|
|||
Rule General Information |
---|
Release Date: | 2018-09-03 | |
Rule Name: | WEB-CLIENT PDF With Embedded U3D Vulnerability (CVE-2018-4989) | |
Severity: | ||
CVE ID: | ||
Rule Protection Details |
---|
Description: | Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have a Use-after-free vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user. | |
Impact: | A remote user can create content that, when loaded by the target user, will execute arbitrary code on the target user's system. | |
Affected OS: | Network Device, Solaris, FreeBSD, Windows, Mac OS, iOS, Other Unix, Linux, Others, Android | |
Reference: | SecurityFocusBID:104169 SecurityTrackerID:1040920 AdobeSecurityBulletins:apsb18-09 |
|
Solutions |
---|
The vendor has issued a fix (2015.006.30418, 2017.011.30080, 2018.011.20040), please update vender's patch. The vendor advisory is available at https://helpx.adobe.com/security/products/acrobat/apsb18-09.html |