CVE-2018-15937

Name of the Vulnerable Software and Affected Versions Adobe Acrobat and Reader versions 2018.011.20063 and earlier Adobe Acrobat and Reader versions 2017.011.30102 and earlier Adobe Acrobat and Reader versions 2015.006.30452 and earlier

Description The issue is related to an untrusted pointer dereference, which could lead to arbitrary code execution if successfully exploited. This can be achieved through a specially crafted U3D file, allowing a remote attacker to execute arbitrary code. The vulnerability affects Adobe Acrobat, Adobe Reader, Adobe Acrobat Document Cloud, and Adobe Reader Document Cloud.

Recommendations For Adobe Acrobat and Reader versions 2018.011.20063 and earlier, update to a version later than 2018.011.20063. For Adobe Acrobat and Reader versions 2017.011.30102 and earlier, update to a version later than 2017.011.30102. For Adobe Acrobat and Reader versions 2015.006.30452 and earlier, update to a version later than 2015.006.30452. As a temporary workaround, consider avoiding the use of U3D files in Adobe Acrobat and Reader until a patch is available.