Kaspersky Threats

Detect date

?

05/14/2019

Severity

?

Critical

Description

Multiple vulnerabilities were found in Adobe Acrobat&Reader. Malicious users can exploit these vulnerabilities to obtain sensitive information and execute arbitrary code.

Below is a complete list of vulnerabilities:

Out-of-bounds read vulnerability in Adobe Acrobat and Reader can be exploited to obtain sensitive information;
Out-of-bounds write vulnerability in Adobe Acrobat and Reader can be exploited to execute arbitrary code;
Type confusion vulnerability in Adobe Acrobat and Reader can be exploited to execute arbitrary code;
Use after free vulnerability in Adobe Acrobat and Reader can be exploited to execute arbitrary code;
Heap overflow vulnerability in Adobe Acrobat and Reader can be exploited to execute arbitrary code;
Buffer error vulnerability in Adobe Acrobat and Reader can be exploited to execute arbitrary code;
Double free vulnerability in Adobe Acrobat and Reader can be exploited to execute arbitrary code;
Security bypass vulnerability in Adobe Acrobat and Reader can be exploited to execute arbitrary code;
Path traversal vulnerability can be exploited to obtain sensitive information.

Affected products

Acrobat DC Continuous 2019.010.20100 and earlier versions
Acrobat Reader DC Continuous 2019.010.20099 and earlier versions
Acrobat 2017 2017.011.30140 and earlier version
Acrobat Reader 2017.011.30138 and earlier version
Acrobat DC Classic 2015.006.30495 and earlier versions
Acrobat Reader DC Classic 2015.006.30493 and earlier versions

Solution

Update to the latest version
Download Adobe Acrobat Reader DC

Original advisories

APSB19-18

Impacts

?

ACE

[?]

OSI

[?]

Related products

Adobe Acrobat Reader DC Continuous
Adobe Acrobat Reader DC Classic
Adobe Acrobat DC Continuous
Adobe Acrobat DC Classic
Adobe Acrobat Reader 2017
Adobe Acrobat 2017

CVE-IDS

?

Detect date ?	05/14/2019
Severity ?	Critical
Description	Multiple vulnerabilities were found in Adobe Acrobat&Reader. Malicious users can exploit these vulnerabilities to obtain sensitive information and execute arbitrary code. Below is a complete list of vulnerabilities: Out-of-bounds read vulnerability in Adobe Acrobat and Reader can be exploited to obtain sensitive information; Out-of-bounds write vulnerability in Adobe Acrobat and Reader can be exploited to execute arbitrary code; Type confusion vulnerability in Adobe Acrobat and Reader can be exploited to execute arbitrary code; Use after free vulnerability in Adobe Acrobat and Reader can be exploited to execute arbitrary code; Heap overflow vulnerability in Adobe Acrobat and Reader can be exploited to execute arbitrary code; Buffer error vulnerability in Adobe Acrobat and Reader can be exploited to execute arbitrary code; Double free vulnerability in Adobe Acrobat and Reader can be exploited to execute arbitrary code; Security bypass vulnerability in Adobe Acrobat and Reader can be exploited to execute arbitrary code; Path traversal vulnerability can be exploited to obtain sensitive information.
Affected products	Acrobat DC Continuous 2019.010.20100 and earlier versions Acrobat Reader DC Continuous 2019.010.20099 and earlier versions Acrobat 2017 2017.011.30140 and earlier version Acrobat Reader 2017.011.30138 and earlier version Acrobat DC Classic 2015.006.30495 and earlier versions Acrobat Reader DC Classic 2015.006.30493 and earlier versions
Solution	Update to the latest version Download Adobe Acrobat Reader DC
Original advisories	APSB19-18
Impacts ?	ACE [?] OSI [?]
Related products	Adobe Acrobat Reader DC Continuous Adobe Acrobat Reader DC Classic Adobe Acrobat DC Continuous Adobe Acrobat DC Classic Adobe Acrobat Reader 2017 Adobe Acrobat 2017
CVE-IDS ?	CVE-2019-78410.0Unknown CVE-2019-78360.0Unknown CVE-2019-78260.0Unknown CVE-2019-78130.0Unknown CVE-2019-78120.0Unknown CVE-2019-78110.0Unknown CVE-2019-78100.0Unknown CVE-2019-78030.0Unknown CVE-2019-78020.0Unknown CVE-2019-78010.0Unknown CVE-2019-77990.0Unknown CVE-2019-77980.0Unknown CVE-2019-77950.0Unknown CVE-2019-77940.0Unknown CVE-2019-77930.0Unknown CVE-2019-77900.0Unknown CVE-2019-77890.0Unknown CVE-2019-77870.0Unknown CVE-2019-77800.0Unknown CVE-2019-77780.0Unknown CVE-2019-77770.0Unknown CVE-2019-77760.0Unknown CVE-2019-77750.0Unknown CVE-2019-77740.0Unknown CVE-2019-77730.0Unknown CVE-2019-77710.0Unknown CVE-2019-77700.0Unknown CVE-2019-77690.0Unknown CVE-2019-77580.0Unknown CVE-2019-71450.0Unknown CVE-2019-71440.0Unknown CVE-2019-71430.0Unknown CVE-2019-71420.0Unknown CVE-2019-71410.0Unknown CVE-2019-71400.0Unknown CVE-2019-78290.0Unknown CVE-2019-78250.0Unknown CVE-2019-78220.0Unknown CVE-2019-78180.0Unknown CVE-2019-78040.0Unknown CVE-2019-78000.0Unknown CVE-2019-78200.0Unknown CVE-2019-78350.0Unknown CVE-2019-78340.0Unknown CVE-2019-78330.0Unknown CVE-2019-78320.0Unknown CVE-2019-78310.0Unknown CVE-2019-78300.0Unknown CVE-2019-78230.0Unknown CVE-2019-78210.0Unknown CVE-2019-78170.0Unknown CVE-2019-78140.0Unknown CVE-2019-78090.0Unknown CVE-2019-78080.0Unknown CVE-2019-78070.0Unknown CVE-2019-78060.0Unknown CVE-2019-78050.0Unknown CVE-2019-77970.0Unknown CVE-2019-77960.0Unknown CVE-2019-77920.0Unknown CVE-2019-77910.0Unknown CVE-2019-77880.0Unknown CVE-2019-77860.0Unknown CVE-2019-77850.0Unknown CVE-2019-77830.0Unknown CVE-2019-77820.0Unknown CVE-2019-77810.0Unknown CVE-2019-77720.0Unknown CVE-2019-77680.0Unknown CVE-2019-77670.0Unknown CVE-2019-77660.0Unknown CVE-2019-77650.0Unknown CVE-2019-77640.0Unknown CVE-2019-77630.0Unknown CVE-2019-77620.0Unknown CVE-2019-77610.0Unknown CVE-2019-77600.0Unknown CVE-2019-77590.0Unknown CVE-2019-78280.0Unknown CVE-2019-78270.0Unknown CVE-2019-78240.0Unknown CVE-2019-77840.0Unknown CVE-2019-77790.0Unknown CVE-2019-79670.0Unknown CVE-2019-79660.0Unknown CVE-2019-82380.0Unknown