Description
Multiple serious vulnerabilities have been found in Adobe Acrobat and Reader. Malicious users can exploit these vulnerabilities to execute arbitrary code or obtain sensitive information.
Below is a complete list of vulnerabilities
- An unknown vulnerability can be exploited via specially designed print job to obtain sensitive information;
- Use-after-free vulnerability can be exploited to execute arbitrary code;
- An unknown vulnerability can be exploited via Format action to cause denial of service;
- Buffer overflow can be exploited to obtain sensitive information or execute arbitrary code;
- An unknown vulnerability can be exploited via data reading to obtain sensitive information;
- An unknown vulnerability related to JavaScript API can be exploited to bypass security restrictions.
Technical details
Vulnerability (1) can be triggered via launching print job on remote printer.
Vulnerability (3) can be triggered via using the Format action on unspecified fields.
Vulnerability (5) can be triggered via reading light object’s RGB data. This vulnerability leads to color objects information disclosure.
(6) related to ANSendForReview method.
Original advisories
Exploitation
Public exploits exist for this vulnerability.
Related products
- Adobe-Reader-X
- Adobe-Acrobat-X
- Adobe-Reader-XI
- Adobe-Acrobat-XI
- Adobe-Acrobat-Reader-DC-Continuous
- Adobe-Acrobat-Reader-DC-Classic
- Adobe-Acrobat-DC-Continuous
- Adobe-Acrobat-DC-Classic
CVE list
- CVE-2015-5583 warning
- CVE-2015-6697 high
- CVE-2015-6687 critical
- CVE-2015-5586 critical
- CVE-2015-6686 high
- CVE-2015-6712 high
- CVE-2015-6719 high
- CVE-2015-6685 high
- CVE-2015-6684 critical
- CVE-2015-7624 warning
- CVE-2015-6698 high
- CVE-2015-6705 warning
- CVE-2015-6704 warning
- CVE-2015-6707 high
- CVE-2015-6706 warning
- CVE-2015-6717 high
- CVE-2015-6708 high
- CVE-2015-6693 high
- CVE-2015-6714 high
- CVE-2015-6691 critical
- CVE-2015-6690 high
- CVE-2015-6689 high
- CVE-2015-6688 high
- CVE-2015-7623 high
- CVE-2015-7622 critical
- CVE-2015-6723 high
- CVE-2015-6722 high
- CVE-2015-6683 critical
- CVE-2015-6715 high
- CVE-2015-6721 high
- CVE-2015-6695 high
- CVE-2015-6720 high
- CVE-2015-7619 high
- CVE-2015-6716 high
- CVE-2015-6718 high
- CVE-2015-6710 high
- CVE-2015-6709 high
- CVE-2015-6725 high
- CVE-2015-7616 high
- CVE-2015-7617 high
- CVE-2015-7618 high
- CVE-2015-6699 warning
- CVE-2015-6724 high
- CVE-2015-6711 high
- CVE-2015-7614 high
- CVE-2015-7615 high
- CVE-2015-6696 high
- CVE-2015-6692 warning
- CVE-2015-7620 high
- CVE-2015-7621 high
- CVE-2015-6702 warning
- CVE-2015-6703 warning
- CVE-2015-6700 warning
- CVE-2015-6713 high
- CVE-2015-6694 high
- CVE-2015-6701 warning
Read more
Find out the statistics of the vulnerabilities spreading in your region on statistics.securelist.com