9.3

CVE-2018-15930

Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011.30102 and earlier, and 2015.006.30452 and earlier have an untrusted pointer dereference vulnerability. Successful exploitation could lead to arbitrary code execution.

Data is provided by the National Vulnerability Database (NVD)
AdobeAcrobat Dc SwEditionclassic Version >= 15.006.30060 <= 15.006.30452
   ApplemacOS X Version-
   MicrosoftWindows Version-
AdobeAcrobat Dc SwEditioncontinuous Version >= 15.008.20082 <= 18.011.20063
   ApplemacOS X Version-
   MicrosoftWindows Version-
AdobeAcrobat Dc SwEditionclassic Version >= 17.011.30059 <= 17.011.30102
   ApplemacOS X Version-
   MicrosoftWindows Version-
AdobeAcrobat Reader Dc SwEditionclassic Version >= 15.006.30060 <= 15.006.30452
   ApplemacOS X Version-
   MicrosoftWindows Version-
AdobeAcrobat Reader Dc SwEditioncontinuous Version >= 15.008.20082 <= 18.011.20063
   ApplemacOS X Version-
   MicrosoftWindows Version-
AdobeAcrobat Reader Dc SwEditionclassic Version >= 17.011.30059 <= 17.011.30102
   ApplemacOS X Version-
   MicrosoftWindows Version-
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Type Source Score Percentile
EPSS FIRST.org 50.8% 0.978
CVSS Metriken
Source Base Score Exploit Score Impact Score Vector string
nvd@nist.gov 7.8 1.8 5.9
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
nvd@nist.gov 9.3 8.6 10
AV:N/AC:M/Au:N/C:C/I:C/A:C
CWE-476 NULL Pointer Dereference

The product dereferences a pointer that it expects to be valid but is NULL.

http://www.securitytracker.com/id/1041809
Third Party Advisory
VDB Entry
http://www.securityfocus.com/bid/105442
Third Party Advisory
VDB Entry