Adobe Security Bulletin
Security Updates Available for Adobe Bridge CC | APSB19-25
Bulletin ID Date Published Priority
APSB19-25 April 09, 2019 2


Adobe has released security updates for Adobe Bridge CC. These updates address critical findings that could result in remote code execution in the context of the current user.

Affected Versions

Product Version Platform
Adobe Bridge CC 9.0.2 Windows and macOS


Adobe categorizes these updates with the following priority ratings and recommends users update their installation to the latest version:

Product Version Platform Priority Availability
Adobe Bridge CC 9.0.3 Windows and macOS 2 Download Page

Vulnerability details

Vulnerability Category Vulnerability Impact Severity CVE Numbers
Heap Overflow Remote Code Execution Critical CVE-2019-7130
Out-of-Bounds Write Remote Code Execution Critical CVE-2019-7132
Out-of-Bounds Read Information Disclosure Important





Use After Free Information Disclosure Important CVE-2019-7136
Memory Corruption Information Disclosure Important CVE-2019-7137 


Adobe would like to thank the following individuals and organizations for reporting the relevant issues and for working with Adobe to help protect our customers:

  • Francis Provencher working with Trend Micro Zero Day Initiative (CVE-2019-7130, CVE-2019-7134, CVE-2019-7135, CVE-2019-7136, CVE-2019-7137, CVE-2019-7138)

  • Mat Powell of Trend Micro Zero Day Initiative (CVE-2019-7132, CVE-2019-7133)