Multiple vulnerabilities in Adobe Reader and Acrobat
| Risk | High |
| Patch available | YES |
| Number of vulnerabilities | 71 |
| CVE-ID | CVE-2019-7020 CVE-2019-7085 CVE-2019-7089 CVE-2019-7080 CVE-2019-7030 CVE-2019-7021 CVE-2019-7022 CVE-2019-7023 CVE-2019-7024 CVE-2019-7028 CVE-2019-7032 CVE-2019-7033 CVE-2019-7034 CVE-2019-7035 CVE-2019-7036 CVE-2019-7038 CVE-2019-7045 CVE-2019-7047 CVE-2019-7049 CVE-2019-7053 CVE-2019-7055 CVE-2019-7056 CVE-2019-7057 CVE-2019-7058 CVE-2019-7059 CVE-2019-7063 CVE-2019-7064 CVE-2019-7065 CVE-2019-7067 CVE-2019-7071 CVE-2019-7073 CVE-2019-7074 CVE-2019-7081 CVE-2018-19725 CVE-2019-7041 CVE-2019-7019 CVE-2019-7027 CVE-2019-7037 CVE-2019-7039 CVE-2019-7052 CVE-2019-7060 CVE-2019-7079 CVE-2019-7069 CVE-2019-7086 CVE-2019-7087 CVE-2019-7042 CVE-2019-7046 CVE-2019-7051 CVE-2019-7054 CVE-2019-7066 CVE-2019-7076 CVE-2019-7018 CVE-2019-7025 CVE-2019-7026 CVE-2019-7029 CVE-2019-7031 CVE-2019-7040 CVE-2019-7043 CVE-2019-7044 CVE-2019-7048 CVE-2019-7050 CVE-2019-7062 CVE-2019-7068 CVE-2019-7070 CVE-2019-7072 CVE-2019-7075 CVE-2019-7077 CVE-2019-7078 CVE-2019-7082 CVE-2019-7083 CVE-2019-7084 |
| CWE-ID | CWE-119 CWE-200 CWE-415 CWE-190 CWE-125 CWE-264 CWE-787 CWE-843 CWE-822 CWE-416 |
| Exploitation vector | Network |
| Public exploit |
Public exploit code for vulnerability #4 is available. Public exploit code for vulnerability #33 is available. |
| Vulnerable software Subscribe |
Adobe Reader Client/Desktop applications / Office applications Adobe Acrobat Client/Desktop applications / Office applications |
| Vendor | Adobe |
Security Bulletin
This security bulletin contains information about 71 vulnerabilities.
1) Buffer overflow
EUVDB-ID: #VU17478
Risk: High
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2019-7020
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, trigger memory corruption and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsAdobe Reader: 2015.006.30306 - 2019.010.20069
Adobe Acrobat: 15.006.30306 - 19.010.20069
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb19-07.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Buffer overflow
EUVDB-ID: #VU17479
Risk: High
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2019-7085
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, trigger memory corruption and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsAdobe Reader: 2015.006.30306 - 2019.010.20069
Adobe Acrobat: 15.006.30306 - 19.010.20069
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb19-07.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Information disclosure
EUVDB-ID: #VU17490
Risk: Medium
CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2019-7089
CWE-ID:
CWE-200 - Information exposure
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to sensitive information and compromise the affected system.
The vulnerability exists due to data leak when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it and gain access to sensitive information.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsAdobe Reader: 2015.006.30306 - 2019.010.20069
Adobe Acrobat: 15.006.30306 - 19.010.20069
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb19-07.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Double free
EUVDB-ID: #VU17480
Risk: High
CVSSv3.1: 7.9 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C]
CVE-ID: CVE-2019-7080
CWE-ID:
CWE-415 - Double Free
Exploit availability: Yes
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error when processing PDF files. A remote attacker can create a specially crafted PDF file, trick the victim into opening it, trigger a double free error and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsAdobe Reader: 2015.006.30306 - 2019.010.20069
Adobe Acrobat: 15.006.30306 - 19.010.20069
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb19-07.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
5) Integer overflow
EUVDB-ID: #VU17489
Risk: Medium
CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2019-7030
CWE-ID:
CWE-190 - Integer overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to sensitive information and execute arbitrary code on the target system.
