Vulnerability Description
Adobe InDesign versions 14.0.1 and below have an unsafe hyperlink processing vulnerability. Successful exploitation could lead to arbitrary code execution. Fixed in versions 13.1.1 and 14.0.2.
CVSS Score
CRITICAL
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Adobe | Indesign | <= 14.0.1 |
| Apple | Mac Os X | - |
| Microsoft | Windows | - |
References
- http://www.securityfocus.com/bid/107821Broken LinkThird Party AdvisoryVDB Entry
- https://helpx.adobe.com/security/products/indesign/apsb19-23.htmlPatchVendor Advisory
- http://www.securityfocus.com/bid/107821Broken LinkThird Party AdvisoryVDB Entry
- https://helpx.adobe.com/security/products/indesign/apsb19-23.htmlPatchVendor Advisory
FAQ
What is CVE-2019-7107?
CVE-2019-7107 is a vulnerability with a CVSS score of 9.8 (CRITICAL). Adobe InDesign versions 14.0.1 and below have an unsafe hyperlink processing vulnerability. Successful exploitation could lead to arbitrary code execution. Fixed in versions 13.1.1 and 14.0.2.
How severe is CVE-2019-7107?
CVE-2019-7107 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2019-7107?
Check the references section above for vendor advisories and patch information. Affected products include: Adobe Indesign, Apple Mac Os X, Microsoft Windows.