| Vulnerability Name: | CVE-2019-7090 (CCN-156652) | ||||||||||||
| Assigned: | 2019-02-12 | ||||||||||||
| Published: | 2019-02-12 | ||||||||||||
| Updated: | 2021-09-08 | ||||||||||||
| Summary: | Flash Player Desktop Runtime versions 32.0.0.114 and earlier, Flash Player for Google Chrome versions 32.0.0.114 and earlier, and Flash Player for Microsoft Edge and Internet Explorer 11 versions 32.0.0.114 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. | ||||||||||||
| CVSS v3 Severity: | 6.5 Medium (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N) 5.7 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C)
5.7 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C)
| ||||||||||||
| CVSS v2 Severity: | 4.3 Medium (CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:N/A:N)
| ||||||||||||
| Vulnerability Type: | CWE-125 | ||||||||||||
| Vulnerability Consequences: | Obtain Information | ||||||||||||
| References: | Source: MITRE Type: CNA CVE-2019-7090 Source: XF Type: UNKNOWN adobe-flash-cve20197090-info-disc(156652) Source: CCN Type: Adobe Security Bulletin APSB19-06 Security updates available for Adobe Flash Player Source: CONFIRM Type: Vendor Advisory https://helpx.adobe.com/security/products/flash-player/apsb19-06.html Source: CCN Type: ZDI-19-219 Adobe Flash Player ActionScript Vector Out-Of-Bounds Read Information Disclosure Vulnerability | ||||||||||||
| Vulnerable Configuration: | Configuration 1: Configuration 2: Configuration 3: Configuration CCN 1:  Denotes that component is vulnerable | ||||||||||||
| BACK | |||||||||||||