Vulnerability Name: | CVE-2019-7796 (CCN-160817) | ||||||||||||
Assigned: | 2019-05-14 | ||||||||||||
Published: | 2019-05-14 | ||||||||||||
Updated: | 2019-08-21 | ||||||||||||
Summary: | Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010.20099 and earlier, 2017.011.30140 and earlier, 2017.011.30138 and earlier, 2015.006.30495 and earlier, and 2015.006.30493 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution. | ||||||||||||
CVSS v3 Severity: | 8.8 High (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H) 7.7 High (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)
6.8 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)
| ||||||||||||
CVSS v2 Severity: | 9.3 High (CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C)
| ||||||||||||
Vulnerability Type: | CWE-416 | ||||||||||||
Vulnerability Consequences: | Gain Access | ||||||||||||
References: | Source: MITRE Type: CNA CVE-2019-7796 Source: BID Type: Third Party Advisory, VDB Entry 108320 Source: XF Type: UNKNOWN adobe-reader-cve20197796-code-exec(160817) Source: CCN Type: Adobe Security Bulletin APSB19-18 Security Updates Available for Adobe Acrobat and Reader Source: CONFIRM Type: Patch, Vendor Advisory https://helpx.adobe.com/security/products/acrobat/apsb19-18.html Source: CCN Type: ZDI-19-496 Adobe Acrobat Pro DC HTML2PDF HTML Parsing Use-After-Free Remote Code Execution Vulnerability Source: CCN Type: ZDI-19-496 Adobe Acrobat Pro DC HTML2PDF HTML Parsing Use-After-Free Remote Code Execution Vulnerability Source: MISC Type: Third Party Advisory, VDB Entry https://www.zerodayinitiative.com/advisories/ZDI-19-496/ | ||||||||||||
Vulnerable Configuration: | Configuration 1: Denotes that component is vulnerable | ||||||||||||
BACK |