ENGLISH Search Menu
Alerts & News Security Alerts Security News

SECURITY ALERTS

Adobe Acrobat and Reader Have Multiple Vulnerabilities That Allows an Attacker to Execute Arbitrary Code Remotely

DESCRIPTION:

Multiple vulnerabilities have been discovered in Adobe Acrobat and Adobe Reader. Upon successful exploitation, all critical vulnerabilities in Adobe Acrobat and Reader software lead to arbitrary code execution attacks, allowing attackers to take complete control of targeted systems.

 

Adobe fixed 14 critical arbitrary code execution flaws, including out-of-bounds write glitches (CVE-2019-16450, CVE-2019-16454), use after free flaws (CVE-2019-16445, CVE-2019-16448, CVE-2019-16452, CVE-2019-16459, CVE-2019-16464), untrusted pointer dereference vulnerability (CVE-2019-16446, CVE-2019-16455, CVE-2019-16460, CVE-2019-16463), a heap overflow (CVE-2019-16451), buffer error (CVE-2019-16462) and a security bypass (CVE-2019-16453).

 

AFFECTED RELEASES:

The Adobe Acrobat and Reader versions for Windows and macOS enlisted are affected by these vulnerabilities:

1. Continuous track versions

    •Acrobat DC Continuous track versions 2019.021.20056 and earlier versions

    •Acrobat Reader DC Continuous track versions 2019.021.20056 and earlier versions

2. Classic 2017 versions

    •Acrobat 2017 Classic 2017

      -Windowsversions 2017.011.30152 and earlier versions

      -macOSversions 2017.011.30155 and earlier versions

     •Acrobat Reader 2017 Classic 2017 versions 2017.011.30152 and earlier versions

3. Classic 2015 versions

    •Acrobat DC Classic 2015 versions 2015.006.30505 and earlier versions

    •Acrobat Reader DC Classic 2015 versions 2015.006.30505 and earlier versions

 

SOLUTION:

Please confirm the current version by choosing "Help" > "About." If it is the affected version, please update to the latest releases by clicking "Check for Updates." If an update from the menu is not available, please download the latest Adobe Acrobat and Reader from the following URL:

1. Continuous track version upgrade to 2019.021.20058 at least

     •Acrobat DC

     -Windows Userhttps://supportdownloads.adobe.com/detail.jsp?ftpID=6813

     -macOS Userhttps://supportdownloads.adobe.com/detail.jsp?ftpID=6819

     •Acrobat Reader DC

     -Windows Userhttps://supportdownloads.adobe.com/detail.jsp?ftpID=6815

     -macOS Userhttps://supportdownloads.adobe.com/detail.jsp?ftpID=6821

2.  Classic 2017 versions upgrade to 2017.011.30156 at least

    •Acrobat 2017

     -Windows Userhttps://supportdownloads.adobe.com/detail.jsp?ftpID=6823

     -macOS Userhttps://supportdownloads.adobe.com/detail.jsp?ftpID=6827

    •Acrobat Reader 2017

     -Windows Userhttps://supportdownloads.adobe.com/detail.jsp?ftpID=6825

     -macOS Userhttps://supportdownloads.adobe.com/detail.jsp?ftpID=6829

3. Classic 2015 versions upgrade to 2015.006.30508 at least

     •Acrobat 2015

     -Windows Userhttps://supportdownloads.adobe.com/detail.jsp?ftpID=6831

     -macOS Userhttps://supportdownloads.adobe.com/detail.jsp?ftpID=6835

    •Acrobat Reader 2015

      -Windows Userhttps://supportdownloads.adobe.com/detail.jsp?ftpID=6833

     -macOS Userhttps://supportdownloads.adobe.com/detail.jsp?ftpID=6837

 

REFERENCE:

1. https://helpx.adobe.com/security/products/acrobat/apsb19-55.html

2. https://thehackernews.com/2019/12/adobe-software-update.html

 Back To Top