CVE-2019-8160

Name of the Vulnerable Software and Affected Versions Adobe Acrobat versions prior to 2019.012.20040 Adobe Acrobat Reader versions prior to 2019.012.20040 Adobe Acrobat 2017 versions prior to 2017.011.30148 Adobe Acrobat Reader 2017 versions prior to 2017.011.30148 Adobe Acrobat 2015 versions prior to 2015.006.30503 Adobe Acrobat Reader 2015 versions prior to 2015.006.30503

Description The issue is related to the lack of input data sanitization in Adobe Acrobat and Reader, which can be exploited by a remote attacker to disclose protected information. This is a cross-site scripting vulnerability that could lead to information disclosure if successfully exploited.

Recommendations For Adobe Acrobat and Adobe Acrobat Reader versions prior to 2019.012.20040, update to version 2019.012.20040 or later. For Adobe Acrobat 2017 and Adobe Acrobat Reader 2017 versions prior to 2017.011.30148, update to version 2017.011.30148 or later. For Adobe Acrobat 2015 and Adobe Acrobat Reader 2015 versions prior to 2015.006.30503, update to version 2015.006.30503 or later. As a temporary workaround, consider restricting access to sensitive information until the issue is resolved.