Geeks for your information News Software & Services News v
Adobe Fixes Acrobat and Reader Flaw With Publicly-Available PoC
Adobe Fixes Acrobat and Reader Flaw With Publicly-Available PoC
silversurfer Offline
Staff Member
******
Posts: 3,885
Threads: 3,283
Thanks Received: 5,064 in 3,838 posts
Thanks Given: 6,200
Joined: 12 September 18
#1
14 November 18, 14:06
Quote:Adobe on Tuesday released three patches – including a fix for a flaw in Adobe Acrobat and Reader that exposes hashed passwords that already has a proof-of-concept (PoC) exploit code publicly available.

The information disclosure vulnerability, CVE-2018-15979, exists in Adobe Acrobat and Reader for Windows and was reported by the EdgeSpot team.

“Successful exploitation could lead to an inadvertent leak of the user’s hashed NTLM password,” said Adobe, in its release. NTLM is the authentication protocol used on networks that include systems running the Windows operating system and on standalone systems.

While no further information about the PoC was revealed, Adobe said the attack allows bad actors to redirect a user to a malicious resource outside their organization to obtain the NTLM authentication messages.

Source: https://threatpost.com/adobe-fixes-acrob...oc/139050/
[-] The following 1 user says Thank You to silversurfer for this post:
  • harlan4096
Find
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)
[-]
Welcome
You have to register before you can post on our site.

Username/Email:


Password:

[-]
Recent Posts
QOwnNotes
26.4.3  When pres...Kool — 05:38
K-Lite Codec Pack 19.6.0 / 19.6.5 Update
Changes in 19.6.5 ...harlan4096 — 07:54
Hardware Monitor 1.63
Hardware Monitor 1...harlan4096 — 07:53
Adobe Acrobat Reader DC 26.001.21367
Adobe Acrobat Read...harlan4096 — 07:50
QOwnNotes
26.4.2  Improved ...Kool — 06:42

[-]
Birthdays
Today's Birthdays
avatar (43)Sanfordbup
avatar (38)Der.Reisende
Upcoming Birthdays
avatar (45)wapedDow
avatar (49)oapedDow
avatar (42)Sanchowogy
avatar (46)MeighGoask
avatar (47)creatralGuelm
avatar (38)procnipsut
avatar (44)accenwibly
avatar (41)ahyvily
avatar (38)urumahiz
avatar (44)techlignub
avatar (43)Stevenmam
avatar (50)onlinbah
avatar (50)fuspeukChark
avatar (44)werriewWaiNg
avatar (38)Freemanleo
avatar (43)cdoubapKit
avatar (38)lystraPonia
avatar (31)smith8395john
avatar (51)steakelask
avatar (45)Termoplenka
avatar (43)bycoPaist
avatar (49)pieloKat
avatar (43)ilyagNeexy
avatar (51)donitascene
avatar (51)burntLaw
avatar (41)MrDoorsskibheeds
avatar (51)Toligo
avatar (46)Rodneykak
avatar (49)tradeSmode
avatar (39)vemedProkbior
avatar (38)RobertUtelt
avatar (46)JamesZic
avatar (36)Kiran78

[-]
Online Staff
There are no staff members currently online.

>