Rewterz Threat Advisory – CVE-2019-7815 – Adobe Reader / Acrobat Information Disclosure Vulnerability

Rewterz Threat Advisory – CVE-2016-8618 – F5 Multiple BIG-IP Products libcurl Vulnerability

February 22, 2019

Rewterz Threat Advisory – Denial of Service flaw in Windows Servers running IIS

February 22, 2019

Rewterz Threat Advisory – CVE-2019-7815 – Adobe Reader / Acrobat Information Disclosure Vulnerability

Severity

Medium

Analysis Summary

The fix for CVE-2019-7089 first introduced in 2019.010.20091, 2017.011.30120 and 2015.006.30475 has been bypassed, leading to CVE-2019-7815. Successful exploitation could lead to sensitive information disclosure in the context of the current user.

Impact

Exposure of sensitive information.

Affected Products

Acrobat DC versions 2019.010.20091 and prior running on Windows and macOS
Acrobat Reader DC versions 2019.010.20091 and prior running on Windows and macOS
Acrobat 2017 versions 2017.011.30120 and prior running on Windows
Acrobat Reader DC 2017 versions 2017.011.30120 and prior running on Windows
Acrobat DC (Classic 2015) versions 2015.006.30475 and prior running on Windows
Acrobat Reader DC (Classic 2015) versions 2015.006.30475 and prior running on Windows

Remediation

Acrobat DC / Acrobat Reader DC 2019 running on Windows and macOS: Update to version 2019.010.20098.

Acrobat 2017 / Acrobat Reader DC 2017 running on Windows:

Update to version 2017.011.30127.

Acrobat DC / Acrobat Reader DC (Classic 2015) running on Windows:

Update to version 2015.006.30482.

Rewterz Threat Advisory – CVE-2016-8618 – F5 Multiple BIG-IP Products libcurl Vulnerability

Rewterz Threat Advisory – Denial of Service flaw in Windows Servers running IIS

Rewterz Threat Advisory – CVE-2019-7815 – Adobe Reader / Acrobat Information Disclosure Vulnerability

Security Operations Centers across the region

Saudi Arabia

UAE

Oman

Pakistan