Skip to main content

Bridge Cc CVE-2019-7136

MEDIUM
Use After Free (CWE-416)
2019-05-23 psirt@adobe.com
6.5
CVSS 3.0 · NVD
Share

Severity by source

NVD PRIMARY
6.5 MEDIUM
AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
Required
Scope
Unchanged
Confidentiality
High
Integrity
None
Availability
None

Lifecycle Timeline

1
CVE Published
May 23, 2019 - 16:29 nvd
MEDIUM 6.5

DescriptionNVD

Adobe Bridge CC versions 9.0.2 have an use after free vulnerability. Successful exploitation could lead to information disclosure.

AnalysisAI

Adobe Bridge CC versions 9.0.2 have an use after free vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Technical ContextAI

This vulnerability is classified as Use After Free (CWE-416), which allows attackers to access freed memory to execute arbitrary code or crash the application. Adobe Bridge CC versions 9.0.2 have an use after free vulnerability. Successful exploitation could lead to information disclosure. Affected products include: Adobe Bridge Cc.

RemediationAI

A vendor patch is available. Apply the latest security update as soon as possible. Use smart pointers or garbage-collected languages. Set pointers to NULL after freeing. Enable memory sanitizers.

CVE-2016-0953 CRITICAL POC
9.8 Feb 10

Adobe Photoshop CC 2014 before 15.2.4, Photoshop CC 2015 before 16.1.2, and Bridge CC before 6.2 allow attackers to exec

CVE-2016-0952 CRITICAL POC
9.8 Feb 10

Adobe Photoshop CC 2014 before 15.2.4, Photoshop CC 2015 before 16.1.2, and Bridge CC before 6.2 allow attackers to exec

CVE-2016-0951 CRITICAL POC
9.8 Feb 10

Adobe Photoshop CC 2014 before 15.2.4, Photoshop CC 2015 before 16.1.2, and Bridge CC before 6.2 allow attackers to exec

CVE-2019-7130 CRITICAL
9.8 May 23

Adobe Bridge CC versions 9.0.2 have a heap overflow vulnerability. Rated critical severity (CVSS 9.8), this vulnerabilit

CVE-2019-7132 HIGH
8.8 May 23

Adobe Bridge CC versions 9.0.2 have an out-of-bounds write vulnerability. Rated high severity (CVSS 8.8), this vulnerabi

CVE-2019-8240 HIGH
7.5 Nov 14

Adobe Bridge CC versions 9.1 and earlier have a memory corruption vulnerability. Rated high severity (CVSS 7.5), this vu

CVE-2019-8239 HIGH
7.5 Nov 14

Adobe Bridge CC versions 9.1 and earlier have a memory corruption vulnerability. Rated high severity (CVSS 7.5), this vu

CVE-2019-7963 MEDIUM
6.5 Jul 18

Adobe Bridge CC version 9.0.2 and earlier versions have an out of bound read vulnerability. Rated medium severity (CVSS

CVE-2019-7138 MEDIUM
6.5 May 23

Adobe Bridge CC versions 9.0.2 have an out-of-bounds read vulnerability. Rated medium severity (CVSS 6.5), this vulnerab

CVE-2019-7137 MEDIUM
6.5 May 23

Adobe Bridge CC versions 9.0.2 have a memory corruption vulnerability. Rated medium severity (CVSS 6.5), this vulnerabil

CVE-2019-7135 MEDIUM
6.5 May 23

Adobe Bridge CC versions 9.0.2 have an out-of-bounds read vulnerability. Rated medium severity (CVSS 6.5), this vulnerab

CVE-2019-7134 MEDIUM
6.5 May 23

Adobe Bridge CC versions 9.0.2 have an out-of-bounds read vulnerability. Rated medium severity (CVSS 6.5), this vulnerab

Share

CVE-2019-7136 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy