Thread Rating:
  • 1 Vote(s) - 5 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Adobe Fixes Acrobat and Reader Flaw With Publicly-Available PoC
#1
Quote:Adobe on Tuesday released three patches – including a fix for a flaw in Adobe Acrobat and Reader that exposes hashed passwords that already has a proof-of-concept (PoC) exploit code publicly available.

The information disclosure vulnerability, CVE-2018-15979, exists in Adobe Acrobat and Reader for Windows and was reported by the EdgeSpot team.

“Successful exploitation could lead to an inadvertent leak of the user’s hashed NTLM password,” said Adobe, in its release. NTLM is the authentication protocol used on networks that include systems running the Windows operating system and on standalone systems.

While no further information about the PoC was revealed, Adobe said the attack allows bad actors to redirect a user to a malicious resource outside their organization to obtain the NTLM authentication messages.

Source: https://threatpost.com/adobe-fixes-acrob...oc/139050/
[-] The following 1 user says Thank You to silversurfer for this post:
  • harlan4096
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)
[-]
Welcome
You have to register before you can post on our site.

Username/Email:


Password:





[-]
Recent Posts
The slowest Meteor Lake spotted: Intel C...
Intel Core Ultra 5...harlan4096 — 12:47
Microsoft Edge fixes 0-day vulnerability...
Microsoft released...harlan4096 — 10:12
AnyDesk 8.0.9
AnyDesk 8.0.9:   ...harlan4096 — 10:10
AMD Confirms RDNA 3+ GPU Architecture F...
AMD Zen5-based Strix...harlan4096 — 10:08
Adobe Acrobat Reader DC 24.001.20629 (Op...
Adobe Acrobat Read...harlan4096 — 10:06

[-]
Birthdays
Today's Birthdays
No birthdays today.
Upcoming Birthdays
No upcoming birthdays.

[-]
Online Staff
There are no staff members currently online.

>