CVE-2019-7113 - Vulnerability Details

Vendors	Products
Adobe	Acrobat Dc Acrobat Reader Dc
Apple	Mac Os X
Microsoft	Windows

Link	Providers
https://helpx.adobe.com/security/products/acrobat/apsb19-17.html

Show plain JSON

{"containers": {"cna": {"affected": [{"product": "Adobe Acrobat and Reader", "vendor": "Adobe", "versions": [{"status": "affected", "version": "2019.010.20098 and earlier, 2019.010.20098 and earlier, 2017.011.30127 and earlier version, and 2015.006.30482 and earlier versions"}]}], "descriptions": [{"lang": "en", "value": "Adobe Acrobat and Reader versions 2019.010.20098 and earlier, 2019.010.20098 and earlier, 2017.011.30127 and earlier version, and 2015.006.30482 and earlier have a heap overflow vulnerability. Successful exploitation could lead to arbitrary code execution ."}], "problemTypes": [{"descriptions": [{"description": "Heap Overflow", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2019-05-23T16:52:34", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://helpx.adobe.com/security/products/acrobat/apsb19-17.html"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "psirt@adobe.com", "ID": "CVE-2019-7113", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Adobe Acrobat and Reader", "version": {"version_data": [{"version_value": "2019.010.20098 and earlier, 2019.010.20098 and earlier, 2017.011.30127 and earlier version, and 2015.006.30482 and earlier versions"}]}}]}, "vendor_name": "Adobe"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Adobe Acrobat and Reader versions 2019.010.20098 and earlier, 2019.010.20098 and earlier, 2017.011.30127 and earlier version, and 2015.006.30482 and earlier have a heap overflow vulnerability. Successful exploitation could lead to arbitrary code execution ."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Heap Overflow"}]}]}, "references": {"reference_data": [{"name": "https://helpx.adobe.com/security/products/acrobat/apsb19-17.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/acrobat/apsb19-17.html"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T20:38:33.183Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://helpx.adobe.com/security/products/acrobat/apsb19-17.html"}]}]}, "cveMetadata": {"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2019-7113", "datePublished": "2019-05-23T16:52:34", "dateReserved": "2019-01-28T00:00:00", "dateUpdated": "2024-08-04T20:38:33.183Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{

containers : { »

cna : { »

affected : [ »

0 : { »

product : Adobe Acrobat and Reader (string)

vendor : Adobe (string)

versions : [ »

0 : { »

status : affected (string)

version : 2019.010.20098 and earlier, 2019.010.20098 and earlier, 2017.011.30127 and earlier version, and 2015.006.30482 and earlier versions (string)

}

]

}

]

descriptions : [ »

0 : { »

lang : en (string)

value : Adobe Acrobat and Reader versions 2019.010.20098 and earlier, 2019.010.20098 and earlier, 2017.011.30127 and earlier version, and 2015.006.30482 and earlier have a heap overflow vulnerability. Successful exploitation could lead to arbitrary code execution . (string)

}

]

problemTypes : [ »

0 : { »

descriptions : [ »

0 : { »

description : Heap Overflow (string)

lang : en (string)

type : text (string)

}

]

}

]

providerMetadata : { »

dateUpdated : 2019-05-23T16:52:34 (string)

orgId : 078d4453-3bcd-4900-85e6-15281da43538 (string)

shortName : adobe (string)

}

references : [ »

0 : { »

tags : [ »

0 : x_refsource_CONFIRM (string)

]

url : https://helpx.adobe.com/security/products/acrobat/apsb19-17.html (string)

}

]

x_legacyV4Record : { »

CVE_data_meta : { »

ASSIGNER : psirt@adobe.com (string)

ID : CVE-2019-7113 (string)

STATE : PUBLIC (string)

}

affects : { »

vendor : { »

vendor_data : [ »

0 : { »

product : { »

product_data : [ »

0 : { »

product_name : Adobe Acrobat and Reader (string)

version : { »

version_data : [ »

0 : { »

version_value : 2019.010.20098 and earlier, 2019.010.20098 and earlier, 2017.011.30127 and earlier version, and 2015.006.30482 and earlier versions (string)

}

]

}

]

}

vendor_name : Adobe (string)

}

]

}

data_format : MITRE (string)

data_type : CVE (string)

data_version : 4.0 (string)

description : { »

description_data : [ »

0 : { »

lang : eng (string)

value : Adobe Acrobat and Reader versions 2019.010.20098 and earlier, 2019.010.20098 and earlier, 2017.011.30127 and earlier version, and 2015.006.30482 and earlier have a heap overflow vulnerability. Successful exploitation could lead to arbitrary code execution . (string)

