CVE-2019-7107

Adobe InDesign versions 14.0.1 and below have an unsafe hyperlink processing vulnerability. Successful exploitation could lead to arbitrary code execution. Fixed in versions 13.1.1 and 14.0.2.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
9.8 CRITICAL
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
adobeCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 90%
VendorProductVersion
adobeindesign
𝑥
≤ 14.0.1
𝑥
= Vulnerable software versions
References
http://www.securityfocus.com/bid/107821
https://helpx.adobe.com/security/products/indesign/apsb19-23.html
http://www.securityfocus.com/bid/107821
https://helpx.adobe.com/security/products/indesign/apsb19-23.html