CVE-2019-7114 — Out-of-bounds Read in Adobe Acrobat DC

CWE-125 — Out-of-bounds Read5 documents5 sources

Severity

7.5HIGHNVD

EPSS

2.4%

top 14.92%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Adobe Acrobat DC Adobe Acrobat Reader DC Adobe Acrobat AND Reader

Timeline

PublishedMay 23

Latest updateMay 24

Description

Adobe Acrobat and Reader versions 2019.010.20098 and earlier, 2019.010.20098 and earlier, 2017.011.30127 and earlier version, and 2015.006.30482 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure .

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:NExploitability: 3.9 | Impact: 3.6

Affected Packages3 packages

▶NVDadobe/acrobat_reader_dc15.006.30060 — 15.006.30493+2

▶CVEListV5adobe/adobe_acrobat_and_reader2019.010.20098 and earlier, 2019.010.20098 and earlier, 2017.011.30127 and earlier version, and 2015.006.30482 and earlier versions

▶NVDadobe/acrobat_dc15.006.30060 — 15.006.30493+2

Patches

Patch: helpx.adobe.com ↗Patch: helpx.adobe.com ↗

🔴Vulnerability Details

GHSA

GHSA-jh3r-wp2v-g2f5: Adobe Acrobat and Reader versions 2019↗2022-05-24

▶

CVEList

CVE-2019-7114: Adobe Acrobat and Reader versions 2019↗2019-05-23

▶

💥Exploits & PoCs

Exploit-DB

Netartmedia Event Portal 2.0 - 'Email' SQL Injection↗2019-03-19

▶

🕵️Threat Intelligence

Zscaler

Zscaler found Adobe Security Vulnerabilities | 04-09-2019↗

▶