ESB-2019.0437 - [Win][OSX] Adobe Acrobat and Reader: Multiple vulnerabilities 2019-02-13

Printable version
PGP/GPG verifiable version

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

===========================================================================
             AUSCERT External Security Bulletin Redistribution

                               ESB-2019.0437
    Security updates available for Adobe Acrobat and Reader | APSB19-07
                             13 February 2019

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:           Adobe Acrobat and Reader
Publisher:         Adobe
Operating System:  Windows
                   OS X
Impact/Access:     Execute Arbitrary Code/Commands -- Remote with User Interaction
                   Denial of Service               -- Remote with User Interaction
                   Access Confidential Data        -- Remote with User Interaction
                   Increased Privileges            -- Remote with User Interaction
Resolution:        Patch/Upgrade
CVE Names:         CVE-2019-7089 CVE-2019-7087 CVE-2019-7086
                   CVE-2019-7085 CVE-2019-7084 CVE-2019-7083
                   CVE-2019-7082 CVE-2019-7081 CVE-2019-7080
                   CVE-2019-7079 CVE-2019-7078 CVE-2019-7077
                   CVE-2019-7076 CVE-2019-7075 CVE-2019-7074
                   CVE-2019-7073 CVE-2019-7072 CVE-2019-7071
                   CVE-2019-7070 CVE-2019-7069 CVE-2019-7068
                   CVE-2019-7067 CVE-2019-7066 CVE-2019-7065
                   CVE-2019-7064 CVE-2019-7063 CVE-2019-7062
                   CVE-2019-7060 CVE-2019-7059 CVE-2019-7058
                   CVE-2019-7057 CVE-2019-7056 CVE-2019-7055
                   CVE-2019-7054 CVE-2019-7053 CVE-2019-7052
                   CVE-2019-7051 CVE-2019-7050 CVE-2019-7049
                   CVE-2019-7048 CVE-2019-7047 CVE-2019-7046
                   CVE-2019-7045 CVE-2019-7044 CVE-2019-7043
                   CVE-2019-7042 CVE-2019-7041 CVE-2019-7040
                   CVE-2019-7039 CVE-2019-7038 CVE-2019-7037
                   CVE-2019-7036 CVE-2019-7035 CVE-2019-7034
                   CVE-2019-7033 CVE-2019-7032 CVE-2019-7031
                   CVE-2019-7030 CVE-2019-7029 CVE-2019-7028
                   CVE-2019-7027 CVE-2019-7026 CVE-2019-7025
                   CVE-2019-7024 CVE-2019-7023 CVE-2019-7022
                   CVE-2019-7021 CVE-2019-7020 CVE-2019-7019
                   CVE-2019-7018 CVE-2018-19725 

Original Bulletin: 
   https://helpx.adobe.com/security/products/acrobat/apsb19-07.html

- --------------------------BEGIN INCLUDED TEXT--------------------

Security updates available for Adobe Acrobat and Reader | APSB19-07
+-----------------------+-----------------------------------+-----------------+
|      Bulletin ID      |          Date Published           |    Priority     |
+-----------------------+-----------------------------------+-----------------+
|APSB19-07              |February 12, 2019                  |2                |
+-----------------------+-----------------------------------+-----------------+

Summary

Adobe has released security updates for Adobe Acrobat and Reader for Windows
and MacOS. These updates address critical and important vulnerabilities.
Successful exploitation could lead to arbitrary code execution in the context
of the current user.

