CVE-2018-19706
First published: Fri Jan 18 2019(Updated: )
Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008.20080 and earlier, 2019.008.20081 and earlier, 2017.011.30106 and earlier version, 2017.011.30105 and earlier version, 2015.006.30457 and earlier, and 2015.006.30456 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.
Credit: psirt@adobe.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Adobe Acrobat | >=15.006.30060<=15.006.30457 | |
| Adobe Acrobat | >=15.008.20082<=19.008.20081 | |
| Adobe Acrobat | >=17.011.30056<=17.011.30106 | |
| Adobe Acrobat Reader | >=15.006.30060<=15.006.30457 | |
| Adobe Acrobat Reader | >=15.008.20082<=19.008.20081 | |
| Adobe Acrobat Reader | >=17.011.30059<=17.011.30106 | |
| Microsoft Windows | ||
| Adobe Acrobat | >=15.006.30060<=15.006.30456 | |
| Adobe Acrobat | >=15.008.20082<=19.008.20080 | |
| Adobe Acrobat | >=17.011.30056<=17.011.30105 | |
| Adobe Acrobat Reader | >=15.006.30060<=15.006.30456 | |
| Adobe Acrobat Reader | >=15.008.20082<=19.008.20080 | |
| Adobe Acrobat Reader | >=17.011.30059<=17.011.30105 | |
| Apple iOS and macOS |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2018-19706?
CVE-2018-19706 has a severity rating of important as it involves an out-of-bounds read vulnerability that can lead to information disclosure.
How do I fix CVE-2018-19706?
To fix CVE-2018-19706, upgrade Adobe Acrobat and Reader to version 2019.008.20082 or later.
What versions of Adobe Acrobat and Reader are affected by CVE-2018-19706?
CVE-2018-19706 affects multiple versions including Adobe Acrobat DC and Adobe Acrobat Reader DC prior to 2019.008.20082.
Can CVE-2018-19706 be exploited remotely?
Yes, CVE-2018-19706 can potentially be exploited through specially crafted PDF files that may lead to information leakage.
Is it essential to update my software for CVE-2018-19706?
Yes, it is crucial to update to avoid risks associated with CVE-2018-19706 and enhance overall security.
- agent/references
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/weakness
- agent/severity
- agent/remedy
- agent/author
- agent/last-modified-date
- agent/event
- agent/first-publish-date
- agent/description
- agent/source
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/adobe
- canonical/adobe acrobat
- version/adobe acrobat/15.006.30060
- version/adobe acrobat/15.006.30457
- version/adobe acrobat/15.008.20082
- version/adobe acrobat/19.008.20081
- version/adobe acrobat/17.011.30056
- version/adobe acrobat/17.011.30106
- canonical/adobe acrobat reader
- version/adobe acrobat reader/15.006.30060
- version/adobe acrobat reader/15.006.30457
- version/adobe acrobat reader/15.008.20082
- version/adobe acrobat reader/19.008.20081
- version/adobe acrobat reader/17.011.30059
- version/adobe acrobat reader/17.011.30106
- vendor/microsoft
- canonical/microsoft windows
- version/adobe acrobat/15.006.30456
- version/adobe acrobat/19.008.20080
- version/adobe acrobat/17.011.30105
- version/adobe acrobat reader/15.006.30456
- version/adobe acrobat reader/19.008.20080
- version/adobe acrobat reader/17.011.30105
- vendor/apple
- canonical/apple ios and macos