Think you have a false positive on this rule?

Sid 1-45864

Message

FILE-PDF Adobe Acrobat Reader bookmarkRoot memory corruption attempt

Summary

This event is generated when an attempt to exploit CVE-2018-4911 is detected.

Impact

Attempted User Privilege Gain

Detailed information

Affected systems

Ease of attack

False positives

False negatives

Corrective action

Investigate the host for possible compromise. Apply all necessary patches immediately.

Contributors

  • Cisco's Talos Intelligence Group

Additional References

  • helpx.adobe.com/security/products/acrobat/apsb18-02.html