Published: 22/05/2019 Updated: 21/08/2019

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

CVSS v3 Base Score: 6.5 | Impact Score: 3.6 | Exploitability Score: 2.8

VMScore: 383

Vector: AV:N/AC:M/Au:N/C:P/I:N/A:N

Adobe Acrobat and Reader versions 2019.010.20100 and previous versions, 2019.010.20099 and previous versions, 2017.011.30140 and previous versions, 2017.011.30138 and previous versions, 2015.006.30495 and previous versions, and 2015.006.30493 and previous versions have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.

Vulnerable Product	Search on Vulmon	Subscribe to Product
adobe acrobat_reader_dc
adobe acrobat_dc

JP2KLib.dll harness for WinAFL

jp2k_fuzz This repository contains a harness that can be used with WinAFL to fuzz Acrobat's JPEG2000 library It was used to find CVE-2019-7794 Details JP2KLibdll is a closed source DLL that is used by Adobe Acrobat to decode JPEG2000 images Since it's a binary with no source code, its exports have an unknown API Our goal is to invoke the exported functions proper

CWE-125 https://www.zerodayinitiative.com/advisories/ZDI-19-489/https://helpx.adobe.com/security/products/acrobat/apsb19-18.html http://www.securityfocus.com/bid/108326 https://nvd.nist.gov https://github.com/ronwai/jp2k_fuzz

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2019-7794

Vulnerability Summary

Vulnerability Trend

Github Repositories

References

Vulmon Search

About

Products

Connect