Vulnerability CVE-2019-7815


Published: 2019-05-24

Description:
Adobe Acrobat and Reader versions 2019.010.20091 and earlier, 2019.010.20091 and earlier, 2017.011.30120 and earlier version, and 2015.006.30475 and earlier have a data leakage (sensitive) vulnerability. Successful exploitation could lead to information disclosure.

Type:

CWE-200

(Information Exposure)

Vendor: Adobe
Product: Acrobat reader dc 
Version:
19.010.20069
19.010.20064
19.008.20081
19.008.20080
19.008.20074
19.008.20071
18.011.20063
18.011.20055
18.011.20040
18.011.20038
18.009.20050
18.009.20044
17.012.20098
17.012.20095
17.012.20093
17.011.30113
17.011.30110
17.011.30106
17.011.30105
17.011.30102
17.011.30099
17.011.30096
17.011.30080
17.011.30079
17.011.30078
17.011.30070
17.011.30068
17.011.30066
17.011.30065
17.011.30059
17.009.20058
17.009.20044
17.000.0000
15.023.20070
15.023.20056
15.023.20053
15.020.20042
15.020.20039
15.017.20053
15.017.20050
See more versions on NVD
Product: Acrobat dc 
Version:
19.010.20069
19.010.20064
19.008.20081
19.008.20080
19.008.20074
19.008.20071
18.011.20063
18.011.20058
18.011.20055
18.011.20040
18.011.20038
18.009.20050
18.009.20044
17.012.20098
17.012.20096
17.012.20095
17.012.20093
17.011.30113
17.011.30110
17.011.30106
17.011.30105
17.011.30102
17.011.30099
17.011.30096
17.011.30080
17.011.30079
17.011.30078
17.011.30070
17.011.30068
17.011.30066
17.011.30065
17.011.30059
17.011.30056
17.009.20058
17.009.20044
17.000.0000
15.023.20070
15.023.20056
15.023.20053
15.020.20042
15.020.20039
15.017.20053
See more versions on NVD
Product: Acrobat 
Version:
17.011.30113
17.011.30110
17.011.30106
17.011.30105
17.011.30102
17.011.30099
17.011.30096
17.011.30080
17.011.30079
17.011.30078
17.011.30070
17.011.30068
17.011.30065
17.011.30059
17.011.30056
See more versions on NVD
Product: Acrobat reader 
Version:
17.011.30102
17.011.30096
17.011.30059
See more versions on NVD

CVSS2 => (AV:N/AC:L/Au:N/C:C/I:N/A:N)

CVSS Base Score
Impact Subscore
Exploitability Subscore
7.8/10
6.9/10
10/10
Exploit range
Attack complexity
Authentication
Remote
Low
No required
Confidentiality impact
Integrity impact
Availability impact
Complete
None
None

 References:
https://helpx.adobe.com/security/products/acrobat/apsb19-13.html

Related CVE
CVE-2019-8076
Adobe application manager installer version 10.0 have an Insecure Library Loading (DLL hijacking) vulnerability. Successful exploitation could lead to Arbitrary Code Execution in the context of the current user.
CVE-2019-8070
Adobe Flash Player 32.0.0.238 and earlier versions, 32.0.0.207 and earlier versions have a Use after free vulnerability. Successful exploitation could lead to Arbitrary Code Execution in the context of the current user.
CVE-2019-8069
Adobe Flash Player 32.0.0.238 and earlier versions, 32.0.0.207 and earlier versions have a Same Origin Method Execution vulnerability. Successful exploitation could lead to Arbitrary Code Execution in the context of the current user.
CVE-2019-8001
Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier have an out of bound write vulnerability. Successful exploitation could lead to arbitrary code execution.
CVE-2019-8000
Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier have an out of bound read vulnerability. Successful exploitation could lead to memory leak.
CVE-2019-7999
Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier have an out of bound read vulnerability. Successful exploitation could lead to memory leak.
CVE-2019-7998
Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier have an out of bound write vulnerability. Successful exploitation could lead to arbitrary code execution.
CVE-2019-7997
Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier have an out of bound write vulnerability. Successful exploitation could lead to arbitrary code execution.

Copyright 2019, cxsecurity.com

 

Back to Top