N/A

An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions. This vulnerability is an instance of a heap overflow vulnerability in the JavaScript engine. The vulnerability is triggered by a PDF file with crafted JavaScript code that manipulates the optional content group (OCG). A successful attack can lead to code corruption, control-flow hijack, or a code re-use attack.

N/A

N/A

多款Adobe产品JavaScript引擎缓冲区错误漏洞

Acrobat DC Continuous Track等都是美国奥多比（Adobe）公司的产品。Acrobat DC Continuous Track是一款桌面版PDF解决方案的连续更新版本。Reader DC Continuous Track是一款PDF阅读工具的连续更新版本。JavaScript engine是其中的一个JavaScript脚本引擎。 多款Adobe产品中的JavaScript引擎存在堆溢出漏洞。攻击者可借助带有特制JavaScript代码的PDF文件利用该漏洞执行任意代码。基于Win

N/A

N/A