NVD - CVE-2018-4954

Vulnerability Change Records for CVE-2018-4954

Change History

Initial Analysis by NIST 8/30/2018 8:24:12 AM

Action	Type	Old Value	New Value
Added	CVSS V3		AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Added	CVSS V2		(AV:N/AC:M/Au:N/C:P/I:P/A:P)
Added	CWE		CWE-416
Added	CPE Configuration		AND OR cpe:2.3:a:adobe:acrobat:::::classic::: versions from (including) 17.011.30059 up to (including) 17.011.30079 cpe:2.3:a:adobe:acrobat_dc:::::classic::: versions from (including) 15.006.30060 up to (including) 15.006.30417 cpe:2.3:a:adobe:acrobat_dc:::::continuous::: versions from (including) 15.008.20082 up to (including) 18.011.20038 cpe:2.3:a:adobe:acrobat_reader:::::classic::: versions from (including) 17.011.30059 up to (including) 17.011.30079 cpe:2.3:a:adobe:acrobat_reader_dc:::::classic::: versions from (including) 15.006.30060 up to (including) 15.006.30417 cpe:2.3:a:adobe:acrobat_reader_dc:::::continuous::: versions from (including) 15.008.20082 up to (including) 18.011.20038 OR cpe:2.3:o:apple:mac_os_x:-:::::::* cpe:2.3:o:microsoft:windows:-:::::::*
Added	Reference		https://www.zerodayinitiative.com/advisories/ZDI-18-442/ [Third Party Advisory]
Changed	Reference Type	http://www.securityfocus.com/bid/104169 No Types Assigned	http://www.securityfocus.com/bid/104169 Third Party Advisory, VDB Entry
Changed	Reference Type	http://www.securitytracker.com/id/1040920 No Types Assigned	http://www.securitytracker.com/id/1040920 Third Party Advisory, VDB Entry
Changed	Reference Type	https://helpx.adobe.com/security/products/acrobat/apsb18-09.html No Types Assigned	https://helpx.adobe.com/security/products/acrobat/apsb18-09.html Patch, Vendor Advisory
Added	CVSS V2 Metadata		Victim must voluntarily interact with attack mechanism