Connect with us

Cybersecurity

Vulnerability Spotlight: Adobe Acrobat Reader DC Collab ReviewServer Remote Code Execution Vulnerability

Overview

Today, Cisco Talos is releasing details of a new vulnerability within Adobe Acrobat Reader DC. Adobe Acrobat Reader is the most popular and most feature-rich PDF reader. It has a large user base, is usually a default PDF reader on systems and integrates into web browsers as a plugin for rendering PDFs. As such, tricking a user into visiting a malicious web page or sending a specially crafted email attachment can be enough to trigger this vulnerability. The one method call required to trigger this vulnerability is privileged and can only be called from trusted functions or a trusted location. Additionally, the use-after-free condition is only triggered upon closing the application.

TALOS-2017-0623 – Adobe Acrobat Reader DC Collab reviewServer Remote Code Execution Vulnerability (CVE-2018-12852)

Usage of specific JavaScript code embedded in a PDF file can lead to a use-after-free condition when opening a PDF document in Adobe Acrobat Reader DC 2018.011.20040. With careful memory manipulation, this can lead to arbitrary code execution. In order to trigger this vulnerability, the victim would need to open the malicious file or access a malicious web page.

Adobe Acrobat Reader DC supports embedded JavaScript code in the PDF to allow for interactive PDF forms This gives the potential attacker the ability to precisely control memory layout and poses additional attack surface. – CT Bureau

Click to comment

You must be logged in to post a comment Login

Leave a Reply

Copyright © 2024 Communications Today

error: Content is protected !!