FILE-OTHER -- Snort detected traffic targeting vulnerabilities in a file type that does not require enough rule coverage to have its own category.
FILE-OTHER Adobe Acrobat Pro EMF use-after-free attempt
This event is generated when an attempt to exploit CVE-2018-12796, a use-after-free vulnerability in Adobe Acrobat Pro, is detected over SMTP.
Successful exploitation of this vulnerability could allow an attacker to execute arbitrary code in the context of the current user.
Ease of Attack:
What To Look For
No public information
No known false positives
Cisco Talos Intelligence Group
MITRE ATT&CK Framework
For reference, see the MITRE ATT&CK vulnerability types here:
CVE Additional Information
CVE-2018-12796Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have a Use-after-free vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.
||Ease of Access||