The vulnerability exists due to integer overflow when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, trigger integer overflow and gain access to sensitive information.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsAdobe Reader: 2015.006.30306 - 2019.010.20069
Adobe Acrobat: 15.006.30306 - 19.010.20069
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb19-07.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
6) Out-of-bounds read
EUVDB-ID: #VU17491
Risk: Low
CVSSv3.1: 4.6 [CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2019-7021
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to sensitive information.
The vulnerability exists due to boundary error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, trigger out-of-bounds read error and gain access to sensitive information.
Mitigation
Install updates from vendor's website.
Vulnerable software versionsAdobe Reader: 2015.006.30306 - 2019.010.20069
Adobe Acrobat: 15.006.30306 - 19.010.20069
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb19-07.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
7) Out-of-bounds read
EUVDB-ID: #VU17492
Risk: Low
CVSSv3.1: 4.6 [CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2019-7022
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to sensitive information.
The vulnerability exists due to boundary error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, trigger out-of-bounds read error and gain access to sensitive information.
Mitigation
Install updates from vendor's website.
Vulnerable software versionsAdobe Reader: 2015.006.30306 - 2019.010.20069
Adobe Acrobat: 15.006.30306 - 19.010.20069
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb19-07.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
8) Out-of-bounds read
EUVDB-ID: #VU17493
Risk: Low
CVSSv3.1: 4.6 [CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2019-7023
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to sensitive information.
The vulnerability exists due to boundary error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, trigger out-of-bounds read error and gain access to sensitive information.
Mitigation
Install updates from vendor's website.
Vulnerable software versionsAdobe Reader: 2015.006.30306 - 2019.010.20069
Adobe Acrobat: 15.006.30306 - 19.010.20069
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb19-07.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
9) Out-of-bounds read
EUVDB-ID: #VU17494
Risk: Low
CVSSv3.1: 4.6 [CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2019-7024
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to sensitive information.
The vulnerability exists due to boundary error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, trigger out-of-bounds read error and gain access to sensitive information.
Mitigation
Install updates from vendor's website.
Vulnerable software versionsAdobe Reader: 2015.006.30306 - 2019.010.20069
Adobe Acrobat: 15.006.30306 - 19.010.20069
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb19-07.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
10) Out-of-bounds read
EUVDB-ID: #VU17495
Risk: Low
CVSSv3.1: 4.6 [CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2019-7028
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to sensitive information.
The vulnerability exists due to boundary error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, trigger out-of-bounds read error and gain access to sensitive information.
Mitigation
Install updates from vendor's website.
Vulnerable software versionsAdobe Reader: 2015.006.30306 - 2019.010.20069
Adobe Acrobat: 15.006.30306 - 19.010.20069
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb19-07.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
11) Out-of-bounds read
EUVDB-ID: #VU17496
Risk: Low
CVSSv3.1: 4.6 [CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2019-7032
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to sensitive information.
The vulnerability exists due to boundary error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, trigger out-of-bounds read error and gain access to sensitive information.
Mitigation
Install updates from vendor's website.
Vulnerable software versionsAdobe Reader: 2015.006.30306 - 2019.010.20069
Adobe Acrobat: 15.006.30306 - 19.010.20069
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb19-07.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
12) Out-of-bounds read
EUVDB-ID: #VU17497
Risk: Low
CVSSv3.1: 4.6 [CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2019-7033
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to sensitive information.
The vulnerability exists due to boundary error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, trigger out-of-bounds read error and gain access to sensitive information.
Mitigation
Install updates from vendor's website.
Vulnerable software versionsAdobe Reader: 2015.006.30306 - 2019.010.20069
Adobe Acrobat: 15.006.30306 - 19.010.20069
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb19-07.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
13) Out-of-bounds read
EUVDB-ID: #VU17498
Risk: Low
CVSSv3.1: 4.6 [CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2019-7034
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to sensitive information.
The vulnerability exists due to boundary error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, trigger out-of-bounds read error and gain access to sensitive information.
Mitigation
Install updates from vendor's website.
