Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cveAdobeCVE-2019-8160
HistoryOct 17, 2019 - 9:15 p.m.

CVE-2019-8160

2019-10-1721:15:10
CWE-79
adobe
web.nvd.nist.gov
51
adobe
acrobat
reader
cross-site scripting
vulnerability
information disclosure

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

CVSS3

6.1

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

AI Score

6.6

Confidence

Low

EPSS

0.001

Percentile

41.1%

JSON

Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.011.30148 and earlier, 2017.011.30148 and earlier, 2015.006.30503 and earlier, and 2015.006.30503 and earlier have a cross-site scripting vulnerability. Successful exploitation could lead to information disclosure.

Affected configurations

Nvd
Vulners
Node
adobeacrobat_dcRange15.006.3006015.006.30504classic
OR
adobeacrobat_dcRange15.008.2008219.021.20047continuous
OR
adobeacrobat_dcRange17.011.3005917.011.30150classic
OR
adobeacrobat_reader_dcRange15.006.3006015.006.30504classic
OR
adobeacrobat_reader_dcRange15.008.2008219.021.20047continuous
OR
adobeacrobat_reader_dcRange17.011.3005917.011.30150classic
AND
applemac_os_xMatch-
OR
microsoftwindowsMatch-
VendorProductVersionCPE
adobeacrobat_dc*cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*
adobeacrobat_dc*cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*
adobeacrobat_reader_dc*cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*
adobeacrobat_reader_dc*cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*
applemac_os_x-cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*
microsoftwindows-cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*

CNA Affected

[
  {
    "product": "Adobe Acrobat and Reader",
    "vendor": "Adobe",
    "versions": [
      {
        "status": "affected",
        "version": "2019.012.20040 and earlier, 2017.011.30148 and earlier, 2017.011.30148 and earlier, 2015.006.30503 and earlier, and 2015.006.30503 and earlier versions"
      }
    ]
  }
]

Related

nvd 1
symantec 1
cvelist 1
prion 1
checkpoint_advisories 1
openvas 12
nessus 4
adobe 1
kaspersky 1
nvd
nvd
CVE-2019-8160
2019-10-17 21:15:10
symantec
symantec
Adobe Acrobat and Reader CVE-2019-8160 Cross Site Scripting Vulnerability
2019-10-15 00:00:00
cvelist
cvelist
CVE-2019-8160
2019-10-17 20:11:09
prion
prion
Cross site scripting
2019-10-17 21:15:00
checkpoint_advisories
checkpoint_advisories
Foxit Reader and PhantonPDF XFA gotoURL Command Injection (CVE-2017-10953; CVE-2019-8160)
2017-09-24 00:00:00
openvas
openvas
Adobe Acrobat Reader DC (Continuous Track) Security Updates (APSB19-49) - Windows
2019-10-16 00:00:00
Adobe Acrobat Reader DC (Continuous Track) Security Updates (APSB19-49) - Mac OS X
2019-10-16 00:00:00
Adobe Acrobat Reader DC (Classic Track) Security Updates (APSB19-49) - Windows
2019-10-16 00:00:00
nessus
nessus
Adobe Reader < 2015.006.30504 / 2017.011.30150 / 2019.021.20047 Multiple Vulnerabilities (APSB19-49) (macOS)
2019-10-16 00:00:00
Adobe Acrobat < 2015.006.30504 / 2017.011.30150 / 2019.021.20047 Multiple Vulnerabilities (APSB19-49)
2019-10-16 00:00:00
Adobe Reader < 2015.006.30504 / 2017.011.30150 / 2019.021.20047 Multiple Vulnerabilities (APSB19-49)
2019-10-16 00:00:00
adobe
adobe
APSB19-49 Security update available for Adobe Acrobat and Reader
2019-10-15 00:00:00
kaspersky
kaspersky
KLA11583 Multiple vulnerabilities in Adobe Acrobat and Adobe Acrobat Reader
2019-09-15 00:00:00

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

CVSS3

6.1

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

AI Score

6.6

Confidence

Low

EPSS

0.001

Percentile

41.1%

JSON
Related for CVE-2019-8160
nvd1symantec1cvelist1prion1checkpoint_advisories1openvas12nessus4adobe1kaspersky1