CVE-2018-12798

CRITICAL

Adobe Acrobat and Reader <2018.011.20040 - RCE

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2018-12798. PoCs published by sandi-go.

AI-analyzed exploit summary This repository contains a detailed writeup for CVE-2018-12798, a heap overflow vulnerability in Adobe Acrobat Reader that allows remote code execution. The vulnerability stems from improper validation of unicode string lengths during processing.

Description

Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have a Heap Overflow vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.

Exploits (1)

nomisec WRITEUP
by sandi-go · poc
https://github.com/sandi-go/cve-2018-12798

This repository contains a detailed writeup for CVE-2018-12798, a heap overflow vulnerability in Adobe Acrobat Reader that allows remote code execution. The vulnerability stems from improper validation of unicode string lengths during processing.

Classification
Writeup 90%
Attack Type
Rce
Complexity
Moderate
Reliability
Theoretical
Target: Adobe Acrobat Pro DC, Acrobat Reader DC, Acrobat 2017, Acrobat Reader 2017, Acrobat DC 2015, Acrobat Reader DC 2015
No auth needed
Prerequisites: Target must visit a malicious page or open a malicious file
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (2)

Core 2
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id/1041250

Scores

CVSS v3 9.8
EPSS 0.1347
EPSS Percentile 95.9%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-787
Status published
Products (4)
adobe/acrobat_dc 15.006.30060 - 15.006.30418
adobe/acrobat_dc 15.008.20082 - 18.011.20040
adobe/acrobat_reader_dc 15.006.30060 - 15.006.30418
adobe/acrobat_reader_dc 15.008.20082 - 18.011.20040
Published Jul 20, 2018
Tracked Since Feb 18, 2026