Affected Versions

+-----------------+-----------+-------------------------------+---------------+
|     Product     |   Track   |       Affected Versions       |   Platform    |
+-----------------+-----------+-------------------------------+---------------+
|Acrobat DC       |Continuous |2019.010.20069 and earlier     |Windows and    |
|                 |           |versions                       |macOS          |
+-----------------+-----------+-------------------------------+---------------+
|Acrobat Reader DC|Continuous |2019.010.20069 and earlier     |Windows and    |
|                 |           |versions                       |macOS          |
+-----------------+-----------+-------------------------------+---------------+
+-----------------+-----------+-------------------------------+---------------+
|Acrobat 2017     |Classic    |2017.011.30113 and earlier     |Windows and    |
|                 |2017       |version                        |macOS          |
+-----------------+-----------+-------------------------------+---------------+
|Acrobat Reader   |Classic    |2017.011.30113 and earlier     |Windows and    |
|2017             |2017       |version                        |macOS          |
+-----------------+-----------+-------------------------------+---------------+
+-----------------+-----------+-------------------------------+---------------+
|Acrobat DC       |Classic    |2015.006.30464 and earlier     |Windowsand     |
|                 |2015       |versions                       |macOS          |
+-----------------+-----------+-------------------------------+---------------+
|Acrobat Reader DC|Classic    |2015.006.30464 and earlier     |Windowsand     |
|                 |2015       |versions                       |macOS          |
+-----------------+-----------+-------------------------------+---------------+

Solution

Adobe recommends users update their software installations to the latest
versions by following the instructions below.
The latest product versions are available to end users via one of the following
methods:

  o Users can update their product installations manually by choosing Help >
    Check for Updates.
  o The products will update automatically, without requiring user
    intervention, when updates are detected.
  o The full Acrobat Reader installer can be downloaded from the Acrobat Reader
    Download Center .

For IT administrators (managed environments):

  o Download the enterprise installers from ftp://ftp.adobe.com/pub/adobe/ , or
    refer to the specific release note version for links to installers.
  o Install updates via your preferred methodology, such as AIP-GPO,
    bootstrapper, SCUP/SCCM (Windows), or on macOS, Apple Remote Desktop and
    SSH.

Adobe categorizes these updates with the following priority ratings and
recommends users update their installation to the newest version:

+---------------+----------+--------------+-----------+----------+------------+
|    Product    |  Track   |   Updated    | Platform  | Priority |Availability|
|               |          |   Versions   |           |  Rating  |            |
+---------------+----------+--------------+-----------+----------+------------+
|               |          |              |Windowsand |          |Windows     |
|Acrobat DC     |Continuous|2019.010.20091|macOS      |2         |            |
|               |          |              |           |          |macOS       |
+---------------+----------+--------------+-----------+----------+------------+
|Acrobat Reader |          |              |Windowsand |          |Windows     |
|DC             |Continuous|2019.010.20091|macOS      |2         |            |
|               |          |              |           |          |macOS       |
+---------------+----------+--------------+-----------+----------+------------+
+---------------+----------+--------------+-----------+----------+------------+
|               |Classic   |              |Windowsand |          |Windows     |
|Acrobat 2017   |2017      |2017.011.30120|macOS      |2         |            |
|               |          |              |           |          |macOS       |
+---------------+----------+--------------+-----------+----------+------------+
|Acrobat Reader |Classic   |              |Windowsand |          |Windows     |
|DC 2017        |2017      |2017.011.30120|macOS      |2         |            |
|               |          |              |           |          |macOS       |
+---------------+----------+--------------+-----------+----------+------------+
+---------------+----------+--------------+-----------+----------+------------+
|               |Classic   |              |Windowsand |          |Windows     |
|Acrobat DC     |2015      |2015.006.30475|macOS      |2         |            |
|               |          |              |           |          |macOS       |
+---------------+----------+--------------+-----------+----------+------------+
|Acrobat Reader |Classic   |              |Windowsand |          |Windows     |
|DC             |2015      |2015.006.30475|macOS      |2         |            |
|               |          |              |           |          |macOS       |
+---------------+----------+--------------+-----------+----------+------------+

