Main Vulnerability Database Vulnerabilities #VU17490

Information disclosure in Adobe Reader and Adobe Acrobat - CVE-2019-7089

Published: February 12, 2019

Vulnerability identifier: #VU17490

CSH Severity: Medium

CVSS v4.0: CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Green

CVE-ID: CVE-2019-7089

CWE-ID: CWE-200

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vendor: Adobe

Affected software:
Adobe Reader
Adobe Acrobat

Detailed vulnerability description

The vulnerability allows a remote attacker to gain access to sensitive information and compromise the affected system.

The vulnerability exists due to data leak when processing PDF files. A remote attacker can create a specially crafted PDF document, trick the victim into opening it and gain access to sensitive information.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

How to mitigate CVE-2019-7089

Install updates from vendor's website.

Sources

https://helpx.adobe.com/security/products/acrobat/apsb19-07.html

Information disclosure in Adobe Reader and Adobe Acrobat - CVE-2019-7089

Detailed vulnerability description

How to mitigate CVE-2019-7089

Sources

Please verify you're human