[SingCERT] Alert on Critical Out-Of-Band Adobe Acrobat Vulnerability CVE-2018-12848
24 September 2018
Adobe has released security updates for its Acrobat Reader and Document Cloud (DC) products to address several vulnerabilities.
The most critical vulnerability, CVE-2018-12848, is an out-of-bounds write vulnerability with a severity rating of “critical” and could lead to arbitrary code execution.
The other vulnerabilities (CVE-2018-12801, CVE-2018-12840, CVE-2018-12849, CVE-2018-12850, CVE-2018-12775, CVE-2018-12778), are out-of-bounds read vulnerabilities with severity ratings of “important”.