CVE-2018-15968

MEDIUM

Adobe Acrobat DC < 15.006.30452, 15.008.20082-18.011.20063 - Out-of-bounds Read

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2018-15968. PoCs published by sandi-go.

AI-analyzed exploit summary This repository contains a writeup describing CVE-2018-15968, an out-of-bounds read vulnerability in Adobe Reader that could lead to information disclosure. The flaw involves improper validation of user-supplied data in malformed PDF files, potentially allowing remote attackers to read sensitive information or combine with other vulnerabilities for code execution.

Description

Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011.30102 and earlier, and 2015.006.30452 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.

Exploits (1)

nomisec WRITEUP

by sandi-go · poc

https://github.com/sandi-go/cve-2018-15968

View Code ZIP pw:eip

This repository contains a writeup describing CVE-2018-15968, an out-of-bounds read vulnerability in Adobe Reader that could lead to information disclosure. The flaw involves improper validation of user-supplied data in malformed PDF files, potentially allowing remote attackers to read sensitive information or combine with other vulnerabilities for code execution.

Classification

Writeup 90%

Attack Type

Info Leak

Complexity

Moderate

Reliability

Theoretical

Target: Adobe Acrobat/Reader DC 2018.011.20063 and prior, Acrobat/Reader 2017 2017.011.30102 and prior, Acrobat/Reader DC 2015.006.30452 and prior

No auth needed

Prerequisites: User interaction required to open a malicious PDF file or visit a malicious page

MITRE ATT&CK

T1005 - Data from Local System T1059.005 - Visual Basic

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3

Core References

Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack

http://www.securitytracker.com/id/1041809

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/105439

Vendor Advisory x_refsource_confirm

https://helpx.adobe.com/security/products/acrobat/apsb18-30.html

Scores

CVSS v3 5.5

EPSS 0.0502

EPSS Percentile 91.1%

Attack Vector LOCAL

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

Details

CWE

CWE-125

Status published

Products (4)

adobe/acrobat_dc 15.006.30060 - 15.006.30452

adobe/acrobat_dc 15.008.20082 - 18.011.20063

adobe/acrobat_reader_dc 15.006.30060 - 15.006.30452

adobe/acrobat_reader_dc 15.008.20082 - 18.011.20063

Published Oct 12, 2018

Tracked Since Feb 18, 2026