CVE-2018-4879

CRITICAL

Adobe Acrobat and Reader < 17.011.30070, < 18.009.20050, < 15.006.30394 - Out-of-bounds Write in EMF+ Image Conversion

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2018-4879. PoCs published by H3llozy.

AI-analyzed exploit summary This is a Python-based exploit for CVE-2018-4879, which targets Adobe Flash Player. The exploit uses a shellcode payload embedded in a crafted SWF file to achieve remote code execution.

Description

An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions. The vulnerability is caused by the computation that writes data past the end of the intended buffer; the computation is part of the image conversion module that processes Enhanced Metafile Format Plus (EMF+) data. An attacker can potentially leverage the vulnerability to corrupt sensitive data or execute arbitrary code.

Exploits (1)

nomisec WORKING POC

by H3llozy · poc

https://github.com/H3llozy/CVE-2018-4879

View Code ZIP pw:eip

This is a Python-based exploit for CVE-2018-4879, which targets Adobe Flash Player. The exploit uses a shellcode payload embedded in a crafted SWF file to achieve remote code execution.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Adobe Flash Player (versions prior to 28.0.0.161)

No auth needed

Prerequisites: Victim must visit a malicious webpage hosting the exploit · Adobe Flash Player must be installed and vulnerable

MITRE ATT&CK

T1189 - Drive-by Compromise T1203 - Exploitation for Client Execution

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3

Core References

Vendor Advisory x_refsource_confirm

https://helpx.adobe.com/security/products/acrobat/apsb18-02.html

Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack

http://www.securitytracker.com/id/1040364

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/102994

Scores

CVSS v3 9.8

EPSS 0.2964

EPSS Percentile 98.0%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-787

Status published

Products (6)

adobe/acrobat 17.0 - 17.011.30070

adobe/acrobat_dc - - 18.009.20050

adobe/acrobat_dc 15.0 - 15.006.30394

adobe/acrobat_reader 17.0 - 17.011.30070

adobe/acrobat_reader_dc - - 18.009.20050

adobe/acrobat_reader_dc 15.0 - 15.006.30394

Published Feb 27, 2018

Tracked Since Feb 18, 2026