|
|
|||
| Rule General Information |
|---|
| Release Date: | 2018-09-03 | |
| Rule Name: | WEB-CLIENT PDF With Embedded U3D Vulnerability (CVE-2018-4989) | |
| Severity: | ||
| CVE ID: | ||
| Rule Protection Details |
|---|
| Description: | Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have a Use-after-free vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user. | |
| Impact: | A remote user can create content that, when loaded by the target user, will execute arbitrary code on the target user's system. | |
| Affected OS: | Network Device, Solaris, FreeBSD, Windows, Mac OS, iOS, Other Unix, Linux, Others, Android | |
| Reference: | SecurityFocusBID:104169 SecurityTrackerID:1040920 AdobeSecurityBulletins:apsb18-09 |
|
| Solutions |
|---|
| The vendor has issued a fix (2015.006.30418, 2017.011.30080, 2018.011.20040), please update vender's patch. The vendor advisory is available at https://helpx.adobe.com/security/products/acrobat/apsb18-09.html |