Vulnerability Details

+-------------------------+---------------------+---------+-------------------+
|  Vulnerability Category |Vulnerability Impact |Severity |    CVE Number     |
+-------------------------+---------------------+---------+-------------------+
|                         |Arbitrary Code       |         |CVE-2019-7020      |
|Buffer Errors            |Execution            |Critical |                   |
|                         |                     |         |CVE-2019-7085      |
+-------------------------+---------------------+---------+-------------------+
|Data leakage (sensitive) |Information          |Critical |CVE-2019-7089      |
|                         |Disclosure           |         |                   |
+-------------------------+---------------------+---------+-------------------+
|Double Free              |Arbitrary Code       |Critical |CVE-2019-7080      |
|                         |Execution            |         |                   |
+-------------------------+---------------------+---------+-------------------+
|Integer Overflow         |Information          |Critical |CVE-2019-7030      |
|                         |Disclosure           |         |                   |
+-------------------------+---------------------+---------+-------------------+
|                         |                     |         |CVE-2019-7021      |
|                         |                     |         |                   |
|                         |                     |         |CVE-2019-7022      |
|                         |                     |         |                   |
|                         |                     |         |CVE-2019-7023      |
|                         |                     |         |                   |
|                         |                     |         |CVE-2019-7024      |
|                         |                     |         |                   |
|                         |                     |         |CVE-2019-7028      |
|                         |                     |         |                   |
|                         |                     |         |CVE-2019-7032      |
|                         |                     |         |                   |
|                         |                     |         |CVE-2019-7033      |
|                         |                     |         |                   |
|                         |                     |         |CVE-2019-7034      |
|                         |                     |         |                   |
|                         |                     |         |CVE-2019-7035      |
|                         |                     |         |                   |
|                         |                     |         |CVE-2019-7036      |
|                         |                     |         |                   |
|                         |                     |         |CVE-2019-7038      |
|                         |                     |         |                   |
|                         |                     |         |CVE-2019-7045      |
|                         |                     |         |                   |
|                         |                     |         |CVE-2019-7047      |
|                         |                     |         |                   |
|                         |Information          |         |CVE-2019-7049      |
|Out-of-Bounds Read       |Disclosure           |Important|                   |
|                         |                     |         |CVE-2019-7053      |
|                         |                     |         |                   |
|                         |                     |         |CVE-2019-7055      |
|                         |                     |         |                   |
|                         |                     |         |CVE-2019-7056      |
|                         |                     |         |                   |
|                         |                     |         |CVE-2019-7057      |
|                         |                     |         |                   |
|                         |                     |         |CVE-2019-7058      |
|                         |                     |         |                   |
|                         |                     |         |CVE-2019-7059      |
|                         |                     |         |                   |
|                         |                     |         |CVE-2019-7063      |
|                         |                     |         |                   |
|                         |                     |         |CVE-2019-7064      |
|                         |                     |         |                   |
|                         |                     |         |CVE-2019-7065      |
|                         |                     |         |                   |
|                         |                     |         |CVE-2019-7067      |
|                         |                     |         |                   |
|                         |                     |         |CVE-2019-7071      |
|                         |                     |         |                   |
|                         |                     |         |CVE-2019-7073      |
|                         |                     |         |                   |
|                         |                     |         |CVE-2019-7074      |
|                         |                     |         |                   |
|                         |                     |         |CVE-2019-7081      |
+-------------------------+---------------------+---------+-------------------+
|                         |                     |         |CVE-2018-19725     |
|Security bypass          |Privilege Escalation |Critical |                   |
|                         |                     |         |CVE-2019-7041      |
+-------------------------+---------------------+---------+-------------------+
|                         |                     |         |CVE-2019-7019      |
|                         |                     |         |                   |
|                         |                     |         |CVE-2019-7027      |
|                         |                     |         |                   |
|                         |                     |         |CVE-2019-7037      |
|                         |Arbitrary Code       |         |                   |
|Out-of-Bounds Write      |Execution            |Critical |CVE-2019-7039      |
|                         |                     |         |                   |
|                         |                     |         |CVE-2019-7052      |
|                         |                     |         |                   |
|                         |                     |         |CVE-2019-7060      |
|                         |                     |         |                   |
|                         |                     |         |CVE-2019-7079      |
+-------------------------+---------------------+---------+-------------------+
|                         |                     |         |CVE-2019-7069      |
|                         |Arbitrary Code       |         |                   |
|Type Confusion           |Execution            |Critical |CVE-2019-7086      |
|                         |                     |         |                   |
|                         |                     |         |CVE-2019-7087      |
+-------------------------+---------------------+---------+-------------------+
|                         |                     |         |CVE-2019-7042      |
|                         |                     |         |                   |
|                         |                     |         |CVE-2019-7046      |
|                         |                     |         |                   |
|Untrusted Pointer        |Arbitrary Code       |         |CVE-2019-7051      |
|Dereference              |Execution            |Critical |                   |
|                         |                     |         |CVE-2019-7054      |
|                         |                     |         |                   |
|                         |                     |         |CVE-2019-7066      |
|                         |                     |         |                   |
|                         |                     |         |CVE-2019-7076      |
+-------------------------+---------------------+---------+-------------------+
|                         |                     |         |CVE-2019-7018      |
|                         |                     |         |                   |
|                         |                     |         |CVE-2019-7025      |
|                         |                     |         |                   |
|                         |                     |         |CVE-2019-7026      |
|                         |                     |         |                   |
|                         |                     |         |CVE-2019-7029      |
|                         |                     |         |                   |
|                         |                     |         |CVE-2019-7031      |
|                         |                     |         |                   |
|                         |                     |         |CVE-2019-7040      |
|                         |                     |         |                   |
|                         |                     |         |CVE-2019-7043      |
|                         |                     |         |                   |
|                         |                     |         |CVE-2019-7044      |
|                         |                     |         |                   |
|                         |                     |         |CVE-2019-7048      |
|                         |                     |         |                   |
|                         |Arbitrary Code       |         |CVE-2019-7050      |
|Use After Free           |Execution            |Critical |                   |
|                         |                     |         |CVE-2019-7062      |
|                         |                     |         |                   |
|                         |                     |         |CVE-2019-7068      |
|                         |                     |         |                   |
|                         |                     |         |CVE-2019-7070      |
|                         |                     |         |                   |
|                         |                     |         |CVE-2019-7072      |
|                         |                     |         |                   |
|                         |                     |         |CVE-2019-7075      |
|                         |                     |         |                   |
|                         |                     |         |CVE-2019-7077      |
|                         |                     |         |                   |
|                         |                     |         |CVE-2019-7078      |
|                         |                     |         |                   |
|                         |                     |         |CVE-2019-7082      |
|                         |                     |         |                   |
|                         |                     |         |CVE-2019-7083      |
|                         |                     |         |                   |
|                         |                     |         |CVE-2019-7084      |
+-------------------------+---------------------+---------+-------------------+

