Vulnerability Description
Flash Player Desktop Runtime versions 32.0.0.114 and earlier, Flash Player for Google Chrome versions 32.0.0.114 and earlier, and Flash Player for Microsoft Edge and Internet Explorer 11 versions 32.0.0.114 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Adobe | Flash Player Desktop Runtime | <= 32.0.0.114 |
| Apple | Macos | - |
| Chrome Os | - | |
| Linux | Linux Kernel | - |
| Microsoft | Windows | - |
| Adobe | Flash Player | <= 32.0.0.114 |
| Microsoft | Windows 10 | All versions |
| Microsoft | Windows 8.1 | All versions |
Related Weaknesses (CWE)
References
- https://helpx.adobe.com/security/products/flash-player/apsb19-06.htmlVendor Advisory
- https://helpx.adobe.com/security/products/flash-player/apsb19-06.htmlVendor Advisory
FAQ
What is CVE-2019-7090?
CVE-2019-7090 is a vulnerability with a CVSS score of 6.5 (MEDIUM). Flash Player Desktop Runtime versions 32.0.0.114 and earlier, Flash Player for Google Chrome versions 32.0.0.114 and earlier, and Flash Player for Microsoft Edge and Internet Explorer 11 versions 32.0...
How severe is CVE-2019-7090?
CVE-2019-7090 has been rated MEDIUM with a CVSS base score of 6.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2019-7090?
Check the references section above for vendor advisories and patch information. Affected products include: Adobe Flash Player Desktop Runtime, Apple Macos, Google Chrome Os, Linux Linux Kernel, Microsoft Windows.