HomePentest-Tools.com Logo

Adobe Reader DC 2015 Information Disclosure Vulnerability (apsb18-40) - Windows CVE-2018-15979

Severity
CVSSv3 Score
7.5
Vulnerability description

Adobe Reader DC 2015 is prone to an information disclosure vulnerability.

Risk description

The flaw exists due to an error in handing the feature of Portable Document Files (PDFs).That leaks NT LAN Manager (NTLM) credentials. Successful exploitation will allow remote attackers to inadvertent leak of the users hashed NTLM password.

Recommendation

Upgrade to Adobe Reader DC 2015 version 2015.006.30457 or later. Please see the references for more information.

Codename
Not available
Detectable with
Network Scanner
Scan engine
OpenVAS
Exploitable with Sniper
No
CVE Published
Nov 29, 2018
Detection added at
Software Type
Not available
Vendor
Not available
Product
Not available