RETIRED: Adobe Acrobat and Reader CVE-2018-19725 Security Bypass Vulnerability
BID:106438
Info
RETIRED: Adobe Acrobat and Reader CVE-2018-19725 Security Bypass Vulnerability
| Bugtraq ID: | 106438 |
| Class: | Unknown |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Jan 03 2019 12:00AM |
| Updated: | Jan 04 2019 03:00PM |
| Credit: | Abdul Aziz Hariri via Trend Micro's Zero Day Initiative. |
| Vulnerable: |
Adobe Acrobat Reader DC 2019.10.20064 Adobe Acrobat Reader DC 2019.8.20081 Adobe Acrobat Reader DC 2019.8.20080 Adobe Acrobat Reader DC 2019.8.20071 Adobe Acrobat Reader DC 2017.11.30110 Adobe Acrobat Reader DC 2015.8.20082 Adobe Acrobat Reader DC 2015.6.30461 Adobe Acrobat Reader DC 2015.6.30457 Adobe Acrobat Reader DC 2015.6.30452 Adobe Acrobat Reader DC 2015.6.30448 Adobe Acrobat Reader DC 2015.6.30434 Adobe Acrobat Reader DC 2015.6.30418 Adobe Acrobat Reader DC 2015.6.30417 Adobe Acrobat Reader DC 2015.6.30416 Adobe Acrobat Reader DC 2015.6.30413 Adobe Acrobat Reader DC 2015.6.30394 Adobe Acrobat Reader DC 2015.6.30392 Adobe Acrobat Reader DC 2015.6.30355 Adobe Acrobat Reader DC 2015.6.30352 Adobe Acrobat Reader DC 2015.6.30306 Adobe Acrobat Reader DC 2015.6.30060 Adobe Acrobat Reader DC 2015.009.20069 Adobe Acrobat Reader DC 2015.007.20033 Adobe Acrobat Reader DC 2015.006.30456 Adobe Acrobat Reader DC 2015.006.30094 Adobe Acrobat Reader DC 2015.006.30033 Adobe Acrobat Reader 2017.11.30110 Adobe Acrobat Reader 2017.11.30106 Adobe Acrobat Reader 2017.11.30105 Adobe Acrobat Reader 2017.11.30096 Adobe Acrobat Reader 2017.11.30080 Adobe Acrobat Reader 2017.11.30079 Adobe Acrobat Reader 2017.11.30078 Adobe Acrobat Reader 2017.11.30070 Adobe Acrobat Reader 2017.11.30068 Adobe Acrobat Reader 2017.11.30066 Adobe Acrobat Reader 2017.11.30059 Adobe Acrobat Reader 2017.8.30051 Adobe Acrobat DC 2019.10.20064 Adobe Acrobat DC 2019.8.20081 Adobe Acrobat DC 2019.8.20080 Adobe Acrobat DC 2019.8.20071 Adobe Acrobat DC 2015.6.30461 Adobe Acrobat DC 2015.6.30457 Adobe Acrobat DC 2015.6.30456 Adobe Acrobat DC 2015.6.30452 Adobe Acrobat DC 2015.6.30448 Adobe Acrobat DC 2015.6.30434 Adobe Acrobat DC 2015.6.30418 Adobe Acrobat DC 2015.6.30417 Adobe Acrobat DC 2015.6.30416 Adobe Acrobat DC 2015.6.30413 Adobe Acrobat DC 2015.6.30394 Adobe Acrobat DC 2015.6.30392 Adobe Acrobat DC 2015.6.30355 Adobe Acrobat DC 2015.6.30352 Adobe Acrobat DC 2015.6.30306 Adobe Acrobat DC 2015.006.30094 Adobe Acrobat DC 2015.006.30060 Adobe Acrobat DC 2015.006.30033 Adobe Acrobat 2017.11.30110 Adobe Acrobat 2017.11.30106 Adobe Acrobat 2017.11.30105 Adobe Acrobat 2017.11.30102 Adobe Acrobat 2017.11.30099 Adobe Acrobat 2017.11.30096 Adobe Acrobat 2017.11.30080 Adobe Acrobat 2017.11.30079 Adobe Acrobat 2017.11.30078 Adobe Acrobat 2017.11.30070 Adobe Acrobat 2017.11.30068 Adobe Acrobat 2017.11.30066 Adobe Acrobat 2017.11.30059 Adobe Acrobat 2017.8.30051 |
| Not Vulnerable: |
Adobe Acrobat Reader DC 2019.10.20069 Adobe Acrobat Reader DC 2017.11.30113 Adobe Acrobat Reader DC 2015.6.30464 Adobe Acrobat DC 2019.10.20069 Adobe Acrobat DC 2015.6.30464 Adobe Acrobat 2017.11.30113 |
Discussion
RETIRED: Adobe Acrobat and Reader CVE-2018-19725 Security Bypass Vulnerability
Adobe Acrobat and Reader are prone to an unspecified security-bypass vulnerability.
Attackers can exploit these issues to bypass certain security restrictions and perform unauthorized actions; this may result in gaining elevated privileges.
NOTE: This BID is being retired becasue the CVE-2018-19725 has been replaced with CVE-2018-16018. The vulnerability discussed here has been moved to BID 106449 (Adobe Acrobat and Reader CVE-2018-16018 Security Bypass Vulnerability) to better document it.
Adobe Acrobat and Reader are prone to an unspecified security-bypass vulnerability.
Attackers can exploit these issues to bypass certain security restrictions and perform unauthorized actions; this may result in gaining elevated privileges.
NOTE: This BID is being retired becasue the CVE-2018-19725 has been replaced with CVE-2018-16018. The vulnerability discussed here has been moved to BID 106449 (Adobe Acrobat and Reader CVE-2018-16018 Security Bypass Vulnerability) to better document it.
Exploit / POC
RETIRED: Adobe Acrobat and Reader CVE-2018-19725 Security Bypass Vulnerability
Currently, we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Currently, we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Solution / Fix
RETIRED: Adobe Acrobat and Reader CVE-2018-19725 Security Bypass Vulnerability
Solution:
Updates are available. Please see the references or vendor advisory for more information.
Solution:
Updates are available. Please see the references or vendor advisory for more information.
References
RETIRED: Adobe Acrobat and Reader CVE-2018-19725 Security Bypass Vulnerability
References:
References: