CVE-2018-4883

An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions. This vulnerability occurs because of computation that reads data that is past the end of the target buffer; the computation is part of the image conversion engine that handles Enhanced Metafile Format (EMF). A successful attack can lead to sensitive data exposure.

Published: Feb 27, 2018
Updated: Apr 13, 2023
CVE: CVE-2018-4883
Severity: Medium
Exploit:

CVSS v3:

Severity: Medium
Score: 6.5
AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

CVSS v2:

Severity: Low
Score: 4.3
AV:N/AC:M/Au:N/C:P/I:N/A:N

CWEs:

CWE-125

Affected Software
References

Software	From	Fixed in
adobe / acrobat	17.0.x	17.011.30070.x
adobe / acrobat_reader	17.0	17.011.30070.x
adobe / acrobat_dc	15.0	15.006.30394.x
adobe / acrobat_reader_dc	15.0	15.006.30394.x
adobe / acrobat_dc	-	18.009.20050.x
adobe / acrobat_reader_dc	-	18.009.20050.x

http://www.securityfocus.com/bid/102996
http://www.securitytracker.com/id/1040364
https://helpx.adobe.com/security/products/acrobat/apsb18-02.html

Vulnerability Database

289,697

CVE-2018-4883