Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
kasperskyKaspersky LabKLA11676
HistoryOct 15, 2019 - 12:00 a.m.

KLA11676 Multiple vulnerabilities in Adobe Acrobat

2019-10-1500:00:00
Kaspersky Lab
threats.kaspersky.com
419

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

AI Score

7.7

Confidence

Low

EPSS

0.073

Percentile

94.1%

JSON

Multiple vulnerabilities were found in Adobe Acrobat. Malicious users can exploit these vulnerabilities to execute arbitrary code.

Below is a complete list of vulnerabilities:

  1. Buffer errors vulnerability can be exploited to execute arbitrary code.
  2. Use After Free vulnerability can be exploited to execute arbitrary code.

Original advisories

APSB19-49

Related products

Adobe-Acrobat

Adobe-Acrobat-Reader-DC-Continuous

Adobe-Acrobat-Reader-DC-Classic

Adobe-Acrobat-DC-Continuous

Adobe-Acrobat-DC-Classic

Adobe-Acrobat-Reader-2017

Adobe-Acrobat-2017

Adobe-Acrobat-Reader

CVE list

CVE-2019-16470 unknown

CVE-2019-16471 unknown

Solution

Update to the latest version

Download Adobe Acrobat Reader DC

Impacts

  • ACE

Arbitrary code execution. Exploitation of vulnerabilities with this impact can lead to executing by abuser any code or commands at vulnerable machine or process.

Affected Products

  • Acrobat DC Continuous earlier than 2019.021.20047Acrobat Reader DCΒ Continuous earlier than 2019.021.20047Acrobat 2017 Classic 2017 earlier than 2017.011.30150Acrobat Reader 2017 Classic 2017 earlier than 2017.011.30150Acrobat 2015 Classic 2015 earlier than 2015.006.30504Acrobat Reader 2015 Classic 2015 earlier than 2015.006.30504

Related

nvd 2
cvelist 2
prion 2
cnvd 1
cve 2
openvas 12
nessus 4
adobe 1
nvd
nvd
CVE-2019-16470
2023-09-11 14:15:07
CVE-2019-16471
2023-09-11 14:15:07
cvelist
cvelist
CVE-2019-16470 CoolType.dll crash - Tianfu Cup
2023-09-11 13:50:57
CVE-2019-16471 Use-After-Free in app.measureDialog - Tianfu Cup
2023-09-11 13:50:59
prion
prion
Stack overflow
2023-09-11 14:15:00
Design/Logic Flaw
2023-09-11 14:15:00
cnvd
cnvd
Command Execution Vulnerability in 4A Unified Security Control Platform of Beijing Qixingchen Information Security Technology Co.
2023-09-15 00:00:00
cve
cve
CVE-2019-16471
2023-09-11 14:15:07
CVE-2019-16470
2023-09-11 14:15:07
openvas
openvas
Adobe Acrobat DC 2015 Security Updates (APSB19-55) - Mac OS X
2019-12-12 00:00:00
Adobe Acrobat DC (Continuous) Security Updates (APSB19-55) - Mac OS X
2019-12-12 00:00:00
Adobe Reader DC (Continuous) Security Updates (APSB19-55) - Mac OS X
2019-12-12 00:00:00
nessus
nessus
Adobe Acrobat < 2015.006.30508 / 2017.011.30156 / 2019.021.20058 Multiple Vulnerabilities (APSB19-55)
2019-12-13 00:00:00
Adobe Reader < 2015.006.30508 / 2017.011.30156 / 2019.021.20058 Multiple Vulnerabilities (APSB19-55)
2019-12-13 00:00:00
Adobe Acrobat < 2015.006.30508 / 2017.011.30156 / 2019.021.20058 Multiple Vulnerabilities (APSB19-55) (macOS)
2019-12-13 00:00:00
adobe
adobe
APSB19-55 - Security update available for Adobe Acrobat and Reader
2019-12-10 00:00:00

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

AI Score

7.7

Confidence

Low

EPSS

0.073

Percentile

94.1%

JSON
Related for KLA11676
nvd2cvelist2prion2cnvd1cve2openvas12nessus4adobe1