TTCSIRT-089.021618: TT-CSIRT Advisory – Adobe Security Updates

TTCSIRT-089.021618: TT-CSIRT Advisory – Adobe Security Updates

Adobe has released a security update stating that Multiple vulnerabilities have been discovered in Adobe Acrobat and Reader, the most severe of which could allow for arbitrary code execution.

Details are as follows:

a) One security mitigation bypass vulnerability that could allow for privilege escalation (CVE-2018-4872)

b) Four heap overflow vulnerabilities that could allow for arbitrary code execution (CVE-2018-4890, CVE-2018-4904, CVE-2018-4910, CVE-2018-4917)

c) Five use-after-free vulnerabilities that could allow for arbitrary code execution (CVE-2018-4888, CVE-2018-4892, CVE-2018-4902, CVE-2018-4911, CVE-2018-4913)

d) Seven out-of-bounds write vulnerabilities that could allow for arbitrary code execution (CVE-2018-4879, CVE-2018-4895, CVE-2018-4898, CVE-2018-4901, CVE-2018-4915, CVE-2018-4916, CVE-2018-4918)

e) Twenty-four out-of-bounds read vulnerabilities that could allow for remote code execution (CVE-2018-4880, CVE-2018-4881, CVE-2018-4882, CVE-2018-4883, CVE-2018-4884, CVE-2018-4885, CVE-2018-4886, CVE-2018-4887, CVE-2018-4889, CVE-2018-4891, CVE-2018-4893, CVE-2018-4894, CVE-2018-4896, CVE-2018-4897, CVE-2018-4899, CVE-2018-4900, CVE-2018-4903, CVE-2018-4905, CVE-2018-4906, CVE-2018-4907, CVE-2018-4908, CVE-2018-4909, CVE-2018-4912, CVE-2018-4914)

Successful exploitation of the most severe of these vulnerabilities could result in an attacker executing arbitrary code in the context of the affected application. Depending on the privileges associated with this application, an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. If this application has been configured to have fewer user rights on the system, exploitation of the most severe of these vulnerabilities could have less impact than if it was configured with administrative rights.