An attacker could leverage social engineering to trick a user into opening malicious file or remotely via maliciously crafted email. In the scenario of receiving a malicious email, it may be possible to exploit the issue by convincing the user to open the malicious file.
What kind of files might an attacker try to exploit this issue with? Applications that receive a large amount of email traffic such as work email or shared hosting email applications. Or it could be any file type that receives a large amount of traffic such as JPEG, MP3, PDF, or Word file types.
The update addresses the vulnerability by correcting the code that parses the malicious file.
Adobe recommends that users update their software to the latest version. Additionally, administrators should be aware that this vulnerability is easily exploitable by remote attackers, so they should monitor remote access activity for attempts to open malicious files.
Indicators of compromise (IoC) If you believe that one of your systems or applications has been affected by this issue, we recommend that you review the following information. IoC Discovery Vulnerability - CVE-2018-5407 This issue was discovered by Dawid Golunski of the Google Security Team. For more information about the researchers responsible for discovering recently discovered security issues, visit the Vulnerability Details page
References
- https://helpx.adobe.com/security/products/flashplayer/apsb18-02.html
- https://www.idg.com/getdoc.aspx?doc=40977567
CVE-2018-5407: Scripting language vulnerability
CVE-2018-5407 is a Scripting Language Security Vulnerability that affects Adobe Acrobat Reader and Acrobat. This vulnerability may allow an attacker to use the scripting language in Acrobat Reader or Acrobat, to access local files on the system using malicious scripts.
Adobe has addressed this vulnerability by correcting the code that parses the malicious file.
Software versions and architecture
Adobe Acrobat DC: 11.8.200, 12.2.7, 14.0.0
Microsoft Word 2016: 15.1230
Microsoft Office 2016: 16.0
Note: Adobe Acrobat Reader DC and Microsoft Word are not affected by this issue
Analysis of CVE-2018-5407
An attacker could leverage social engineering to trick a user into opening malicious file or remotely via maliciously crafted email. In the scenario of receiving a malicious email, it may be possible to exploit the issue by convincing the user to open the malicious file.
The update addresses the vulnerability by correcting the code that parses the malicious file.
Software Versions and Audiences
The latest version of Adobe Acrobat Reader is 14.1.0 and it was released on December 12, 2018.
The latest version of Adobe Acrobat Reader is 14.1.0 and it was released on December 12, 2018.
Timeline
Published on: 10/14/2022 20:15:00 UTC
Last modified on: 10/14/2022 20:31:00 UTC