CVE-2019-7803: Adobe Acrobat Pro DC JPEG File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
First published: Wed May 22 2019(Updated: )
Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010.20099 and earlier, 2017.011.30140 and earlier, 2017.011.30138 and earlier, 2015.006.30495 and earlier, and 2015.006.30493 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.
Credit: psirt@adobe.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Adobe Acrobat Dc | >=15.006.30060<=15.006.30495 | |
| Adobe Acrobat Dc | >=15.008.20082<=19.010.20100 | |
| Adobe Acrobat Dc | >=17.011.30056<=17.011.30140 | |
| Adobe Acrobat Reader DC | >=15.006.30060<=15.006.30493 | |
| Adobe Acrobat Reader DC | >=15.008.20082<=19.010.20099 | |
| Adobe Acrobat Reader DC | >=17.011.30059<=17.011.30138 | |
| Apple Mac OS X | ||
| Microsoft Windows | ||
| Adobe Acrobat Pro DC |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for this Adobe Acrobat Pro DC vulnerability?
The vulnerability ID for this Adobe Acrobat Pro DC vulnerability is CVE-2019-7803.
What is the severity level of CVE-2019-7803?
The severity level of CVE-2019-7803 is medium.
How can remote attackers exploit CVE-2019-7803?
Remote attackers can exploit CVE-2019-7803 by tricking the target into visiting a malicious page or opening a malicious file.
Which software versions are affected by CVE-2019-7803?
The affected software versions for CVE-2019-7803 are Adobe Acrobat Pro DC versions 15.006.30060 to 15.006.30495, 17.011.30056 to 17.011.30140, and 19.010.20100 or lower.
Where can I find more information about CVE-2019-7803?
You can find more information about CVE-2019-7803 on the following references: [SecurityFocus](http://www.securityfocus.com/bid/108326), [Adobe Security Bulletin](https://helpx.adobe.com/security/products/acrobat/apsb19-18.html), and [Zero Day Initiative](https://www.zerodayinitiative.com/advisories/ZDI-19-493/).
- collector/nvd-index
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/author
- agent/severity
- agent/last-modified-date
- agent/remedy
- agent/references
- agent/title
- agent/weakness
- agent/tags
- agent/description
- agent/first-publish-date
- agent/event
- collector/zdi-advisory
- source/ZDI
- alias/ZDI-19-493
- alias/ZDI-CAN-8019
- alias/CVE-2019-7803
- agent/software-canonical-lookup
- vendor/adobe
- canonical/adobe acrobat dc
- version/adobe acrobat dc/15.006.30060
- version/adobe acrobat dc/15.006.30495
- version/adobe acrobat dc/15.008.20082
- version/adobe acrobat dc/19.010.20100
- version/adobe acrobat dc/17.011.30056
- version/adobe acrobat dc/17.011.30140
- canonical/adobe acrobat reader dc
- version/adobe acrobat reader dc/15.006.30060
- version/adobe acrobat reader dc/15.006.30493
- version/adobe acrobat reader dc/15.008.20082
- version/adobe acrobat reader dc/19.010.20099
- version/adobe acrobat reader dc/17.011.30059
- version/adobe acrobat reader dc/17.011.30138
- vendor/apple
- canonical/apple mac os x
- vendor/microsoft
- canonical/microsoft windows
- canonical/adobe acrobat pro dc