1. Home
  2. Mapping Frameworks
  3. Known Exploited Vulnerabilities Home
  4. Adobe Acrobat and Reader Double Free Vulnerability

Known Exploited Vulnerabilities CVE-2018-4990 Mappings

Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have a Double Free vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.

Mappings

Capability ID Capability Description Mapping Type ATT&CK ID ATT&CK Name Notes
CVE-2018-4990 Adobe Acrobat and Reader Double Free Vulnerability exploitation_technique T1059.007 JavaScript
Comments
This vulnerability is exploited via embedded javascript within a user-executed malicious pdf. There are two mapped exploitation_technqiues for this CVE.
References
  1. https://srcincite.io/blog/2018/05/21/adobe-me-and-a-double-free.html
CVE-2018-4990 Adobe Acrobat and Reader Double Free Vulnerability exploitation_technique T1204.002 Malicious File
Comments
This vulnerability is exploited via embedded javascript within a user-executed malicious pdf. There are two mapped exploitation_technqiues for this CVE.
References
  1. https://srcincite.io/blog/2018/05/21/adobe-me-and-a-double-free.html