CVE-2019-8024

CRITICAL

Adobe Acrobat and Reader DC < 15.006.30499 and 15.008.20082-19.012.20036 - Use-After-Free

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2019-8024. PoCs published by Google Security Research.

AI-analyzed exploit summary This is a crash analysis writeup for CVE-2019-8024, detailing an access violation in Adobe Acrobat Reader DC when processing a malformed PDF. The analysis includes register states, stack traces, and heap information, but does not contain executable exploit code.

Description

Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution .

Exploits (1)

exploitdb WRITEUP VERIFIED
by Google Security Research · textdoswindows
https://www.exploit-db.com/exploits/47271

This is a crash analysis writeup for CVE-2019-8024, detailing an access violation in Adobe Acrobat Reader DC when processing a malformed PDF. The analysis includes register states, stack traces, and heap information, but does not contain executable exploit code.

Classification
Writeup 90%
Attack Type
Dos
Complexity
Moderate
Reliability
Theoretical
Target: Adobe Acrobat Reader DC (latest version at time of CVE)
No auth needed
Prerequisites: Malformed PDF file
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (1)

Core 1
Core References
Patch, Vendor Advisory x_refsource_confirm
https://helpx.adobe.com/security/products/acrobat/apsb19-41.html

Scores

CVSS v3 9.8
EPSS 0.1512
EPSS Percentile 96.3%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-416
Status published
Products (4)
adobe/acrobat_dc 15.006.30060 - 15.006.30499
adobe/acrobat_dc 15.008.20082 - 19.012.20036
adobe/acrobat_reader_dc 15.006.30060 - 15.006.30499
adobe/acrobat_reader_dc 15.008.20082 - 19.012.20036
Published Aug 20, 2019
Tracked Since Feb 18, 2026