CVE-2019-7140: Adobe Acrobat Pro DC PostScript JPEG Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
First published: Wed May 22 2019(Updated: )
Credit: psirt@adobe.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Adobe Acrobat Pro DC | ||
| Adobe Acrobat Dc | >=15.006.30060<=15.006.30495 | |
| Adobe Acrobat Dc | >=15.008.20082<=19.010.20100 | |
| Adobe Acrobat Dc | >=17.011.30056<=17.011.30140 | |
| Adobe Acrobat Reader DC | >=15.006.30060<=15.006.30493 | |
| Adobe Acrobat Reader DC | >=15.008.20082<=19.010.20099 | |
| Adobe Acrobat Reader DC | >=17.011.30059<=17.011.30138 | |
| Apple Mac OS X | ||
| Microsoft Windows |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID?
The vulnerability ID is CVE-2019-7140.
What is the title of the vulnerability?
The title of the vulnerability is Adobe Acrobat Pro DC PostScript JPEG Parsing Out-Of-Bounds Read Information Disclosure Vulnerability.
What is the severity of CVE-2019-7140?
The severity of CVE-2019-7140 is medium with a CVSS score of 6.5.
How can this vulnerability be exploited?
This vulnerability can be exploited by remote attackers who trick users into visiting a malicious page or opening a malicious file.
How can I fix CVE-2019-7140?
To fix CVE-2019-7140, it is recommended to update to the latest version of Adobe Acrobat Pro DC.
- collector/zdi-advisory
- alias/ZDI-19-479
- alias/ZDI-CAN-7775
- alias/CVE-2019-7140
- collector/nvd-index
- vendor/adobe
- product/acrobat pro dc
- canonical/adobe acrobat pro dc
- product/acrobat dc
- canonical/adobe acrobat dc
- product/acrobat reader dc
- canonical/adobe acrobat reader dc
- vendor/apple
- product/mac os x
- canonical/apple mac os x
- vendor/microsoft
- product/windows
- canonical/microsoft windows