Vulnerable software versionsAdobe Reader: 2015.006.30306 - 2019.010.20069
Adobe Acrobat: 15.006.30306 - 19.010.20069
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb19-07.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
14) Out-of-bounds read
EUVDB-ID: #VU17499
Risk: Low
CVSSv3.1: 4.6 [CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2019-7035
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to sensitive information.
The vulnerability exists due to boundary error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, trigger out-of-bounds read error and gain access to sensitive information.
Mitigation
Install updates from vendor's website.
Vulnerable software versionsAdobe Reader: 2015.006.30306 - 2019.010.20069
Adobe Acrobat: 15.006.30306 - 19.010.20069
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb19-07.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
15) Out-of-bounds read
EUVDB-ID: #VU17500
Risk: Low
CVSSv3.1: 4.6 [CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2019-7036
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to sensitive information.
The vulnerability exists due to boundary error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, trigger out-of-bounds read error and gain access to sensitive information.
Mitigation
Install updates from vendor's website.
Vulnerable software versionsAdobe Reader: 2015.006.30306 - 2019.010.20069
Adobe Acrobat: 15.006.30306 - 19.010.20069
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb19-07.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
16) Out-of-bounds read
EUVDB-ID: #VU17501
Risk: Low
CVSSv3.1: 4.6 [CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2019-7038
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to sensitive information.
The vulnerability exists due to boundary error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, trigger out-of-bounds read error and gain access to sensitive information.
Mitigation
Install updates from vendor's website.
Vulnerable software versionsAdobe Reader: 2015.006.30306 - 2019.010.20069
Adobe Acrobat: 15.006.30306 - 19.010.20069
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb19-07.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
17) Out-of-bounds read
EUVDB-ID: #VU17502
Risk: Low
CVSSv3.1: 4.6 [CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2019-7045
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to sensitive information.
The vulnerability exists due to boundary error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, trigger out-of-bounds read error and gain access to sensitive information.
Mitigation
Install updates from vendor's website.
Vulnerable software versionsAdobe Reader: 2015.006.30306 - 2019.010.20069
Adobe Acrobat: 15.006.30306 - 19.010.20069
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb19-07.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
18) Out-of-bounds read
EUVDB-ID: #VU17503
Risk: Low
CVSSv3.1: 4.6 [CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2019-7047
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to sensitive information.
The vulnerability exists due to boundary error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, trigger out-of-bounds read error and gain access to sensitive information.
Mitigation
Install updates from vendor's website.
Vulnerable software versionsAdobe Reader: 2015.006.30306 - 2019.010.20069
Adobe Acrobat: 15.006.30306 - 19.010.20069
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb19-07.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
19) Out-of-bounds read
EUVDB-ID: #VU17504
Risk: Low
CVSSv3.1: 4.6 [CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2019-7049
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to sensitive information.
The vulnerability exists due to boundary error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, trigger out-of-bounds read error and gain access to sensitive information.
Mitigation
Install updates from vendor's website.
Vulnerable software versionsAdobe Reader: 2015.006.30306 - 2019.010.20069
Adobe Acrobat: 15.006.30306 - 19.010.20069
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb19-07.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
20) Out-of-bounds read
EUVDB-ID: #VU17505
Risk: Low
CVSSv3.1: 4.6 [CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2019-7053
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to sensitive information.
The vulnerability exists due to boundary error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, trigger out-of-bounds read error and gain access to sensitive information.
Mitigation
Install updates from vendor's website.
Vulnerable software versionsAdobe Reader: 2015.006.30306 - 2019.010.20069
Adobe Acrobat: 15.006.30306 - 19.010.20069
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb19-07.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
21) Out-of-bounds read
EUVDB-ID: #VU17506
Risk: Low
CVSSv3.1: 4.6 [CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2019-7055
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to sensitive information.
The vulnerability exists due to boundary error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, trigger out-of-bounds read error and gain access to sensitive information.
Mitigation
Install updates from vendor's website.
Vulnerable software versionsAdobe Reader: 2015.006.30306 - 2019.010.20069
Adobe Acrobat: 15.006.30306 - 19.010.20069
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb19-07.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
22) Out-of-bounds read
EUVDB-ID: #VU17507
Risk: Low
CVSSv3.1: 4.6 [CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2019-7056
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to sensitive information.
