Lucene search
Francis Provencher {PRL}ZDI-19-345HistoryApr 15, 2019 - 12:00 a.m.
Adobe Bridge CC PCX File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability
2019-04-1500:00:00
Francis Provencher {PRL}
www.zerodayinitiative.com
11
EPSS
0.033
Percentile
91.3%
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Bridge CC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PCX files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process.
Related
cvelist
cvelist
CVE-2019-7130
2019-05-23 15:35:38
prion
prion
Heap overflow
2019-05-23 16:29:00
nvd
nvd
CVE-2019-7130
2019-05-23 16:29:08
cve
cve
CVE-2019-7130
2019-05-23 16:29:08
nessus
nessus
Adobe Bridge CC 9.0.2 Multiple Vulnerabilities (APSB19-04) (Mac OS X)
2019-04-11 00:00:00
Adobe Bridge CC 9.0.3 Multiple Vulnerabilities (APSB19-04) (Windows)
2019-04-16 00:00:00
openvas
openvas
Adobe Bridge CC Security Updates (APSB19-25) - Windows
2019-04-11 00:00:00
adobe
adobe
APSB19-25 Security update available for Adobe Bridge CC
2019-04-09 00:00:00
threatpost
threatpost
Adobe Fixes 24 Critical Flaws in Acrobat Reader, Flash, Shockwave Player
2019-04-09 18:08:08