CVE-2016-7889Sensitive Information Exposure in Adobe Digital Editions

CWE-200Sensitive Information Exposure3 documents3 sources
Severity
7.5HIGHNVD
EPSS
2.0%
top 16.30%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Adobe Digital Editions
Timeline
PublishedDec 15
Latest updateMay 17

Description

Adobe Digital Editions versions 4.5.2 and earlier has an issue with parsing crafted XML entries that could lead to information disclosure.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:NExploitability: 3.9 | Impact: 3.6

Affected Packages1 packages

Patches

Patch: helpx.adobe.comPatch: helpx.adobe.com

🔴Vulnerability Details

2
GHSA
GHSA-4298-8gmh-8f82: Adobe Digital Editions versions 42022-05-17
CVEList
CVE-2016-7889: Adobe Digital Editions versions 42016-12-15
CVE-2016-7889 — Sensitive Information Exposure in Adobe | cvebase