{"api_version":"1","generated_at":"2026-05-06T07:23:55+00:00","cve":"CVE-2018-5012","urls":{"html":"https://cve.report/CVE-2018-5012","api":"https://cve.report/api/cve/CVE-2018-5012.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2018-5012","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2018-5012"},"summary":{"title":"CVE-2018-5012","description":"Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Untrusted pointer dereference vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.","state":"PUBLIC","assigner":"psirt@adobe.com","published_at":"2018-07-20 19:29:00","updated_at":"2019-08-21 16:20:00"},"problem_types":["CWE-476"],"metrics":[],"references":[{"url":"http://www.securityfocus.com/bid/104701","name":"104701","refsource":"BID","tags":["Third Party Advisory","VDB Entry"],"title":"Adobe Acrobat and Reader APSB18-21 Multiple Arbitrary Code Execution Vulnerabilities","mime":"text/html","httpstatus":"200","archivestatus":"0"},{"url":"http://www.securitytracker.com/id/1041250","name":"1041250","refsource":"SECTRACK","tags":["Third Party Advisory","VDB Entry"],"title":"Adobe Acrobat/Reader Multiple Bugs Let Remote Users Bypass Security, Obtain Potentially Sensitive Information, and Execute Arbitrary Code - SecurityTracker","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://helpx.adobe.com/security/products/acrobat/apsb18-21.html","name":"https://helpx.adobe.com/security/products/acrobat/apsb18-21.html","refsource":"CONFIRM","tags":["Vendor Advisory"],"title":"Adobe Security Bulletin","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.cve.org/CVERecord?id=CVE-2018-5012","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2018-5012","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2018","cve_id":"5012","vulnerable":"1","versionEndIncluding":"15.006.30418","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"adobe","cpe5":"acrobat_dc","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"classic","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2018","cve_id":"5012","vulnerable":"1","versionEndIncluding":"17.011.30080","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"adobe","cpe5":"acrobat_dc","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"classic","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2018","cve_id":"5012","vulnerable":"1","versionEndIncluding":"18.011.20040","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"adobe","cpe5":"acrobat_dc","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"continuous","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2018","cve_id":"5012","vulnerable":"1","versionEndIncluding":"15.006.30418","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"adobe","cpe5":"acrobat_reader_dc","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"classic","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2018","cve_id":"5012","vulnerable":"1","versionEndIncluding":"17.011.30080","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"adobe","cpe5":"acrobat_reader_dc","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"classic","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2018","cve_id":"5012","vulnerable":"1","versionEndIncluding":"18.011.20040","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"adobe","cpe5":"acrobat_reader_dc","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"continuous","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2018","cve_id":"5012","vulnerable":"-1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"apple","cpe5":"mac_os_x","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2018","cve_id":"5012","vulnerable":"0","versionEndIncluding":"1","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"apple","cpe5":"mac_os_x","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2018","cve_id":"5012","vulnerable":"-1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"microsoft","cpe5":"windows","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2018","cve_id":"5012","vulnerable":"0","versionEndIncluding":"1","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"microsoft","cpe5":"windows","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[]},"source_records":{"cve_program":{"CVE_data_meta":{"ASSIGNER":"psirt@adobe.com","ID":"CVE-2018-5012","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions","version":{"version_data":[{"version_value":"Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions"}]}}]},"vendor_name":"n/a"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Untrusted pointer dereference vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"Untrusted pointer dereference"}]}]},"references":{"reference_data":[{"name":"https://helpx.adobe.com/security/products/acrobat/apsb18-21.html","refsource":"CONFIRM","url":"https://helpx.adobe.com/security/products/acrobat/apsb18-21.html"},{"name":"1041250","refsource":"SECTRACK","url":"http://www.securitytracker.com/id/1041250"},{"name":"104701","refsource":"BID","url":"http://www.securityfocus.com/bid/104701"}]}},"nvd":{"publishedDate":"2018-07-20 19:29:00","lastModifiedDate":"2019-08-21 16:20:00","problem_types":["CWE-476"],"metrics":{"baseMetricV3":{"cvssV3":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":8.8,"baseSeverity":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9},"baseMetricV2":{"cvssV2":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:P/I:P/A:P","accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL","baseScore":6.8},"severity":"MEDIUM","exploitabilityScore":8.6,"impactScore":6.4,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}},"configurations":{"CVE_data_version":"4.0","nodes":[{"operator":"AND","children":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*","versionStartIncluding":"15.006.30060","versionEndIncluding":"15.006.30418","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*","versionStartIncluding":"15.008.20082","versionEndIncluding":"18.011.20040","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*","versionStartIncluding":"17.011.30059","versionEndIncluding":"17.011.30080","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*","versionStartIncluding":"15.006.30060","versionEndIncluding":"15.006.30418","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*","versionStartIncluding":"15.008.20082","versionEndIncluding":"18.011.20040","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*","versionStartIncluding":"17.011.30059","versionEndIncluding":"17.011.30080","cpe_name":[]}]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":false,"cpe23Uri":"cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":false,"cpe23Uri":"cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*","cpe_name":[]}]}],"cpe_match":[]}]}},"legacy_mitre":{"record":{"CveYear":"2018","CveId":"5012","Ordinal":"120934","Title":"CVE-2018-5012","CVE":"CVE-2018-5012","Year":"2018"},"notes":[{"CveYear":"2018","CveId":"5012","Ordinal":"1","NoteData":"Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Untrusted pointer dereference vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.","Type":"Description","Title":null},{"CveYear":"2018","CveId":"5012","Ordinal":"2","NoteData":"2018-07-20","Type":"Other","Title":"Published"},{"CveYear":"2018","CveId":"5012","Ordinal":"3","NoteData":"2018-07-21","Type":"Other","Title":"Modified"}]}}}