CVE-2019-7072

Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution .

Published: May 24, 2019
Updated: Apr 13, 2023
CVE: CVE-2019-7072
Severity: High
Exploit:

CVSS v3:

Severity: High
Score: 8.8
AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CVSS v2:

Severity: High
Score: 9.3
AV:N/AC:M/Au:N/C:C/I:C/A:C

CWEs:

CWE-416

Affected Software
References

Software	From	Fixed in
adobe / acrobat_dc	15.006.30060	15.006.30475
adobe / acrobat_dc	15.008.20082	19.010.20091
adobe / acrobat_dc	17.011.30059	17.011.30120
adobe / acrobat_reader_dc	15.006.30060	15.006.30475
adobe / acrobat_reader_dc	15.008.20082	19.010.20091
adobe / acrobat_reader_dc	17.011.30059	17.011.30120

https://helpx.adobe.com/security/products/acrobat/apsb19-07.html
https://www.zerodayinitiative.com/advisories/ZDI-19-215/

Vulnerability Database

CVE-2019-7072