Adobe Fixes Acrobat and Reader Flaw With Publicly-Available PoC
#1
Quote:Adobe on Tuesday released three patches – including a fix for a flaw in Adobe Acrobat and Reader that exposes hashed passwords that already has a proof-of-concept (PoC) exploit code publicly available.

The information disclosure vulnerability, CVE-2018-15979, exists in Adobe Acrobat and Reader for Windows and was reported by the EdgeSpot team.

“Successful exploitation could lead to an inadvertent leak of the user’s hashed NTLM password,” said Adobe, in its release. NTLM is the authentication protocol used on networks that include systems running the Windows operating system and on standalone systems.

While no further information about the PoC was revealed, Adobe said the attack allows bad actors to redirect a user to a malicious resource outside their organization to obtain the NTLM authentication messages.

Source: https://threatpost.com/adobe-fixes-acrob...oc/139050/
[-] The following 1 user says Thank You to silversurfer for this post:
  • harlan4096
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)
[-]
Welcome
You have to register before you can post on our site.

Username/Email:


Password:





[-]
Recent Posts
QOwnNotes
26.7.5 Fixed gene...Kool — 12:11
Internet Download Manager 6.32 Build 9
Internet Download ...Kool — 13:05
Chrome for Android Adds Back Button in V...
Google has added a...harlan4096 — 12:35
Microsoft Edge 150.0.4078.65
Version 150.0.4078...harlan4096 — 12:34
Waterfox 6.6.16.1
Waterfox 6.6.16.1 ...harlan4096 — 12:03

[-]
Birthdays
Today's Birthdays
No birthdays today.
Upcoming Birthdays
avatar (46)RidgeDimb
avatar (37)ipumaqar
avatar (51)tanliorsPeri
avatar (43)lapedDow
avatar (49)rituabew
avatar (37)omyjul
avatar (41)papedDow
avatar (50)ArnoldFum
avatar (38)yfaza
avatar (49)Kevensi
avatar (39)boineDon
avatar (40)Grompelbawn
avatar (41)vkseogaF
avatar (37)usogy
avatar (40)ywixazok
avatar (38)ixoqe
avatar (36)pa.OpenTran

[-]
Online Staff
There are no staff members currently online.

>