← back
CVE-2019-8196

CVE-2019-8196

EPSS 22.9%
Vexday Risk Score
28Low
SSVC decision (CISA)
Attend
PoC available → attend closely
CVSS EPSS 22.9%KEV nãoPoC públicaNuclei Metasploit Patch
Lifecycle
17 Oct 2019Published on NVD
11 Nov 2019Public PoC
Recommendation: Plan a near-term fix — a public PoC already exists.
Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.011.30148 and earlier, 2017.011.30148 and earlier, 2015.006.30503 and earlier, and 2015.006.30503 and earlier have an untrusted pointer dereference vulnerability. Successful exploitation could lead to arbitrary code execution .
Affected products
Adobe · Adobe Acrobat and Reader
public PoCs found2
cve_referencepacketstormsecurity.com/files/155225/Adobe-Acrobat-Reader-DC-For-Windows-Malformed-OTF-Font-Uninitialized-Pointer.htmlunverifiedexploitdbwww.exploit-db.com/exploits/47610unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://packetstormsecurity.com/files/155225/Adobe-Acrobat-Reader-DC-For-Windows-Malformed-OTF-Font-Uninitialized-Pointer.htmlhttps://helpx.adobe.com/security/products/acrobat/apsb19-49.html