CISA Added Adobe and Cisco vulnerabilities to its Known Exploited Vulnerabilities Catalog (CVE-2023-21608 & CVE-2023-20109)

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has acknowledged the active exploitation of two vulnerabilities. CISA added the vulnerabilities to its Known Exploited Vulnerabilities Catalog on Tuesday. CISA has recommended that users apply the vendor-released patches before October 31, 2023, to secure their networks against potential threats. The two vulnerabilities added by CISA are: CVE-2023-21608 CVE-2023-20109

Adobe Acrobat Reader OCG Heap-based Buffer Overflow : CVE-2018-4910

A heap overflow vulnerability was discovered in Adobe Acrobat Pro DC. The issue occurs due to improper handling of OCG content. Upon successful exploitation an attacker can corrupt memory,control-flow hijack. CVE-2018-4910 has been assigned to track this vulnerability.The issue affects Adobe Acrobat Pro DC 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions Vulnerability … Continue reading “Adobe Acrobat Reader OCG Heap-based Buffer Overflow : CVE-2018-4910”