An attacker could leverage this out-of-bounds write vulnerability to execute code in the context of the current user. Adobe recommends administrators review the application controls to verify they are in place. In addition, end users should be advised to exercise caution when clicking on links or installing applications when in public places. In addition, users should avoid clicking on suspicious looking emails or visiting unverified websites when using public Wi-Red or unencrypted connections. CVE-ID CVE-2018-4878 An integer out-of-bounds write vulnerability was identified that is tracked as CVE-ID CVE-2018-4878. Exploitation of this issue requires user interaction. In addition,elia
Adobe is aware of reports that this issue may occur if users receive a malicious link in an email. CVE-ID CVE-2018-4879 A use-after-free vulnerability was identified that is tracked as CVE-ID CVE-2018-4879. Exploitation of this issue requires user interaction. In addition,elia
An information disclosure vulnerability was identified that is tracked as CVE-ID CVE-2018-4880. In order to exploit this issue, an attacker would first have to convince a user to open a malicious file.
Adobe is aware of reports that this issue may occur in
Acrobat Reader DC, Acrobat XI Pro (Windows and macOS), Acrobat DC Continuous and Acrobat DC Classic.
CVE-ID CVE-2018-4881 A use-after-free vulnerability was identified that is tracked as CVE-ID CVE-2018-4881. Exploitation of this issue requires user interaction. In addition,elia
An integer overflow vulnerability was identified that is tracked as CVE-ID CVE-2018-4882. Exploitation of this issue requires user interaction. In addition,elia
Adobe is aware of reports that this issue may occur if users receive a malicious link in an email.
Adobe recommends administrators review the application controls to verify they are in place.
In addition, end users should be advised to exercise caution when clicking on links or installing applications when in public places. In addition, users should avoid clicking on suspicious looking emails or visiting unverified websites when using public Wi-Red or unencrypted connections.
Adobe is aware of reported issues and actively working on them
Adobe is aware of reports that this issue may occur if users receive a malicious link in an email. We recommend administrators review the application controls to verify they are in place. In addition, end users should be advised to exercise caution when clicking on links or installing applications when in public places. In addition, users should avoid clicking on suspicious looking emails or visiting unverified websites when using public Wi-Red or unencrypted connections. Adobe is actively working on these issues and will provide an update as soon as possible.
Timeline
Published on: 06/15/2022 20:15:00 UTC
Last modified on: 06/25/2022 01:49:00 UTC