CVE-2019-7090

6.5MEDIUM

Key Information:

Vendor: Adobe
Status: Flash Player Desktop Runtime; Flash Player For Google Chrome; Flash Player For Microsoft Edge And Internet Explorer 11
Vendor: CVE Published:; 24 May 2019

Summary

Flash Player Desktop Runtime versions 32.0.0.114 and earlier, Flash Player for Google Chrome versions 32.0.0.114 and earlier, and Flash Player for Microsoft Edge and Internet Explorer 11 versions 32.0.0.114 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.

Affected Version(s)

Flash Player Desktop Runtime 32.0.0.114 and earlier

Flash Player for Google Chrome 32.0.0.114 and earlier

Flash Player for Microsoft Edge and Internet Explorer 11 32.0.0.114 and earlier

References

https://helpx.adobe.com/security/products/flash-player/ap...

x_refsource_CONFIRM

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
May 24, 2019
Vulnerability Reserved
Jan 28, 2019