8.4 High
AI Score
Confidence
Low
10 High
CVSS2
Access Vector
Access Complexity
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.873 High
EPSS
Percentile
98.6%
Multiple serious vulnerabilities have been found in Adobe Reader & Adobe Acrobat versions X and XI. Malicious users can exploit these vulnerabilities to execute arbitrary code, bypass a sandbox protection, cause a denial of service or obtain sensitive information.
Below is a complete list of vulnerabilities
Vectors related to unknown can be exploited to bypass a sandbox protection mechanism, execute arbitrary code or cause a denial of service via heap-based buffer overflow, use-after-free and double free.
Vectors related to JavaScript API can be exploited to obtain sensitive information via a specially designed PDF
Vectors related to unknown API calls can be exploited to execute arbitrary code via unmapped memory access.
Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.
CVE-2014-0511 critical
CVE-2014-0521 warning
CVE-2014-0526 critical
CVE-2014-0525 critical
CVE-2014-0529 critical
CVE-2014-0527 critical
CVE-2014-0528 critical
CVE-2014-0522 critical
CVE-2014-0512 critical
CVE-2014-0524 critical
CVE-2014-0523 critical
Update to latest version
Arbitrary code execution. Exploitation of vulnerabilities with this impact can lead to executing by abuser any code or commands at vulnerable machine or process.
Obtain sensitive information. Exploitation of vulnerabilities with this impact can lead to capturing by abuser information, critical for user or system.
Security bypass. Exploitation of vulnerabilities with this impact can lead to performing actions restricted by current security settings.
helpx.adobe.com/security/products/acrobat/apsb14-15.html
statistics.securelist.com/
threats.kaspersky.com/en/class/Exploit/
threats.kaspersky.com/en/product/Adobe-Acrobat-X/
threats.kaspersky.com/en/product/Adobe-Acrobat-XI/
threats.kaspersky.com/en/product/Adobe-Acrobat/
threats.kaspersky.com/en/product/Adobe-Reader/