FILE-PDF -- Snort has detected suspicious traffic related to a PDF file. PDFs are easily exploitable. They include many ways to encapsulate data and are often targeted by attackers, who use the PDF's household name status for social engineering. Therefore, Snort includes Many PDF-targeted rules.
FILE-PDF Adobe Reader XFA nested subforms out-of-bounds read attempt
This event is generated when a crafted PDF file containing JavaScript manipulating XFA subforms traverses the network Impact: Attempted User Privilege Gain Details: This vulnerability occurs as a result of computation that reads data that is past the end of the target buffer; the computation is part of the XML Forms Architecture Engine (XFA) manipulated through the JavaScript API. A malformed input leads to flawed computation that involves pointer offset arithmetic which does not adequately account for the buffer boundaries. The use of an invalid (out-of-range) pointer offset during access of internal data structure fields causes the vulnerability. A successful attack can lead to sensitive data exposure. Ease of Attack:
No information provided
No public information
No known false positives
Cisco Talos Intelligence Group
No rule groups
CVE-2018-12757 |
Loading description
|