CVE-2018-15985
First published: Fri Jan 18 2019(Updated: )
Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008.20080 and earlier, 2019.008.20081 and earlier, 2017.011.30106 and earlier version, 2017.011.30105 and earlier version, 2015.006.30457 and earlier, and 2015.006.30456 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.
Credit: psirt@adobe.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Adobe Acrobat | >=15.006.30060<=15.006.30457 | |
| Adobe Acrobat | >=15.008.20082<=19.008.20081 | |
| Adobe Acrobat | >=17.011.30059<=17.011.30106 | |
| Adobe Acrobat Reader | >=15.006.30060<=15.006.30457 | |
| Adobe Acrobat Reader | >=15.008.20082<=19.008.20081 | |
| Adobe Acrobat Reader | >=17.011.30059<=17.011.30106 | |
| Microsoft Windows | ||
| Adobe Acrobat | >=15.006.30060<=15.006.30456 | |
| Adobe Acrobat | >=15.008.20082<=19.008.20080 | |
| Adobe Acrobat | >=17.011.30059<=17.011.30105 | |
| Adobe Acrobat Reader | >=15.006.30060<=15.006.30456 | |
| Adobe Acrobat Reader | >=15.008.200082<=19.008.20080 | |
| Adobe Acrobat Reader | >=17.011.30059<=17.011.30105 | |
| Apple iOS and macOS |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2018-15985?
CVE-2018-15985 has a critical severity rating due to the potential for attackers to exploit the out-of-bounds read vulnerability.
How do I fix CVE-2018-15985?
To fix CVE-2018-15985, update Adobe Acrobat or Reader to the latest version that is not vulnerable.
What versions are affected by CVE-2018-15985?
CVE-2018-15985 affects various versions of Adobe Acrobat and Reader, including versions prior to 2019.008.20081, 2017.011.30106, and 2015.006.30457.
What type of vulnerability is CVE-2018-15985?
CVE-2018-15985 is classified as an out-of-bounds read vulnerability that could lead to information disclosure.
Can the CVE-2018-15985 vulnerability be exploited remotely?
Yes, CVE-2018-15985 can be exploited remotely, allowing attackers to execute arbitrary code on affected systems.
- agent/references
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/weakness
- agent/last-modified-date
- agent/description
- agent/first-publish-date
- agent/event
- agent/remedy
- agent/author
- agent/source
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/adobe
- canonical/adobe acrobat
- version/adobe acrobat/15.006.30060
- version/adobe acrobat/15.006.30457
- version/adobe acrobat/15.008.20082
- version/adobe acrobat/19.008.20081
- version/adobe acrobat/17.011.30059
- version/adobe acrobat/17.011.30106
- canonical/adobe acrobat reader
- version/adobe acrobat reader/15.006.30060
- version/adobe acrobat reader/15.006.30457
- version/adobe acrobat reader/15.008.20082
- version/adobe acrobat reader/19.008.20081
- version/adobe acrobat reader/17.011.30059
- version/adobe acrobat reader/17.011.30106
- vendor/microsoft
- canonical/microsoft windows
- version/adobe acrobat/15.006.30456
- version/adobe acrobat/19.008.20080
- version/adobe acrobat/17.011.30105
- version/adobe acrobat reader/15.006.30456
- version/adobe acrobat reader/15.008.200082
- version/adobe acrobat reader/19.008.20080
- version/adobe acrobat reader/17.011.30105
- vendor/apple
- canonical/apple ios and macos