CVE-2019-7107

Published: May 23, 2019Modified: Jun 17, 2026

9.8

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Exploitability: 3.9 / Impact: 5.9

Source: NVD

Description

Adobe InDesign versions 14.0.1 and below have an unsafe hyperlink processing vulnerability. Successful exploitation could lead to arbitrary code execution. Fixed in versions 13.1.1 and 14.0.2.

Affected (1)

Products: Adobe: Indesign

Adobe

1 product

Indesign

Configuration A

1 vulnerable · 2 platform

Vulnerable Software	Affected Versions
Adobe Indesign	Up to 14.0.1

Running on/with	Platform Versions
Apple Mac Os X	All versions
Microsoft Windows	All versions

References (4)

http://www.securityfocus.com/bid/107821

Source: psirt@adobe.com

Broken LinkThird Party AdvisoryVDB Entry

https://helpx.adobe.com/security/products/indesign/apsb19-23.html

Source: psirt@adobe.com

PatchVendor Advisory

http://www.securityfocus.com/bid/107821

Source: af854a3a-2127-422b-91ae-364da2661108

Broken LinkThird Party AdvisoryVDB Entry

https://helpx.adobe.com/security/products/indesign/apsb19-23.html

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

Timeline

No history available yet.