Main Vulnerability Database Vulnerabilities #VU17820

#VU17820 Information disclosure in Adobe Reader and Adobe Acrobat - CVE-2019-7815

Published: February 21, 2019

Vulnerability identifier: #VU17820

Vulnerability risk: Medium

CVSSv4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Green

CVE-ID: CVE-2019-7815

CWE-ID: CWE-200

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vulnerable software:
Adobe Reader
Adobe Acrobat

Software vendor:
Adobe

Description

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to insufficient measures, implemented in patch for Adobe Acrobat and Reader in versions 2019.010.20091, 2017.011.30120 and 2015.006.30475, described in SB2019021207 #3 (CVE-2019-7089). A remote attacker can bypass implemented protection and gain unauthorized access to sensitive information on the system.

Remediation

Install updates from vendor's website.

External links

https://helpx.adobe.com/security/products/acrobat/apsb19-13.html

#VU17820 Information disclosure in Adobe Reader and Adobe Acrobat - CVE-2019-7815

Description

Remediation

External links

Please verify you're human