CVE-2019-7084

Name of the Vulnerable Software and Affected Versions Adobe Acrobat versions prior to 2019.010.20070 Adobe Acrobat Reader versions prior to 2019.010.20070 Adobe Acrobat 2017 versions prior to 2017.011.30114 Adobe Acrobat Reader 2017 versions prior to 2017.011.30114 Adobe Acrobat 2015 versions prior to 2015.006.30465 Adobe Acrobat Reader 2015 versions prior to 2015.006.30465

Description The issue is related to a use-after-free vulnerability, which can be exploited by an attacker to execute arbitrary code in the context of the current user. This can be achieved by using a specially crafted PDF file. The estimated number of potentially affected devices worldwide is not specified.

Recommendations For Adobe Acrobat and Reader versions 2019.010.20069 and earlier, update to version 2019.010.20070 or later. For Adobe Acrobat 2017 version 2017.011.30113 and earlier, update to version 2017.011.30114 or later. For Adobe Acrobat 2015 version 2015.006.30464 and earlier, update to version 2015.006.30465 or later. As a temporary workaround, consider avoiding the use of Adobe Acrobat and Reader to open PDF files from untrusted sources until a patch is available.