}

]

}

problemtype : { »

problemtype_data : [ »

0 : { »

description : [ »

0 : { »

lang : eng (string)

value : Heap Overflow (string)

}

]

}

]

}

references : { »

reference_data : [ »

0 : { »

name : https://helpx.adobe.com/security/products/acrobat/apsb19-17.html (string)

refsource : CONFIRM (string)

url : https://helpx.adobe.com/security/products/acrobat/apsb19-17.html (string)

}

]

}

adp : [ »

0 : { »

providerMetadata : { »

orgId : af854a3a-2127-422b-91ae-364da2661108 (string)

shortName : CVE (string)

dateUpdated : 2024-08-04T20:38:33.183Z (string)

}

title : CVE Program Container (string)

references : [ »

0 : { »

tags : [ »

0 : x_refsource_CONFIRM (string)

1 : x_transferred (string)

]

url : https://helpx.adobe.com/security/products/acrobat/apsb19-17.html (string)

}

]

}

]

}

cveMetadata : { »

assignerOrgId : 078d4453-3bcd-4900-85e6-15281da43538 (string)

assignerShortName : adobe (string)

cveId : CVE-2019-7113 (string)

datePublished : 2019-05-23T16:52:34 (string)

dateReserved : 2019-01-28T00:00:00 (string)

dateUpdated : 2024-08-04T20:38:33.183Z (string)

state : PUBLISHED (string)

}

dataType : CVE_RECORD (string)

dataVersion : 5.1 (string)

}

Show plain JSON

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*", "matchCriteriaId": "F31046B0-6B20-4B6F-B3A0-5FA4A6701E51", "versionEndIncluding": "15.006.30482", "versionStartIncluding": "15.006.30060", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*", "matchCriteriaId": "868AFFC7-71EF-4D9A-B409-5CC113EDD0DE", "versionEndIncluding": "19.010.20098", "versionStartIncluding": "15.008.20082", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*", "matchCriteriaId": "58B8A3B8-4FB4-4832-AE8D-1136DE47EB33", "versionEndIncluding": "17.011.30127", "versionStartIncluding": "17.011.30056", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*", "matchCriteriaId": "240D1C4A-A3FC-4DB3-A774-A22DEF3B9C4D", "versionEndIncluding": "15.006.30482", "versionStartIncluding": "15.006.30060", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*", "matchCriteriaId": "BEAFBB5F-C935-43BE-AF7A-9121592FF399", "versionEndIncluding": "19.010.20098", "versionStartIncluding": "15.008.20082", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*", "matchCriteriaId": "E1B9B5CB-BB2C-45F3-A113-5E064AC6706C", "versionEndIncluding": "17.011.30127", "versionStartIncluding": "17.011.30059", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false}, {"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "Adobe Acrobat and Reader versions 2019.010.20098 and earlier, 2019.010.20098 and earlier, 2017.011.30127 and earlier version, and 2015.006.30482 and earlier have a heap overflow vulnerability. Successful exploitation could lead to arbitrary code execution ."}, {"lang": "es", "value": "Adobe Acrobat and Reader versiones 2019.010.20098 y anteriores, versiones 2019.010.20098 y anteriores, versiones 2017.011.30127 y anteriores, y versiones 2015.006.30482 y anteriores, tienen una vulnerabilidad de desbordamiento de pila. Su explotaci\u00f3n exitosa conllevar\u00eda a la ejecuci\u00f3n de c\u00f3digo arbitrario."}], "id": "CVE-2019-7113", "lastModified": "2024-11-21T04:47:35.770", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2019-05-23T17:29:00.657", "references": [{"source": "psirt@adobe.com", "tags": ["Patch", "Vendor Advisory"], "url": "https://helpx.adobe.com/security/products/acrobat/apsb19-17.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Vendor Advisory"], "url": "https://helpx.adobe.com/security/products/acrobat/apsb19-17.html"}], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-787"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{

configurations : [ »

0 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:* (string)

matchCriteriaId : F31046B0-6B20-4B6F-B3A0-5FA4A6701E51 (string)

versionEndIncluding : 15.006.30482 (string)

versionStartIncluding : 15.006.30060 (string)

vulnerable : true (boolean)

}

1 : { »

criteria : cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:* (string)

matchCriteriaId : 868AFFC7-71EF-4D9A-B409-5CC113EDD0DE (string)

versionEndIncluding : 19.010.20098 (string)

versionStartIncluding : 15.008.20082 (string)

vulnerable : true (boolean)

