CVE-2019-7078

Name of the Vulnerable Software and Affected Versions Adobe Acrobat versions prior to 2019.010.20070 Adobe Acrobat Reader versions prior to 2019.010.20070 Adobe Acrobat 2017 versions prior to 2017.011.30114 Adobe Acrobat Reader 2017 versions prior to 2017.011.30114 Adobe Acrobat 2015 versions prior to 2015.006.30465 Adobe Acrobat Reader 2015 versions prior to 2015.006.30465

Description The issue is related to a use-after-free vulnerability in Adobe Acrobat and Reader. This vulnerability can be exploited by a remote attacker using a specially crafted PDF file, potentially allowing them to execute arbitrary code in the context of the current user.

Recommendations For Adobe Acrobat and Adobe Acrobat Reader versions 2019.010.20069 and earlier, update to version 2019.010.20070 or later. For Adobe Acrobat 2017 and Adobe Acrobat Reader 2017 version 2017.011.30113 and earlier, update to version 2017.011.30114 or later. For Adobe Acrobat 2015 and Adobe Acrobat Reader 2015 version 2015.006.30464 and earlier, update to version 2015.006.30465 or later. As a temporary workaround, consider avoiding the use of the HTML2PDF HTML parsing functionality until a patch is available.