Published: 05/03/2019 Updated: 10/10/2019

CVSS v2 Base Score: 10 | Impact Score: 10 | Exploitability Score: 10

CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9

VMScore: 890

Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

Adobe Acrobat and Reader versions 2019.010.20069 and previous versions, 2017.011.30113 and previous versions version, and 2015.006.30464 and previous versions have a security bypass vulnerability. Successful exploitation could lead to privilege escalation.

Vulnerable Product	Search on Vulmon	Subscribe to Product
adobe acrobat_dc
adobe acrobat_reader_dc

Hope you're over that New Year's hangover – there's an Adobe PDF app patch to install

The Register • Shaun Nichols in San Francisco • 03 Jan 2019

Pair of critical flaws cleaned up in Acrobat, Reader Adobe Flash zero-day exploit... leveraging ActiveX… embedded in Office Doc... BINGO!

Adobe has issued its first patch of the year, emitting fixes for a pair of high-risk vulnerabilities in Acrobat and Reader. The APSB-02 security bundle is being recommended as a high-priority fix, so install it as soon as you can. The two CVE-listed bugs haven't been targeted in the wild yet so admins are advised to get the updates tested and installed within the next 30 days. By comparison, a critical, actively-exploited, flaw would have a 72-hour recommended install time. Still, Mac and Window...

CVE-2018-19725

Vulnerability Summary

Vulnerability Trend

Recent Articles

References

Vulmon Search

About

Products

Connect