Adobe Reader <= 15.006.30456 / 17.011.30105 / 19.008.20080 NTLM SSO Hash Theft (APSB18-40)
Medium Nessus Plugin ID 118932
SynopsisThe version of Adobe Reader installed on the remote Windows host is affected by an information disclosure vulnerability.
DescriptionThe version of Adobe Reader installed on the remote Windows host is a version prior or equal to 2015.006.30456, 2017.011.30105, or 2019.008.20080. It is, therefore, affected by an information disclosure vulnerability that could leak NTLM SSO Hashes to an attacker.
Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.
SolutionUpgrade to Adobe Reader 2015.006.30457 / 2017.011.30106 / 2019.008.20081 or later.