PT-2019-4361 · Adobe · Acrobat+1
Published
2019-05-14
·
Updated
2019-10-28
·
CVE-2019-8238
CVSS v3.1
7.5
High
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
Adobe Acrobat and Reader versions 2019.010.20100 and earlier
Adobe Acrobat and Reader versions 2017.011.30140 and earlier
Adobe Acrobat and Reader versions 2015.006.30495 and earlier
Description
The issue is related to a Path Traversal vulnerability. This vulnerability exists due to incorrect restriction of the path name to a directory with limited access. Successful exploitation could lead to Information Disclosure in the context of the current user. An attacker, acting remotely, may be able to disclose protected information.
Recommendations
For Adobe Acrobat and Reader versions 2019.010.20100 and earlier, update to a version later than 2019.010.20100 to resolve the issue.
For Adobe Acrobat and Reader versions 2017.011.30140 and earlier, update to a version later than 2017.011.30140 to resolve the issue.
For Adobe Acrobat and Reader versions 2015.006.30495 and earlier, update to a version later than 2015.006.30495 to resolve the issue.
Fix
Path traversal
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Acrobat
Reader