Adobe Digital Editions CVE-2018-12817 Out-of-bounds Read Information Disclosure Vulnerability

Bugtraq ID:	106472
Class:	Design Error
CVE:	CVE-2018-12817
Remote:	Yes
Local:	No
Published:	Jan 08 2019 12:00AM
Updated:	Jan 08 2019 12:00AM
Credit:	Jaanus Kääp of Clarified Security.
Vulnerable:	Adobe Digital Editions 4.5.9 Adobe Digital Editions 4.5.6 Adobe Digital Editions 4.5.5 Adobe Digital Editions 4.5.4 Adobe Digital Editions 4.5.3 Adobe Digital Editions 4.5.2 Adobe Digital Editions 4.5.1 Adobe Digital Editions 4.5 Adobe Digital Editions 4.0.3 Adobe Digital Editions 4.0.2 Adobe Digital Editions 4.0.1 Adobe Digital Editions 4.5.8 Adobe Digital Editions 4.5.7 Adobe Digital Editions 4.0 Adobe Digital Editions 3.0
Not Vulnerable:	Adobe Digital Editions 4.5.10

Adobe Digital Editions CVE-2018-12817 Out-of-bounds Read Information Disclosure Vulnerability

Adobe Digital Editions is prone to an information-disclosure vulnerability.

An attacker can exploit this issue to gain access to sensitive information. Information obtained may aid in other attacks.

Adobe Digital Editions 4.5.9 and prior versions are affected.

Adobe Digital Editions CVE-2018-12817 Out-of-bounds Read Information Disclosure Vulnerability

Currently, we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].

Adobe Digital Editions CVE-2018-12817 Out-of-bounds Read Information Disclosure Vulnerability

Solution:
Updates are available. Please see the references or vendor advisory for more information.

Adobe Digital Editions CVE-2018-12817 Out-of-bounds Read Information Disclosure Vulnerability

References:

• Adobe Homepage (Adobe)
  
• Security Updates Available for Adobe Digital Editions | APSB19-04 (Adobe)