}

2 : { »

criteria : cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:* (string)

matchCriteriaId : 58B8A3B8-4FB4-4832-AE8D-1136DE47EB33 (string)

versionEndIncluding : 17.011.30127 (string)

versionStartIncluding : 17.011.30056 (string)

vulnerable : true (boolean)

}

3 : { »

criteria : cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:* (string)

matchCriteriaId : 240D1C4A-A3FC-4DB3-A774-A22DEF3B9C4D (string)

versionEndIncluding : 15.006.30482 (string)

versionStartIncluding : 15.006.30060 (string)

vulnerable : true (boolean)

}

4 : { »

criteria : cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:* (string)

matchCriteriaId : BEAFBB5F-C935-43BE-AF7A-9121592FF399 (string)

versionEndIncluding : 19.010.20098 (string)

versionStartIncluding : 15.008.20082 (string)

vulnerable : true (boolean)

}

5 : { »

criteria : cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:* (string)

matchCriteriaId : E1B9B5CB-BB2C-45F3-A113-5E064AC6706C (string)

versionEndIncluding : 17.011.30127 (string)

versionStartIncluding : 17.011.30059 (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

1 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:* (string)

matchCriteriaId : 4781BF1E-8A4E-4AFF-9540-23D523EE30DD (string)

vulnerable : false (boolean)

}

1 : { »

criteria : cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:* (string)

matchCriteriaId : A2572D17-1DE6-457B-99CC-64AFD54487EA (string)

vulnerable : false (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

operator : AND (string)

}

]

descriptions : [ »

0 : { »

lang : en (string)

value : Adobe Acrobat and Reader versions 2019.010.20098 and earlier, 2019.010.20098 and earlier, 2017.011.30127 and earlier version, and 2015.006.30482 and earlier have a heap overflow vulnerability. Successful exploitation could lead to arbitrary code execution . (string)

}

1 : { »

lang : es (string)

value : Adobe Acrobat and Reader versiones 2019.010.20098 y anteriores, versiones 2019.010.20098 y anteriores, versiones 2017.011.30127 y anteriores, y versiones 2015.006.30482 y anteriores, tienen una vulnerabilidad de desbordamiento de pila. Su explotación exitosa conllevaría a la ejecución de código arbitrario. (string)

}

]

id : CVE-2019-7113 (string)

lastModified : 2024-11-21T04:47:35.770 (string)

metrics : { »

cvssMetricV2 : [ »

0 : { »

acInsufInfo : false (boolean)

baseSeverity : HIGH (string)

cvssData : { »

accessComplexity : LOW (string)

accessVector : NETWORK (string)

authentication : NONE (string)

availabilityImpact : COMPLETE (string)

baseScore : 10 (number)

confidentialityImpact : COMPLETE (string)

integrityImpact : COMPLETE (string)

vectorString : AV:N/AC:L/Au:N/C:C/I:C/A:C (string)

version : 2.0 (string)

}

exploitabilityScore : 10 (number)

impactScore : 10 (number)

obtainAllPrivilege : false (boolean)

obtainOtherPrivilege : false (boolean)

obtainUserPrivilege : false (boolean)

source : nvd@nist.gov (string)

type : Primary (string)

userInteractionRequired : false (boolean)

}

]

cvssMetricV30 : [ »

0 : { »

cvssData : { »

attackComplexity : LOW (string)

attackVector : NETWORK (string)

availabilityImpact : HIGH (string)

baseScore : 9.8 (number)

baseSeverity : CRITICAL (string)

confidentialityImpact : HIGH (string)

integrityImpact : HIGH (string)

privilegesRequired : NONE (string)

scope : UNCHANGED (string)

userInteraction : NONE (string)

vectorString : CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H (string)

version : 3.0 (string)

}

exploitabilityScore : 3.9 (number)

impactScore : 5.9 (number)

source : nvd@nist.gov (string)

type : Primary (string)

}

]

}

published : 2019-05-23T17:29:00.657 (string)

references : [ »

0 : { »

source : psirt@adobe.com (string)

tags : [ »

0 : Patch (string)

1 : Vendor Advisory (string)

]

url : https://helpx.adobe.com/security/products/acrobat/apsb19-17.html (string)

}

1 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Patch (string)

1 : Vendor Advisory (string)

]

url : https://helpx.adobe.com/security/products/acrobat/apsb19-17.html (string)

}

]

sourceIdentifier : psirt@adobe.com (string)

vulnStatus : Modified (string)

weaknesses : [ »

0 : { »

description : [ »

0 : { »

lang : en (string)

value : CWE-787 (string)

}

]

source : nvd@nist.gov (string)

type : Primary (string)

}

]

}

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

Affected Vendors & Products

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object