Main Vulnerability Database Vulnerabilities #VU17820

Information disclosure in Adobe Reader and Adobe Acrobat - CVE-2019-7815

Published: February 21, 2019

Vulnerability identifier: #VU17820

CSH Severity: Medium

CVSS v4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Green

CVE-ID: CVE-2019-7815

CWE-ID: CWE-200

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vendor: Adobe

Affected software:
Adobe Reader
Adobe Acrobat

Detailed vulnerability description

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to insufficient measures, implemented in patch for Adobe Acrobat and Reader in versions 2019.010.20091, 2017.011.30120 and 2015.006.30475, described in SB2019021207 #3 (CVE-2019-7089). A remote attacker can bypass implemented protection and gain unauthorized access to sensitive information on the system.

How to mitigate CVE-2019-7815

Install updates from vendor's website.

Sources

https://helpx.adobe.com/security/products/acrobat/apsb19-13.html

Information disclosure in Adobe Reader and Adobe Acrobat - CVE-2019-7815

Detailed vulnerability description

How to mitigate CVE-2019-7815

Sources

Please verify you're human