-30) |
| PATCH-341798 | Foxit PDF Reader (MSI) (2024.3.0.26795) (Formerly Foxit Reader Enterprise) |
| PATCH-341796 | Foxit Reader (2024.3.0.26795) |
| PATCH-307786 | Adobe Acrobat Reader 2017 MUI (Classic Track) update - All languages 17.011.30096 (APSB18-21) |
| PATCH-307787 | Adobe Acrobat DC Pro and Standard (Classic Track) update - All languages 15.006.30434 (APSB18-21) |
| PATCH-343119 | Adobe Acrobat DC Pro and Standard (Continuous Track) update - All languages (24.004.20272) |
| PATCH-315465 | Adobe Acrobat Reader MUI DC (Classic Track) update - All languages (15.006.30527) (APSB20-48) |
| PATCH-611991 | Adobe Acrobat DC for MAC (25.001.20693)(Deployment-Only) |
| PATCH-611991 | Adobe Acrobat DC for MAC (25.001.20693)(Deployment-Only) |
| PATCH-611989 | Adobe Acrobat Reader DC for MAC (25.001.20693)(Deployment-Only) |
References
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234