The vulnerability exists due to boundary error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, trigger out-of-bounds read error and gain access to sensitive information.
Mitigation
Install updates from vendor's website.
Vulnerable software versionsAdobe Reader: 2015.006.30306 - 2019.010.20069
Adobe Acrobat: 15.006.30306 - 19.010.20069
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb19-07.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
23) Out-of-bounds read
EUVDB-ID: #VU17508
Risk: Low
CVSSv3.1: 4.6 [CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2019-7057
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to sensitive information.
The vulnerability exists due to boundary error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, trigger out-of-bounds read error and gain access to sensitive information.
Mitigation
Install updates from vendor's website.
Vulnerable software versionsAdobe Reader: 2015.006.30306 - 2019.010.20069
Adobe Acrobat: 15.006.30306 - 19.010.20069
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb19-07.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
24) Out-of-bounds read
EUVDB-ID: #VU17509
Risk: Low
CVSSv3.1: 4.6 [CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2019-7058
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to sensitive information.
The vulnerability exists due to boundary error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, trigger out-of-bounds read error and gain access to sensitive information.
Mitigation
Install updates from vendor's website.
Vulnerable software versionsAdobe Reader: 2015.006.30306 - 2019.010.20069
Adobe Acrobat: 15.006.30306 - 19.010.20069
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb19-07.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
25) Out-of-bounds read
EUVDB-ID: #VU17510
Risk: Low
CVSSv3.1: 4.6 [CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2019-7059
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to sensitive information.
The vulnerability exists due to boundary error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, trigger out-of-bounds read error and gain access to sensitive information.
Mitigation
Install updates from vendor's website.
Vulnerable software versionsAdobe Reader: 2015.006.30306 - 2019.010.20069
Adobe Acrobat: 15.006.30306 - 19.010.20069
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb19-07.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
26) Out-of-bounds read
EUVDB-ID: #VU17511
Risk: Low
CVSSv3.1: 4.6 [CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2019-7063
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to sensitive information.
The vulnerability exists due to boundary error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, trigger out-of-bounds read error and gain access to sensitive information.
Mitigation
Install updates from vendor's website.
Vulnerable software versionsAdobe Reader: 2015.006.30306 - 2019.010.20069
Adobe Acrobat: 15.006.30306 - 19.010.20069
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb19-07.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
27) Out-of-bounds read
EUVDB-ID: #VU17512
Risk: Low
CVSSv3.1: 4.6 [CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2019-7064
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to sensitive information.
The vulnerability exists due to boundary error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, trigger out-of-bounds read error and gain access to sensitive information.
Mitigation
Install updates from vendor's website.
Vulnerable software versionsAdobe Reader: 2015.006.30306 - 2019.010.20069
Adobe Acrobat: 15.006.30306 - 19.010.20069
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb19-07.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
28) Out-of-bounds read
EUVDB-ID: #VU17513
Risk: Low
CVSSv3.1: 4.6 [CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2019-7065
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to sensitive information.
The vulnerability exists due to boundary error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, trigger out-of-bounds read error and gain access to sensitive information.
Mitigation
Install updates from vendor's website.
Vulnerable software versionsAdobe Reader: 2015.006.30306 - 2019.010.20069
Adobe Acrobat: 15.006.30306 - 19.010.20069
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb19-07.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
29) Out-of-bounds read
EUVDB-ID: #VU17514
Risk: Low
CVSSv3.1: 4.6 [CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2019-7067
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to sensitive information.
The vulnerability exists due to boundary error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, trigger out-of-bounds read error and gain access to sensitive information.
Mitigation
Install updates from vendor's website.
Vulnerable software versionsAdobe Reader: 2015.006.30306 - 2019.010.20069
Adobe Acrobat: 15.006.30306 - 19.010.20069
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb19-07.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
30) Out-of-bounds read
EUVDB-ID: #VU17515
Risk: Low
CVSSv3.1: 4.6 [CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2019-7071
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to sensitive information.
The vulnerability exists due to boundary error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, trigger out-of-bounds read error and gain access to sensitive information.
