Multiple vulnerabilities in Adobe Acrobat and Adobe Acrobat Reader

Description

Multiple vulnerabilities were found in Adobe Acrobat and Adobe Acrobat Reader. Malicious users can exploit these vulnerabilities to obtain sensitive information and execute arbitrary code, bypass security restrictions.

Below is a complete list of vulnerabilities:

1. Multiple out-of-bound read vulnerabilities can be exploited to obtain sensitive information;
2. Multiple out-of-bounds write vulnerabilities can be exploited to execute arbitrary code;
3. A command injection vulnerability can be exploited to execute arbitrary code;
4. Multiple use-after-free vulnerabilities can be exploited to execute arbitrary code;
5. Multiple heap overflow vulnerabilities can be exploited to execute arbitrary code;
6. A buffer error vulnerability can be exploited to execute arbitrary code;
7. A double free vulnerability can be exploited to execute arbitrary code;
8. Multiple integer overflow vulnerabilities can be exploited to obtain sensitive information;
9. An internal IP disclosure vulnerability can be exploited to obtain sensitive information;
10. A type confusion vulnerability can be exploited to execute arbitrary code;
11. Multiple untrusted pointer dereference vulnerabilities can be exploited to execute arbitrary code;
12. Insufficiently Robust Encryption can be exploited to bypass security restrictions;

Original advisories

• APSB19-41

Exploitation

Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.

Related products

• Adobe-Acrobat-Reader-DC-Continuous
• Adobe-Acrobat-Reader-DC-Classic
• Adobe-Acrobat-DC-Continuous
• Adobe-Acrobat-DC-Classic
• Adobe-Acrobat-Reader-2017
• Adobe-Acrobat-2017

CVE list

• CVE-2019-8077
  warning
• CVE-2019-8094
  warning
• CVE-2019-8095
  warning
• CVE-2019-8096
  warning
• CVE-2019-8102
  warning
• CVE-2019-8103
  warning
• CVE-2019-8104
  warning
• CVE-2019-8105
  warning
• CVE-2019-8106
  warning
• CVE-2019-8002
  warning
• CVE-2019-8004
  warning
• CVE-2019-8005
  warning
• CVE-2019-8007
  warning
• CVE-2019-8010
  warning
• CVE-2019-8011
  warning
• CVE-2019-8012
  warning
• CVE-2019-8018
  warning
• CVE-2019-8020
  warning
• CVE-2019-8021
  warning
• CVE-2019-8032
  warning
• CVE-2019-8035
  warning
• CVE-2019-8037
  warning
• CVE-2019-8040
  warning
• CVE-2019-8043
  warning
• CVE-2019-8052
  warning
• CVE-2019-8098
  critical
• CVE-2019-8100
  critical
• CVE-2019-7965
  critical
• CVE-2019-8008
  high
• CVE-2019-8009
  critical
• CVE-2019-8016
  critical
• CVE-2019-8022
  critical
• CVE-2019-8023
  critical
• CVE-2019-8027
  high
• CVE-2019-8060
  critical
• CVE-2019-8003
  critical
• CVE-2019-8013
  high
• CVE-2019-8024
  critical
• CVE-2019-8025
  critical
• CVE-2019-8026
  critical
• CVE-2019-8028
  critical
• CVE-2019-8029
  critical
• CVE-2019-8030
  critical
• CVE-2019-8031
  critical
• CVE-2019-8033
  high
• CVE-2019-8034
  high
• CVE-2019-8036
  critical
• CVE-2019-8038
  high
• CVE-2019-8039
  high
• CVE-2019-8047
  critical
• CVE-2019-8051
  warning
• CVE-2019-8053
  warning
• CVE-2019-8054
  warning
• CVE-2019-8055
  critical
• CVE-2019-8056
  warning
• CVE-2019-8057
  high
• CVE-2019-8058
  warning
• CVE-2019-8059
  warning
• CVE-2019-8061
  critical
• CVE-2019-8014
  high
• CVE-2019-8015
  critical
• CVE-2019-8041
  critical
• CVE-2019-8042
  critical
• CVE-2019-8046
  critical
• CVE-2019-8049
  critical
• CVE-2019-8050
  critical
• CVE-2019-8048
  critical
• CVE-2019-8044
  critical
• CVE-2019-8099
  warning
• CVE-2019-8101
  warning
• CVE-2019-8097
  warning
• CVE-2019-8019
  high
• CVE-2019-8006
  critical
• CVE-2019-8017
  critical
• CVE-2019-8045
  critical
• CVE-2019-8066
  high
• CVE-2019-8237
  critical
• CVE-2019-8249
  high
• CVE-2019-8250
  high
• CVE-2019-8251
  warning
• CVE-2019-8252
  warning
• CVE-2019-8257
  critical

Read more

Find out the statistics of the vulnerabilities spreading in your region on statistics.securelist.com