Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cveAdobeCVE-2019-7960
HistoryNov 14, 2019 - 4:15 p.m.

CVE-2019-7960

2019-11-1416:15:15
CWE-427
adobe
web.nvd.nist.gov
42
adobe
animate
cc
versions
insecure
library
loading
vulnerability
dll hijacking
privilege escalation

CVSS2

4.4

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:M/Au:N/C:P/I:P/A:P

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

AI Score

7.4

Confidence

High

EPSS

0.001

Percentile

44.0%

JSON

Adobe Animate CC versions 19.2.1 and earlier have an insecure library loading (dll hijacking) vulnerability. Successful exploitation could lead to privilege escalation.

Affected configurations

Nvd
Vulners
Node
adobeanimate_ccRange<20.0
AND
applemacosMatch-
OR
microsoftwindowsMatch-
VendorProductVersionCPE
adobeanimate_cc*cpe:2.3:a:adobe:animate_cc:*:*:*:*:*:*:*:*
applemacos-cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*
microsoftwindows-cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*

CNA Affected

[
  {
    "product": "Adobe Animate CC",
    "vendor": "Adobe",
    "versions": [
      {
        "status": "affected",
        "version": "19.2.1 and earlier versions"
      }
    ]
  }
]

Related

nvd 1
symantec 1
cvelist 1
prion 1
adobe 1
openvas 1
threatpost 1
nvd
nvd
CVE-2019-7960
2019-11-14 16:15:15
symantec
symantec
Adobe Animate CVE-2019-7960 DLL Loading Local Privilege Escalation Vulnerability
2019-11-12 00:00:00
cvelist
cvelist
CVE-2019-7960
2019-11-14 15:05:47
prion
prion
Privilege escalation
2019-11-14 16:15:00
adobe
adobe
APSB19-34 Security update available for Adobe Animate CC
2019-11-12 00:00:00
openvas
openvas
Adobe Animate Privilege Escalation Vulnerability (APSB19-34) - Windows
2019-11-14 00:00:00
threatpost
threatpost
Adobe Patches Critical Bugs in Illustrator, Media Encoder
2019-11-12 18:10:18

CVSS2

4.4

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:M/Au:N/C:P/I:P/A:P

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

AI Score

7.4

Confidence

High

EPSS

0.001

Percentile

44.0%

JSON
Related for CVE-2019-7960
nvd1symantec1cvelist1prion1adobe1openvas1threatpost1