Lucene search

K
cve[email protected]CVE-2015-6722
HistoryOct 14, 2015 - 11:59 p.m.

CVE-2015-6722

2015-10-1423:59:43
web.nvd.nist.gov
40
cve-2015-6722
adobe reader
acrobat
javascript
api
security vulnerability
bypass
windows
os x

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

AI Score

6.5

Confidence

Low

EPSS

0.017

Percentile

87.9%

The CBSharedReviewStatusDialog method in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to bypass JavaScript API execution restrictions via unspecified vectors, a different vulnerability than CVE-2015-6707, CVE-2015-6708, CVE-2015-6709, CVE-2015-6710, CVE-2015-6711, CVE-2015-6712, CVE-2015-6713, CVE-2015-6714, CVE-2015-6715, CVE-2015-6716, CVE-2015-6717, CVE-2015-6718, CVE-2015-6719, CVE-2015-6720, CVE-2015-6721, CVE-2015-6723, CVE-2015-6724, CVE-2015-6725, CVE-2015-7614, CVE-2015-7616, CVE-2015-7618, CVE-2015-7619, CVE-2015-7620, and CVE-2015-7623.

Affected configurations

NVD
Node
adobeacrobatRange10.010.1.15
OR
adobeacrobatRange11.0.011.0.12
OR
adobeacrobat_dcRange15.006.3006015.006.30094classic
OR
adobeacrobat_dcRange15.008.2008215.009.20069continuous
OR
adobeacrobat_readerRange10.010.1.15
OR
adobeacrobat_readerRange11.0.011.0.12
OR
adobeacrobat_reader_dcRange15.006.3006015.006.30094classic
OR
adobeacrobat_reader_dcRange15.008.2008215.009.20069continuous
AND
applemacosMatch-
OR
microsoftwindowsMatch-

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

AI Score

6.5

Confidence

Low

EPSS

0.017

Percentile

87.9%