Mitigation
Install updates from vendor's website.
Vulnerable software versionsAdobe Reader: 2015.006.30306 - 2019.010.20069
Adobe Acrobat: 15.006.30306 - 19.010.20069
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb19-07.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
31) Out-of-bounds read
EUVDB-ID: #VU17516
Risk: Low
CVSSv3.1: 4.6 [CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2019-7073
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to sensitive information.
The vulnerability exists due to boundary error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, trigger out-of-bounds read error and gain access to sensitive information.
Mitigation
Install updates from vendor's website.
Vulnerable software versionsAdobe Reader: 2015.006.30306 - 2019.010.20069
Adobe Acrobat: 15.006.30306 - 19.010.20069
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb19-07.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
32) Out-of-bounds read
EUVDB-ID: #VU17517
Risk: Low
CVSSv3.1: 4.6 [CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2019-7074
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to sensitive information.
The vulnerability exists due to boundary error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, trigger out-of-bounds read error and gain access to sensitive information.
Mitigation
Install updates from vendor's website.
Vulnerable software versionsAdobe Reader: 2015.006.30306 - 2019.010.20069
Adobe Acrobat: 15.006.30306 - 19.010.20069
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb19-07.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
33) Out-of-bounds read
EUVDB-ID: #VU17518
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C]
CVE-ID: CVE-2019-7081
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: Yes
DescriptionThe vulnerability allows a remote attacker to gain access to sensitive information.
The vulnerability exists due to boundary error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, trigger out-of-bounds read error and gain access to sensitive information.
Mitigation
Install updates from vendor's website.
Vulnerable software versionsAdobe Reader: 2015.006.30306 - 2019.010.20069
Adobe Acrobat: 15.006.30306 - 19.010.20069
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb19-07.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
34) Security restrictions bypass
EUVDB-ID: #VU17521
Risk: Medium
CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-19725
CWE-ID:
CWE-264 - Permissions, Privileges, and Access Controls
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to bypass certain security restrictions.
The vulnerability exists due to an error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, bypass implemented security restrictions and compromise vulnerable system.
Install updates from vendor's website.
Vulnerable software versionsAdobe Reader: 2015.006.30306 - 2019.010.20069
Adobe Acrobat: 15.006.30306 - 19.010.20069
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb19-07.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
35) Security restrictions bypass
EUVDB-ID: #VU17522
Risk: Medium
CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2019-7041
CWE-ID:
CWE-264 - Permissions, Privileges, and Access Controls
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to bypass certain security restrictions.
The vulnerability exists due to an error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, bypass implemented security restrictions and compromise vulnerable system.
Install updates from vendor's website.
Vulnerable software versionsAdobe Reader: 2015.006.30306 - 2019.010.20069
Adobe Acrobat: 15.006.30306 - 19.010.20069
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb19-07.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
36) Out-of-bounds write
EUVDB-ID: #VU17482
Risk: High
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2019-7019
CWE-ID:
CWE-787 - Out-of-bounds write
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, trigger out-of-bounds write and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsAdobe Reader: 2015.006.30306 - 2019.010.20069
Adobe Acrobat: 15.006.30306 - 19.010.20069
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb19-07.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
37) Out-of-bounds write
EUVDB-ID: #VU17483
Risk: High
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2019-7027
CWE-ID:
CWE-787 - Out-of-bounds write
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, trigger out-of-bounds write and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsAdobe Reader: 2015.006.30306 - 2019.010.20069
Adobe Acrobat: 15.006.30306 - 19.010.20069
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb19-07.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
38) Out-of-bounds write
EUVDB-ID: #VU17484
Risk: High
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2019-7037
CWE-ID:
CWE-787 - Out-of-bounds write
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, trigger out-of-bounds write and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsAdobe Reader: 2015.006.30306 - 2019.010.20069
Adobe Acrobat: 15.006.30306 - 19.010.20069
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb19-07.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
39) Out-of-bounds write
EUVDB-ID: #VU17485
Risk: High
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2019-7039
CWE-ID:
CWE-787 - Out-of-bounds write
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, trigger out-of-bounds write and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsAdobe Reader: 2015.006.30306 - 2019.010.20069
