VOOZH

URL: https://unit42.paloaltonetworks.com/unit-42-vulnerability-research-october-2018-disclosures-adobe/

⇱ Unit 42 Vulnerability Research October 2018 Disclosures – Adobe

Vulnerabilities

Unit 42 Vulnerability Research October 2018 Disclosures – Adobe

👁 Clock Icon
< 1 min read

👁 Profile Icon
By:
- Unit 42
👁 Published Icon

Published:October 5, 2018
👁 Tags Icon
Categories:
- Threat Research
- Vulnerabilities
👁 Tags Icon
Tags:
- Adobe

Share 👁 Down arrow

As part of Unit 42’s ongoing threat research, we can now disclose that Palo Alto Networks Unit 42 researchers have discovered ten vulnerabilities addressed by the Adobe Product Security Incident Response Team (PSIRT) as part of their October 2018 APSB18-30 security update release.

CVE	Vulnerability Category	Impact	Maximum Severity Rating	Researcher(s)
CVE-2018-12769	Use After Free	Arbitrary Code Execution	Critical	Gal De Leon
CVE-2018-12832	Heap Overflow	Arbitrary Code Execution	Critical	Gal De Leon
CVE-2018-12836	Heap Overflow	Arbitrary Code Execution	Critical	Gal De Leon
CVE-2018-12846	Heap Overflow	Arbitrary Code Execution	Critical	Gal De Leon
CVE-2018-15920	Use After Free	Arbitrary Code Execution	Critical	Gal De Leon
CVE-2018-15924	Use After Free	Arbitrary Code Execution	Critical	Hui Gao
CVE-2018-15922	Out-of-bounds read	Information Disclosure	Important	Bo Qu and Zhibin Zhang
CVE-2018-15923	Out-of-bounds read	Information Disclosure	Important	Bo Qu and Zhibin Zhang
CVE-2018-15925	Out-of-bounds read	Information Disclosure	Important	Hui Gao
CVE-2018-15968	Out-of-bounds read	Information Disclosure	Important	Hui Gao

Palo Alto Networks customers who deploy our Next-Generation Security Platform are protected from zero-day vulnerabilities such as these. Weaponized exploits for these vulnerabilities are prevented by Traps multi-layered exploit prevention capabilities. Threat prevention capabilities such as application control, IPS, and WildFire provide our customers with comprehensive protection and automatic updates against previously unknown threats.

Palo Alto Networks is a regular contributor to vulnerability research in Microsoft, Adobe, Apple, Google Android and other ecosystems. By proactively identifying these vulnerabilities, developing protections for our customers, and sharing the information with the security community, we are removing weapons used by attackers to threaten users, and compromise enterprise, government, and service provider networks.

Tags

Adobe

Threat Research Center Next: NOKKI Almost Ties the Knot with DOGCALL: Reaper Group Uses New Malware to Deploy RAT

Related Articles

Related Vulnerabilities Resources

👁 Pictorial representation of PAN-OS CVE-2026-0257. A vibrant city skyline at night, with tall skyscrapers and glowing digital beams extending into the sky, suggesting advanced technology and connectivity.

👁 category icon
High Profile Threats June 9, 2026

Threat Brief: Active Exploitation of PAN-OS CVE-2026-0257

Read now 👁 Right arrow

👁 Pictorial representation of CVE-2026-30300. Digital illustration of a map of North America with interconnected glowing lines and dots symbolizing network connections across the continent.

👁 category icon
High Profile Threats May 6, 2026

Threat Brief: Exploitation of PAN-OS Captive Portal Zero-Day for Unauthenticated Remote Code Execution

Read now 👁 Right arrow

👁 Pictorial representation of a severe Linux vulnerability. Close-up of a woman wearing glasses and focusing intently on a computer screen.

👁 category icon
High Profile Threats May 5, 2026

Copy Fail: What You Need to Know About the Most Severe Linux Threat in Years

Read now 👁 Right arrow

👁 Pictorial representation of CVE-2023-33538. Abstract image of a glowing red Wi-Fi symbol on a circuit board, with intricate patterns and a futuristic appearance.

👁 category icon
Threat Research April 16, 2026

A Deep Dive Into Attempted Exploitation of CVE-2023-33538

Read now 👁 Right arrow

👁 Pictorial representation of BeyondTrust vulnerability CVE-2026-1731. Digital art depicting a stylized mountain range with vibrant blue and red hues. The peaks are accentuated by glowing particles and an abstract, starry backdrop, creating a futuristic landscape.

👁 category icon
High Profile Threats February 19, 2026

VShell and SparkRAT Observed in Exploitation of BeyondTrust Critical Vulnerability (CVE-2026-1731)

Read now 👁 Right arrow

👁 category icon
High Profile Threats February 17, 2026

Critical Vulnerabilities in Ivanti EPMM Exploited

Read now 👁 Right arrow

👁 Pictorial representation of CVE-2025-0921. Digital illustration of a map of North America with interconnected glowing lines and dots symbolizing network connections across the continent.

👁 category icon
Threat Research January 30, 2026

Privileged File System Vulnerability Present in a SCADA System

Read now 👁 Right arrow

👁 Pictorial representation of MongoBleed, CVE-2025-14847. Digital image featuring a glowing padlock icon superimposed on a background of streaming blue binary code, symbolizing cybersecurity.

👁 category icon
High Profile Threats January 13, 2026

Threat Brief: MongoDB Vulnerability (CVE-2025-14847)

Read now 👁 Right arrow

👁 Pictorial representation of remote code execution in AI and machine learning libraries. Close-up of a woman wearing glasses and focusing intently on a computer screen.

👁 category icon
Threat Research January 13, 2026

Remote Code Execution With Modern AI/ML Formats and Libraries

Read now 👁 Right arrow

👁 Pictorial representation of CVE-2025-55182 (React) and CVE-2025-66478 (Next.js). Close-up of a digital display on electronic equipment with illuminated text reading "SYSTEM HACKED" in red, set against a blurred background of blue and red lights.

👁 category icon
High Profile Threats December 12, 2025

Exploitation of Critical Vulnerability in React Server Components (Updated December 12)

Read now 👁 Right arrow

Get the latest news, invites to events, and threat alerts

Products and Services

Company

Popular Links

Default Heading

Read the article 👁 Right Arrow