Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008.20080 and earlier, 2019.008.20081 and earlier, 2017.011.30106 and earlier version, 2017.011.30105 and earlier version, 2015.006.30457 and earlier, and 2015.006.30456 and earlier have a security bypass vulnerability. Successful exploitation could lead to information disclosure.

Metrics

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact Low

Integrity Impact Low

Availability Impact None

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact None

AV:N/AC:L/Au:N/C:P/I:P/A:N

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Affected Vendors & Products

Vendors Products
Adobe
  • Acrobat Dc
  • Acrobat Reader Dc
  • Reader
Apple
  • Mac Os X
Iskysoft
  • Pdf Editor 6
  • Pdfelement6
Linux
  • Linux Kernel
Microsoft
  • Windows

Configuration 1 [-]

AND
OR cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*
cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*
cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*
cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*
cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*
cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*
cpe:2.3:a:adobe:reader:11.0.10:*:*:*:*:*:*:*
cpe:2.3:a:adobe:reader:11.0.23:*:*:*:*:*:*:*
cpe:2.3:a:iskysoft:pdf_editor_6:6.4.2.3521:*:*:*:professional:*:*:*
cpe:2.3:a:iskysoft:pdfelement6:6.8.0.3523:*:*:*:professional:*:*:*
cpe:2.3:a:iskysoft:pdfelement6:6.8.4.3921:*:*:*:professional:*:*:*
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*

Configuration 2 [-]

AND
OR cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*
cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*
cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*
cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*
cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*
cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*
cpe:2.3:a:adobe:reader:11.0.10:*:*:*:*:*:*:*
cpe:2.3:a:adobe:reader:11.0.23:*:*:*:*:*:*:*
cpe:2.3:a:iskysoft:pdf_editor_6:6.6.2.3315:*:*:*:professional:*:*:*
cpe:2.3:a:iskysoft:pdf_editor_6:6.7.6.3399:*:*:*:professional:*:*:*
cpe:2.3:a:iskysoft:pdfelement6:6.7.1.3355:*:*:*:professional:*:*:*
cpe:2.3:a:iskysoft:pdfelement6:6.7.6.3399:*:*:*:professional:*:*:*
cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*

Configuration 3 [-]

AND
OR cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*
cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*
cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*
cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*
cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*
cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*
cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*

No data.

References
Link Providers
http://www.securityfocus.com/bid/106159 cve-icon cve-icon
https://helpx.adobe.com/security/products/acrobat/apsb18-41.html cve-icon cve-icon
https://pdf-insecurity.org/signature/evaluation_2018.html cve-icon cve-icon
https://pdf-insecurity.org/signature/signature.html cve-icon cve-icon
https://www.pdfa.org/recently-identified-pdf-digital-signature-vulnerabilities/ cve-icon cve-icon
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: adobe

Published: 2019-01-18T17:00:00

Updated: 2024-08-05T10:10:05.952Z

Reserved: 2018-08-28T00:00:00

Link: CVE-2018-16042

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Analyzed

Published: 2019-01-18T17:29:31.230

Modified: 2021-01-14T20:30:19.243

Link: CVE-2018-16042

cve-icon Redhat

No data.