Adobe Acrobat: 15.006.30306 - 19.010.20069
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb19-07.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
40) Out-of-bounds write
EUVDB-ID: #VU17486
Risk: High
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2019-7052
CWE-ID:
CWE-787 - Out-of-bounds write
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, trigger out-of-bounds write and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsAdobe Reader: 2015.006.30306 - 2019.010.20069
Adobe Acrobat: 15.006.30306 - 19.010.20069
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb19-07.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
41) Out-of-bounds write
EUVDB-ID: #VU17487
Risk: High
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2019-7060
CWE-ID:
CWE-787 - Out-of-bounds write
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, trigger out-of-bounds write and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsAdobe Reader: 2015.006.30306 - 2019.010.20069
Adobe Acrobat: 15.006.30306 - 19.010.20069
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb19-07.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
42) Out-of-bounds write
EUVDB-ID: #VU17488
Risk: High
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2019-7079
CWE-ID:
CWE-787 - Out-of-bounds write
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it, trigger out-of-bounds write and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsAdobe Reader: 2015.006.30306 - 2019.010.20069
Adobe Acrobat: 15.006.30306 - 19.010.20069
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb19-07.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
43) Type confusion
EUVDB-ID: #VU17523
Risk: High
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2019-7069
CWE-ID:
CWE-843 - Type confusion
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to a type confusion error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it and compromise vulnerable system.
Install updates from vendor's website.
Vulnerable software versionsAdobe Reader: 2015.006.30306 - 2019.010.20069
Adobe Acrobat: 15.006.30306 - 19.010.20069
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb19-07.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
44) Type confusion
EUVDB-ID: #VU17524
Risk: High
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2019-7086
CWE-ID:
CWE-843 - Type confusion
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to a type confusion error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it and compromise vulnerable system.
Install updates from vendor's website.
Vulnerable software versionsAdobe Reader: 2015.006.30306 - 2019.010.20069
Adobe Acrobat: 15.006.30306 - 19.010.20069
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb19-07.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
45) Type confusion
EUVDB-ID: #VU17525
Risk: High
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2019-7087
CWE-ID:
CWE-843 - Type confusion
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to a type confusion error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it and compromise vulnerable system.
Install updates from vendor's website.
Vulnerable software versionsAdobe Reader: 2015.006.30306 - 2019.010.20069
Adobe Acrobat: 15.006.30306 - 19.010.20069
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb19-07.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
46) Untrusted pointer dereference
EUVDB-ID: #VU17526
Risk: High
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2019-7042
CWE-ID:
CWE-822 - Untrusted Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to untrusted pointer dereference when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it and execute arbitrary code on the target system.
Install updates from vendor's website.
Vulnerable software versionsAdobe Reader: 2015.006.30306 - 2019.010.20069
Adobe Acrobat: 15.006.30306 - 19.010.20069
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb19-07.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
47) Untrusted pointer dereference
EUVDB-ID: #VU17527
Risk: High
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2019-7046
CWE-ID:
CWE-822 - Untrusted Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to untrusted pointer dereference when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it and execute arbitrary code on the target system.
Install updates from vendor's website.
Vulnerable software versionsAdobe Reader: 2015.006.30306 - 2019.010.20069
Adobe Acrobat: 15.006.30306 - 19.010.20069
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb19-07.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
48) Untrusted pointer dereference
EUVDB-ID: #VU17528
Risk: High
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2019-7051
CWE-ID:
CWE-822 - Untrusted Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to untrusted pointer dereference when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it and execute arbitrary code on the target system.
Install updates from vendor's website.
Vulnerable software versionsAdobe Reader: 2015.006.30306 - 2019.010.20069
Adobe Acrobat: 15.006.30306 - 19.010.20069
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb19-07.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
49) Untrusted pointer dereference
EUVDB-ID: #VU17529
Risk: High
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2019-7054
CWE-ID:
CWE-822 - Untrusted Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to untrusted pointer dereference when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it and execute arbitrary code on the target system.
Install updates from vendor's website.
