CVE-2019-7961 : Adobe Prelude CC versions 8.1 and earlier have an insecure library loading (dll hijacking) vulnerability. Successful exp

Adobe Prelude CC versions 8.1 and earlier have an insecure library loading (dll hijacking) vulnerability. Successful exploitation could lead to arbitrary code execution.

Published 2019-08-14 15:15:13

Updated 2021-07-21 11:39:24

Source Adobe Systems Incorporated

View at NVD, CVE.org

Exploit prediction scoring system (EPSS) score for CVE-2019-7961

Probability of exploitation activity in the next 30 days: 0.14%

Percentile, the proportion of vulnerabilities that are scored at or less: ~ 50 % EPSS Score History EPSS FAQ

CVSS scores for CVE-2019-7961

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
6.8	MEDIUM	AV:N/AC:M/Au:N/C:P/I:P/A:P	8.6	6.4	NIST
Access Vector: Network Access Complexity: Medium Authentication: None Confidentiality Impact: Partial Integrity Impact: Partial Availability Impact: Partial
7.8	HIGH	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H	1.8	5.9	NIST
Attack Vector: Local Attack Complexity: Low Privileges Required: None User Interaction: Required Scope: Unchanged Confidentiality: High Integrity: High Availability: High

CWE ids for CVE-2019-7961

CWE-427 Uncontrolled Search Path Element

The product uses a fixed or controlled search path to find resources, but one or more locations in that path can be under the control of unintended actors.

Assigned by: nvd@nist.gov (Primary)

References for CVE-2019-7961

https://helpx.adobe.com/security/products/prelude/apsb19-35.html

Adobe Security Bulletin
Vendor Advisory

Products affected by CVE-2019-7961

Adobe » Prelude Cc
Versions up to, including, (<=) 8.1
cpe:2.3:a:adobe:prelude_cc:*:*:*:*:*:*:*:*
Matching versions

Vulnerability Details : CVE-2019-7961

Exploit prediction scoring system (EPSS) score for CVE-2019-7961

CVSS scores for CVE-2019-7961

CWE ids for CVE-2019-7961

References for CVE-2019-7961

Products affected by CVE-2019-7961