Adobe released a second patch to address the CVE 2019-7089 flaw in Adobe Reader after an expert found the way to bypass the first fix.
Adobe on Thursday released a second patch to address a critical information disclosure vulnerability in Adobe reader, tracked as CVE 2019-7089, after the expert who initially discovered the flaw devised a method to bypass the first fix.
The vulnerability was discovered by Alex Inführ from Cure53, the expert discovered that the flaw could be exploited by using a specially crafted PDF document to send SMB requests to the attacker’s server when the file is opened.
The expert explained that the flaw is similar to the CVE-2018-4993 (aka “BadPDF“) that fixed by Adobe in November. The flaw allowed to trigger a callback to an attacker-controlled SMB server and leak the users NTMLv2 hash.
Inführ tested the PoC on Adobe Acrobat Reader DC 19.010.20069 running on Windows OS.
The February 2019 Patch Tuesday updates addressed the vulnerability, but Infuhr immediately discovered that it could be bypassed.
News of the day is that Adobe released a second patch for the flaw in Adobe Reader and assigned it a new CVE identifier, CVE-2019-7815.
“Adobe has released security updates for Adobe Acrobat and Reader for Windows and macOS. These updates address a reported bypass to the fix for CVE-2019-7089 first introduced in 2019.010.20091, 2017.011.30120 and 2015.006.30475 and released on February 12, 2019.” reads the security advisory.
“Successful exploitation could lead to sensitive information disclosure in the context of the current user. ”
Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer.
Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US.
Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines.
Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.