Vulnerable software versionsAdobe Reader: 2015.006.30306 - 2019.010.20069
Adobe Acrobat: 15.006.30306 - 19.010.20069
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb19-07.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
50) Untrusted pointer dereference
EUVDB-ID: #VU17530
Risk: High
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2019-7066
CWE-ID:
CWE-822 - Untrusted Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to untrusted pointer dereference when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it and execute arbitrary code on the target system.
Install updates from vendor's website.
Vulnerable software versionsAdobe Reader: 2015.006.30306 - 2019.010.20069
Adobe Acrobat: 15.006.30306 - 19.010.20069
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb19-07.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
51) Untrusted pointer dereference
EUVDB-ID: #VU17531
Risk: High
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2019-7076
CWE-ID:
CWE-822 - Untrusted Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to untrusted pointer dereference when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it and execute arbitrary code on the target system.
Install updates from vendor's website.
Vulnerable software versionsAdobe Reader: 2015.006.30306 - 2019.010.20069
Adobe Acrobat: 15.006.30306 - 19.010.20069
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb19-07.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
52) Use-after-free
EUVDB-ID: #VU17532
Risk: High
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2019-7018
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to use-after-free error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it and execute arbitrary code on the target system.
Install updates from vendor's website.
Vulnerable software versionsAdobe Reader: 2015.006.30306 - 2019.010.20069
Adobe Acrobat: 15.006.30306 - 19.010.20069
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb19-07.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
53) Use-after-free
EUVDB-ID: #VU17534
Risk: High
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2019-7025
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to use-after-free error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it and execute arbitrary code on the target system.
Install updates from vendor's website.
Vulnerable software versionsAdobe Reader: 2015.006.30306 - 2019.010.20069
Adobe Acrobat: 15.006.30306 - 19.010.20069
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb19-07.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
54) Use-after-free
EUVDB-ID: #VU17535
Risk: High
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2019-7026
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to use-after-free error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it and execute arbitrary code on the target system.
Install updates from vendor's website.
Vulnerable software versionsAdobe Reader: 2015.006.30306 - 2019.010.20069
Adobe Acrobat: 15.006.30306 - 19.010.20069
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb19-07.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
55) Use-after-free
EUVDB-ID: #VU17536
Risk: High
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2019-7029
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to use-after-free error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it and execute arbitrary code on the target system.
Install updates from vendor's website.
Vulnerable software versionsAdobe Reader: 2015.006.30306 - 2019.010.20069
Adobe Acrobat: 15.006.30306 - 19.010.20069
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb19-07.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
56) Use-after-free
EUVDB-ID: #VU17537
Risk: High
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2019-7031
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to use-after-free error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it and execute arbitrary code on the target system.
Install updates from vendor's website.
Vulnerable software versionsAdobe Reader: 2015.006.30306 - 2019.010.20069
Adobe Acrobat: 15.006.30306 - 19.010.20069
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb19-07.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
57) Use-after-free
EUVDB-ID: #VU17538
Risk: High
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2019-7040
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to use-after-free error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it and execute arbitrary code on the target system.
Install updates from vendor's website.
Vulnerable software versionsAdobe Reader: 2015.006.30306 - 2019.010.20069
Adobe Acrobat: 15.006.30306 - 19.010.20069
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb19-07.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
58) Use-after-free
EUVDB-ID: #VU17539
Risk: High
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2019-7043
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to use-after-free error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it and execute arbitrary code on the target system.
Install updates from vendor's website.
Vulnerable software versionsAdobe Reader: 2015.006.30306 - 2019.010.20069
Adobe Acrobat: 15.006.30306 - 19.010.20069
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb19-07.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
59) Use-after-free
EUVDB-ID: #VU17540
Risk: High
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2019-7044
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to use-after-free error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it and execute arbitrary code on the target system.
Install updates from vendor's website.
Vulnerable software versionsAdobe Reader: 2015.006.30306 - 2019.010.20069
Adobe Acrobat: 15.006.30306 - 19.010.20069
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb19-07.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
60) Use-after-free
EUVDB-ID: #VU17541
Risk: High
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2019-7048
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to use-after-free error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it and execute arbitrary code on the target system.
Install updates from vendor's website.
