CVE-2018-4879

CRITICAL Year: 2018
CVSS v3 Score
9.8
Critical
CVSS v2 Score
10.0
Critical
Weakness Type
CWE-787
View all →

Vulnerability Description

An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions. The vulnerability is caused by the computation that writes data past the end of the intended buffer; the computation is part of the image conversion module that processes Enhanced Metafile Format Plus (EMF+) data. An attacker can potentially leverage the vulnerability to corrupt sensitive data or execute arbitrary code.

Related Vulnerabilities

CVE-2007-0899

CRITICAL
CVSS:9.8(Critical)

There is a possible heap overflow in libclamav/fsg.c before 0.100.0.

CWE-7872007

CVE-2010-4344

CRITICAL
CVSS:9.8(Critical)

Heap-based buffer overflow in the string_vformat function in string.c in Exim before 4.70 allows remote attackers to execute arbitrary code via an SMTP session that includes two MAIL commands in conju...

CWE-7872010

CVE-2011-1180

CRITICAL
CVSS:9.8(Critical)

Multiple stack-based buffer overflows in the iriap_getvaluebyclass_indication function in net/irda/iriap.c in the Linux kernel before 2.6.39 allow remote attackers to cause a denial of service (memory...

CWE-7872011

CVE-2011-2462

CRITICAL
CVSS:9.8(Critical)

Unspecified vulnerability in the U3D component in Adobe Reader and Acrobat 10.1.1 and earlier on Windows and Mac OS X, and Adobe Reader 9.x through 9.4.6 on UNIX, allows remote attackers to execute ar...

CWE-7872011

CVE-2011-4372

CRITICAL
CVSS:9.8(Critical)

Adobe Reader and Acrobat before 9.5, and 10.x before 10.1.2, on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors,...

CWE-7872011