Vulnerability Description
Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have an NTLM SSO hash theft vulnerability. Successful exploitation could lead to information disclosure.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Adobe | Acrobat Dc | >= 15.006.30060, <= 15.006.30417 |
| Adobe | Acrobat Reader Dc | >= 15.006.30060, <= 15.006.30417 |
| Apple | Mac Os X | - |
| Microsoft | Windows | - |
Related Weaknesses (CWE)
References
- http://www.securityfocus.com/bid/104177Third Party AdvisoryVDB Entry
- http://www.securitytracker.com/id/1040920Third Party AdvisoryVDB Entry
- https://helpx.adobe.com/security/products/acrobat/apsb18-09.htmlPatchVendor Advisory
- http://www.securityfocus.com/bid/104177Third Party AdvisoryVDB Entry
- http://www.securitytracker.com/id/1040920Third Party AdvisoryVDB Entry
- https://helpx.adobe.com/security/products/acrobat/apsb18-09.htmlPatchVendor Advisory
FAQ
What is CVE-2018-4993?
CVE-2018-4993 is a vulnerability with a CVSS score of 7.5 (HIGH). Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have an NTLM SSO hash theft vulnerability. Successful exploitation could lead t...
How severe is CVE-2018-4993?
CVE-2018-4993 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2018-4993?
Check the references section above for vendor advisories and patch information. Affected products include: Adobe Acrobat Dc, Adobe Acrobat Reader Dc, Apple Mac Os X, Microsoft Windows.