Acknowledgements

Adobe would like to thank the following individuals and organizations for
reporting the relevant issues and for working with Adobe to help protect our
customers:

  o Sebastian Apelt via Trend Micro's Zero Day Initiative (CVE-2019-7044,
    CVE-2019-7045, CVE-2019-7048)

  o Abdul-Aziz Hariri via Trend Micro Zero Day Initiative (CVE-2018-19725,
    CVE-2019-7041)

  o Linan Hao of Qihoo 360 Vulcan Team andZhenjieJia of Qihoo 360 Vulcan Team
    (CVE-2019-7018, CVE-2019-7019, CVE-2019-7020, CVE-2019-7021,CVE-2019-7022,
    CVE-2019-7023, CVE-2019-7024, CVE-2019-7029)

  o @j00sean working with iDefenseLabs (CVE-2019-7040)

  o 360Security (CVE-2019-7030)

  o Aleksandar Nikolic of CiscoTalos. (CVE-2019-7039)

  o Anonymous working with Trend Micro Zero Day Initiative (CVE-2019-7077)

  o Gal De Leon of Palo Alto Network(CVE-2019-7025)

  o Juan Pablo LopezYacubianworking with Trend Micro Zero Day Initiative
    (CVE-2019-7078)

  o kdotworking with Trend Micro's Zero Day Initiative (CVE-2019-7049)

  o KeLiu of Tencent Security Xuanwu Lab (CVE-2019-7033, CVE-2019-7034,
    CVE-2019-7035, CVE-2019-7036, CVE-2019-7037, CVE-2019-7038, CVE-2019-7047)

