CVE-2018-12774

Published Jul 20, 2018

Last updated 5 years ago

CVSS medium 6.5

Overview

Description: Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.
Source: psirt@adobe.com
NVD status: Analyzed

Risk scores

CVSS 3.0

Type: Primary
Base score: 6.5
Impact score: 3.6
Exploitability score: 2.8
Vector string: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
Severity: MEDIUM

CVSS 2.0

Type: Primary
Base score: 4.3
Impact score: 2.9
Exploitability score: 8.6
Vector string: AV:N/AC:M/Au:N/C:P/I:N/A:N

Weaknesses

nvd@nist.gov: CWE-125

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "186CA30F-86D2-4BD7-AB87-7519563E7248",
            "versionEndIncluding": "15.006.30418",
            "versionStartIncluding": "15.006.30060"
          },
          {
            "criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AF9F50AC-151B-4D6B-9C18-307713086FE3",
            "versionEndIncluding": "18.011.20040",
            "versionStartIncluding": "15.008.20082"
          },
          {
            "criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "126C3DFF-4CAF-4ED7-B6CF-273C410F44D4",
            "versionEndIncluding": "17.011.30080",
            "versionStartIncluding": "17.011.30059"
          },
          {
            "criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E2FC4868-8C8D-44C3-AB68-FCB44D9C8336",
            "versionEndIncluding": "15.006.30418",
            "versionStartIncluding": "15.006.30060"
          },
          {
            "criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EDA9ABEC-AAAC-470E-8CD7-E4BF13C5B761",
            "versionEndIncluding": "18.011.20040",
            "versionStartIncluding": "15.008.20082"
          },
          {
            "criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4EC537B9-A977-4FD5-9B3C-CBCF194CB9E2",
            "versionEndIncluding": "17.011.30080",
            "versionStartIncluding": "17.011.30059"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]

Overview

Risk scores

CVSS 3.0

CVSS 2.0

Weaknesses

Social media

Configurations

References