PT-2019-3402 · Adobe · Acrobat+5
Mr_Me
+1
·
Published
2019-05-14
·
Updated
2020-08-24
·
CVE-2019-7828
CVSS v2.0
9.3
High
| Vector | AV:N/AC:M/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
Adobe Acrobat versions prior to 2019.010.20101
Adobe Acrobat Reader versions prior to 2019.010.20101
Adobe Acrobat 2017 versions prior to 2017.011.30141
Adobe Acrobat Reader 2017 versions prior to 2017.011.30141
Adobe Acrobat 2015 versions prior to 2015.006.30496
Adobe Acrobat Reader 2015 versions prior to 2015.006.30496
Description
The issue is related to a heap overflow vulnerability in Adobe Acrobat and Reader. This vulnerability can be exploited by a remote attacker to execute arbitrary code. The heap overflow occurs due to an operation exceeding the boundaries of a buffer in memory.
Recommendations
For Adobe Acrobat and Reader versions 2019.010.20100 and earlier, update to version 2019.010.20101 or later.
For Adobe Acrobat and Reader 2017 versions 2017.011.30140 and earlier, update to version 2017.011.30141 or later.
For Adobe Acrobat and Reader 2015 versions 2015.006.30495 and earlier, update to version 2015.006.30496 or later.
As a temporary workaround, consider restricting access to PDF files from untrusted sources until a patch is applied.
Fix
Buffer Overflow
Memory Corruption
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Acrobat
Acrobat 2015
Acrobat 2017
Acrobat Reader
Acrobat Reader 2015
Acrobat Reader 2017