  o Mat Powell of Trend Micro Zero Day Initiative (CVE-2019-7071,
    CVE-2019-7072, CVE-2019-7073, CVE-2019-7074, CVE-2019-7075)

  o Yoav Alon &NetanelBen-Simon from Check Point Research(CVE-2019-7080,
    CVE-2019-7081)

  o Steven Seeleyvia Trend Micro's Zero Day Initiative(CVE-2019-7069,
    CVE-2019-7070)

  o T3rmin4t0r working with Trend Micro's Zero Day Initiative (CVE-2019-7042,
    CVE-2019-7043)

  o Steven Seeley (mr_me) of Source Incite working withiDefenseLabs
    (CVE-2019-7084, CVE-2019-7085, CVE-2019-7086, CVE-2019-7087)

  o TencentAtuinTeam (CVE-2019-7031, CVE-2019-7032)

  o Xu Peng andSuPuruiof TCA/SKLCS Institute of Software Chinese Academy of
    Sciences (CVE-2019-7076)

  o ZhenjieJia of Qihoo360 Vulcan Team (CVE-2019-7062, CVE-2019-7063,
    CVE-2019-7064, CVE-2019-7067)

  o Zhiyuan Wang from Chengdu Security Response Center of Qihoo 360 Technology
    Co. Ltd. working with Trend Micro Zero Day Initiative (CVE-2019-7079)

  o Bo Qu of Palo Alto Networks andHeigeofKnownsec404 Security Team
    (CVE-2019-7065, CVE-2019-7066, CVE-2019-7068)

  o Zhibin Zhang of Palo Alto Networks (CVE-2019-7026, CVE-2019-7027,
    CVE-2019-7028, CVE-2019-7082)

  o Qi Deng of Palo Alto Networks (CVE-2019-7046, CVE-2019-7050, CVE-2019-7051,
    CVE-2019-7083)

  o Hui Gao of Palo Alto Networks (CVE-2019-7052, CVE-2019-7053, CVE-2019-7054)

  o ZhaoyanXu of Palo Alto Networks (CVE-2019-7055, CVE-2019-7056,
    CVE-2019-7057)

  o ZhanglinHe of Palo Alto Networks (CVE-2019-7058, CVE-2019-7059,
    CVE-2019-7060)

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

        https://www.auscert.org.au/bulletins/

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQIVAwUBXGNzPGaOgq3Tt24GAQiIbxAAsw4jSTfVIQYq0JmjS1hVm0PdQqt4C9zt
aLf9/cWg9Fk5KNjMSTN7zdjeqLlSRzOlN+ngtZlGNhl6j2Z5UK+OIsDKAVJT07qm
Rizd1YfZ3OM+PtBzMopLWN5EOwJM05OnUbPg/uWIRlp9MWwexh3mJU62DmFVg0ro
sxyrlCS1KemjKKmEpf0AEJxwxO9AogrpvrdgDioNDMjQQbB1BHBxdzaT235GFIW+
SU1RAUoszjxUyaS3OWv1TWHT/qjglQeXLR0epw48NGcyJ1X1iCiD1BS30lGmPFzP
YJ2HNBnhdAz3KOiqENm6xF4uyFq4WCG+FNxzYC/oyGaAc2+v2gkso9h8u60r7EOV
I9Ft8dpf/wV09q+riDb+srJxsnNU+031z+G4VPwaARQxLQuePxVR/6RbtOi8XRlV
NYvlI/9R5qNPI06hPhECcriJ/Du2B5lSsgTMJfc41gmMQu3d+6Z9DXeaJKWt46Yb
2AMbrMzo+VZ2Gw4n5HcrsIgwfpAujvFci14UIvNr4D0MWpPNee1ssw5WBdcY2rm6
8y2aZyZUquJ0QktjHHErQPlsyRJQs3SaFS7BKuj3JvYe3jznuHZBfl65XJH0HBs5
R3dZjIMw2wYlZw7ptnyjRXoRu5U/UYDujF7vtVBy1OxdkjIZB0IskJ95uhoFlEJs
Co5/WFZTYSs=
=HV4n
-----END PGP SIGNATURE-----

« Back to bulletins