HomePentest-Tools.com Logo

Adobe Acrobat DC Information Disclosure Vulnerability (apsb18-40) - Windows CVE-2018-15979

Severity
CVSSv3 Score
7.5
Vulnerability description

Adobe Acrobat DC is prone to an information disclosure vulnerability.

Risk description

The flaw exists due to an error in handing the feature of Portable Document Files (PDFs).That leaks NT LAN Manager (NTLM) credentials. Successful exploitation will allow remote attackers to an inadvertent leak of the users hashed NTLM password.

Recommendation

Upgrade to Adobe Acrobat DC version 2019.008.20081 or later. Please see the references for more information.

Codename
Not available
Detectable with
Network Scanner
Scan engine
OpenVAS
Exploitable with Sniper
No
CVE Published
Nov 29, 2018
Detection added at
Software Type
Not available
Vendor
Not available
Product
Not available