Unit 42 Vulnerability Research May 2018 Disclosures – Adobe

Christopher Budd


Category: Unit 42

As part of Unit 42’s ongoing threat research, we can now disclose that Palo Alto Networks Unit 42 researchers have discovered a vulnerability addressed by the Adobe Product Security Incident Response Team (PSIRT) as part of their May 2018 security update release.

CVE Vulnerability Name Affected Products Maximum Severity Rating Impact Researcher(s)
CVE-2018-4959 Use-after-free Adobe Acrobat and Reader Critical Arbitrary Code Execution Gal De Leon
CVE-2018-4961 Use-after-free Adobe Acrobat and Reader Critical Arbitrary Code Execution Gal De Leon
CVE-2018-4958 Use-after-free Adobe Acrobat and Reader Critical Arbitrary Code Execution Hui Gao
CVE-2018-4983 Use-after-free Adobe Acrobat and Reader Critical Arbitrary Code Execution Hui Gao

 

Palo Alto Networks customers who deploy our Security Operating Platform are protected against exploitation of these vulnerabilities through multi-layered preventions. Our Threat Prevention service provides application control and intrusion prevention on the network, while WildFire provides customers with comprehensive protection and automatic updates against previously unknown threats. Traps advanced endpoint protection stops exploits on the endpoint and coordinates enforcement with cloud and network security.

Palo Alto Networks is a regular contributor to vulnerability research in Microsoft, Adobe, Apple, Google Android and other ecosystems. By proactively identifying these vulnerabilities, developing protections for our customers, and sharing the information with the security community, we are removing weapons used by attackers to threaten users, and compromise enterprise, government, and service provider networks.

Got something to say?

Get updates: Unit 42

Sign up to receive the latest news, cyber threat intelligence and research from Unit42

By submitting this form, you agree to our Terms of Use and acknowledge our Privacy Statement.