CVSS: 8.8EPSS: 8%CPEs: 8EXPL: 1CVE-2019-8014 – Adobe Acrobat Pro DC AcroForm Bitmap File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2019-8014
Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have a heap overflow vulnerability. Successful exploitation could lead to arbitrary code execution . Adobe Acrobat and Reader versiones 2019.012.20035 y anteriores, versiones 2019.012.20035 y anteriores, versiones 2017.011.30142 y anteriores, versiones 2017.011.30143 y anteriores, versiones 2015.006.30497 y anteriores, y versiones 2015.006.30498 y anteriores tienen una vulnerabilidad de desbordamiento de pila. Su explotación con éxito podría permitir la ejecución arbitraria de código This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Acrobat Pro DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of run length encoding in BMP images. • https://github.com/f01965/CVE-2019-8014 https://helpx.adobe.com/security/products/acrobat/apsb19-41.html • CWE-787: Out-of-bounds Write •
CVSS: 4.3EPSS: 0%CPEs: 8EXPL: 0CVE-2019-8051 – Adobe Acrobat Pro DC AcroForm userName Property Use-After-Free Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2019-8051
Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution . Adobe Acrobat and Reader versiones 2019.012.20035 y anteriores, versiones 2019.012.20035 y anteriores, versiones 2017.011.30142 y anteriores, versiones 2017.011.30143 y anteriores, versiones 2015.006.30497 y anteriores, y versiones 2015.006.30498 y anteriores presenta una vulnerabilidad de uso de la memoria previamente liberada. Su explotación con éxito podría permitir la ejecución arbitraria de código This vulnerability allows remote attackers to disclose sensitive information on affected installations of Adobe Acrobat Pro DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the userName property of Field objects in the AcroForm plugin. • https://helpx.adobe.com/security/products/acrobat/apsb19-41.html • CWE-416: Use After Free •
CVSS: 4.3EPSS: 0%CPEs: 8EXPL: 0CVE-2019-8058 – Adobe Acrobat Pro DC AcroForm fillColor Property Use-After-Free Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2019-8058
Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution . Adobe Acrobat and Reader versiones 2019.012.20035 y anteriores, versiones 2019.012.20035 y anteriores, versiones 2017.011.30142 y anteriores, versiones 2017.011.30143 y anteriores, versiones 2015.006.30497 y anteriores, y versiones 2015.006.30498 y anteriores presenta una vulnerabilidad de uso de la memoria previamente liberada. Su explotación con éxito podría permitir la ejecución arbitraria de código This vulnerability allows remote attackers to disclose sensitive information on affected installations of Adobe Acrobat Pro DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the fillColor property of Field objects in the AcroForm plugin. • https://helpx.adobe.com/security/products/acrobat/apsb19-41.html • CWE-416: Use After Free •
CVSS: 8.8EPSS: 1%CPEs: 8EXPL: 0CVE-2019-8057 – Adobe Acrobat Pro DC AcroForm textSize Property Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2019-8057
Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution . Adobe Acrobat and Reader versiones 2019.012.20035 y anteriores, versiones 2019.012.20035 y anteriores, versiones 2017.011.30142 y anteriores, versiones 2017.011.30143 y anteriores, versiones 2015.006.30497 y anteriores, y versiones 2015.006.30498 y anteriores presenta una vulnerabilidad de uso de la memoria previamente liberada. Su explotación con éxito podría permitir la ejecución arbitraria de código This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Acrobat Pro DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the textSize property of Field objects in the AcroForm plugin. • https://helpx.adobe.com/security/products/acrobat/apsb19-41.html • CWE-416: Use After Free •
CVSS: 4.3EPSS: 0%CPEs: 8EXPL: 0CVE-2019-8052 – Adobe Acrobat Pro DC JPG File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2019-8052
Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure . Adobe Acrobat and Reader versiones 2019.012.20035 y anteriores, versiones 2019.012.20035 y anteriores, versiones 2017.011.30142 y anteriores, versiones 2017.011.30143 y anteriores, versiones 2015.006.30497 y anteriores, y versiones 2015.006.30498 y anteriores tienen una vulnerabilidad de lectura fuera de los límites. Su explotación con éxito podría resultar en una divulgación de información This vulnerability allows remote attackers to disclose sensitive information on affected installations of Adobe Acrobat Pro DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JPEG files. • https://helpx.adobe.com/security/products/acrobat/apsb19-41.html • CWE-125: Out-of-bounds Read •