» 2018 » 5월

CVE-2018-4921

Posted on 2018년 5월 20일2018년 5월 20일 by admin

CVE-2018-4921

Adobe Connect versions 9.7 and earlier have an exploitable unrestricted SWF file upload vulnerability. Successful exploitation could lead to information disclosure.

Source: CVE-2018-4921

CVE-2018-4919

Posted on 2018년 5월 20일2018년 5월 20일 by admin

CVE-2018-4919

Adobe Flash Player versions 28.0.0.161 and earlier have an exploitable use after free vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.

Source: CVE-2018-4919

CVE-2017-11308

Posted on 2018년 5월 20일2018년 5월 20일 by admin

CVE-2017-11308

Adobe Acrobat and Reader versions 2017.012.20098 and earlier, 2017.011.30066 and earlier, 2015.006.30355 and earlier, 11.0.22 and earlier have an exploitable heap overflow vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.

Source: CVE-2017-11308

CVE-2018-4873

Posted on 2018년 5월 20일2018년 5월 20일 by admin

CVE-2018-4873

Adobe Creative Cloud Desktop Application versions 4.4.1.298 and earlier have an exploitable Unquoted Search Path vulnerability. Successful exploitation could lead to local privilege escalation.

Source: CVE-2018-4873

CVE-2018-4926

Posted on 2018년 5월 20일2018년 5월 20일 by admin

CVE-2018-4926

Adobe Digital Editions versions 4.5.7 and below have an exploitable Stack Overflow vulnerability. Successful exploitation could lead to information disclosure.

Source: CVE-2018-4926

CVE-2018-4927

Posted on 2018년 5월 20일2018년 5월 20일 by admin

CVE-2018-4927

Adobe InDesign versions 13.0 and below have an exploitable Untrusted Search Path vulnerability. Successful exploitation could lead to local privilege escalation.

Source: CVE-2018-4927

CVE-2018-4928

Posted on 2018년 5월 20일2018년 5월 20일 by admin

CVE-2018-4928

Adobe InDesign versions 13.0 and below have an exploitable Memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.

Source: CVE-2018-4928

CVE-2018-4917

Posted on 2018년 5월 20일2018년 5월 20일 by admin

CVE-2018-4917

Adobe Acrobat and Reader versions 2018.009.20050 and earlier, 2017.011.30070 and earlier, 2015.006.30394 and earlier have an exploitable heap overflow vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.

Source: CVE-2018-4917

CVE-2018-1148

Posted on 2018년 5월 19일2018년 5월 19일 by admin

CVE-2018-1148

In Nessus before 7.1.0, Session Fixation exists due to insufficient session management within the application. An authenticated attacker could maintain system access due to session fixation after a user password change.

Source: CVE-2018-1148

CVE-2018-1147

Posted on 2018년 5월 19일2018년 5월 19일 by admin

CVE-2018-1147

In Nessus before 7.1.0, a XSS vulnerability exists due to improper input validation. A remote authenticated attacker could create and upload a .nessus file, which may be viewed by an administrator allowing for the execution of arbitrary script code in a user’s browser session. In other scenarios, XSS could also occur by altering variables from the Advanced Settings.

Source: CVE-2018-1147