Vulnerable software versionsAdobe Reader: 2015.006.30306 - 2019.010.20069
Adobe Acrobat: 15.006.30306 - 19.010.20069
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb19-07.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
61) Use-after-free
EUVDB-ID: #VU17542
Risk: High
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2019-7050
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to use-after-free error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it and execute arbitrary code on the target system.
Install updates from vendor's website.
Vulnerable software versionsAdobe Reader: 2015.006.30306 - 2019.010.20069
Adobe Acrobat: 15.006.30306 - 19.010.20069
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb19-07.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
62) Use-after-free
EUVDB-ID: #VU17543
Risk: High
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2019-7062
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to use-after-free error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it and execute arbitrary code on the target system.
Install updates from vendor's website.
Vulnerable software versionsAdobe Reader: 2015.006.30306 - 2019.010.20069
Adobe Acrobat: 15.006.30306 - 19.010.20069
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb19-07.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
63) Use-after-free
EUVDB-ID: #VU17544
Risk: High
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2019-7068
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to use-after-free error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it and execute arbitrary code on the target system.
Install updates from vendor's website.
Vulnerable software versionsAdobe Reader: 2015.006.30306 - 2019.010.20069
Adobe Acrobat: 15.006.30306 - 19.010.20069
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb19-07.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
64) Use-after-free
EUVDB-ID: #VU17545
Risk: High
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2019-7070
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to use-after-free error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it and execute arbitrary code on the target system.
Install updates from vendor's website.
Vulnerable software versionsAdobe Reader: 2015.006.30306 - 2019.010.20069
Adobe Acrobat: 15.006.30306 - 19.010.20069
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb19-07.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
65) Use-after-free
EUVDB-ID: #VU17546
Risk: High
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2019-7072
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to use-after-free error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it and execute arbitrary code on the target system.
Install updates from vendor's website.
Vulnerable software versionsAdobe Reader: 2015.006.30306 - 2019.010.20069
Adobe Acrobat: 15.006.30306 - 19.010.20069
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb19-07.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
66) Use-after-free
EUVDB-ID: #VU17547
Risk: High
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2019-7075
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to use-after-free error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it and execute arbitrary code on the target system.
Install updates from vendor's website.
Vulnerable software versionsAdobe Reader: 2015.006.30306 - 2019.010.20069
Adobe Acrobat: 15.006.30306 - 19.010.20069
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb19-07.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
67) Use-after-free
EUVDB-ID: #VU17548
Risk: High
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2019-7077
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to use-after-free error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it and execute arbitrary code on the target system.
Install updates from vendor's website.
Vulnerable software versionsAdobe Reader: 2015.006.30306 - 2019.010.20069
Adobe Acrobat: 15.006.30306 - 19.010.20069
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb19-07.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
68) Use-after-free
EUVDB-ID: #VU17549
Risk: High
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2019-7078
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to use-after-free error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it and execute arbitrary code on the target system.
Install updates from vendor's website.
Vulnerable software versionsAdobe Reader: 2015.006.30306 - 2019.010.20069
Adobe Acrobat: 15.006.30306 - 19.010.20069
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb19-07.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
69) Use-after-free
EUVDB-ID: #VU17550
Risk: High
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2019-7082
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to use-after-free error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it and execute arbitrary code on the target system.
Install updates from vendor's website.
Vulnerable software versionsAdobe Reader: 2015.006.30306 - 2019.010.20069
Adobe Acrobat: 15.006.30306 - 19.010.20069
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb19-07.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
70) Use-after-free
EUVDB-ID: #VU17551
Risk: High
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2019-7083
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to use-after-free error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it and execute arbitrary code on the target system.
Install updates from vendor's website.
Vulnerable software versionsAdobe Reader: 2015.006.30306 - 2019.010.20069
Adobe Acrobat: 15.006.30306 - 19.010.20069
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb19-07.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
71) Use-after-free
EUVDB-ID: #VU17552
Risk: High
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2019-7084
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to use-after-free error when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it and execute arbitrary code on the target system.
Install updates from vendor's website.
Vulnerable software versionsAdobe Reader: 2015.006.30306 - 2019.010.20069
Adobe Acrobat: 15.006.30306 - 19.010.20069
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb19-07.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
