PT-2019-5571 · Adobe · Acrobat+5

Publicado

2019-02-12

·

Atualizado

2019-08-21

·

CVE-2019-7083

CVSS v3.1

10

Crítica

VetorAV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions Adobe Acrobat versions prior to 2019.010.20069 Adobe Acrobat Reader versions prior to 2019.010.20069 Adobe Acrobat 2017 versions prior to 2017.011.30113 Adobe Acrobat Reader 2017 versions prior to 2017.011.30113 Adobe Acrobat 2015 versions prior to 2015.006.30464 Adobe Acrobat Reader 2015 versions prior to 2015.006.30464
Description The issue is related to a use-after-free vulnerability, which can be exploited by an attacker to execute arbitrary code in the context of the current user. This can be achieved by using a specially crafted PDF file. The estimated number of potentially affected devices worldwide is not specified.
Recommendations For Adobe Acrobat versions prior to 2019.010.20069, update to version 2019.010.20069 or later. For Adobe Acrobat Reader versions prior to 2019.010.20069, update to version 2019.010.20069 or later. For Adobe Acrobat 2017 versions prior to 2017.011.30113, update to version 2017.011.30113 or later. For Adobe Acrobat Reader 2017 versions prior to 2017.011.30113, update to version 2017.011.30113 or later. For Adobe Acrobat 2015 versions prior to 2015.006.30464, update to version 2015.006.30464 or later. For Adobe Acrobat Reader 2015 versions prior to 2015.006.30464, update to version 2015.006.30464 or later.

Correção

Use After Free

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-416

Identificadores relacionados

BDU:2020-04244
CVE-2019-7083

Produtos afetados

Acrobat
Acrobat 2015
Acrobat 2017
Acrobat Reader
Acrobat Reader 2015
Acrobat Reader 2017