10 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
9 High
AI Score
Confidence
High
0.031 Low
EPSS
Percentile
91.1%
Multiple serious vulnerabilities have been found in Adobe Acrobat and Reader. Malicious users can exploit these vulnerabilities to execute arbitrary code or obtain sensitive information.
Below is a complete list of vulnerabilities
Technical details
Vulnerability (1) can be triggered via launching print job on remote printer.
Vulnerability (3) can be triggered via using the Format action on unspecified fields.
Vulnerability (5) can be triggered via reading light object’s RGB data. This vulnerability leads to color objects information disclosure.
(6) related to ANSendForReview method.
Public exploits exist for this vulnerability.
Adobe-Acrobat-Reader-DC-Continuous
Adobe-Acrobat-Reader-DC-Classic
CVE-2015-5583 warning
CVE-2015-6697 high
CVE-2015-6687 critical
CVE-2015-5586 critical
CVE-2015-6686 high
CVE-2015-6712 high
CVE-2015-6719 high
CVE-2015-6685 high
CVE-2015-6684 critical
CVE-2015-7624 critical
CVE-2015-6698 high
CVE-2015-6705 critical
CVE-2015-6704 warning
CVE-2015-6707 high
CVE-2015-6706 critical
CVE-2015-6717 high
CVE-2015-6708 high
CVE-2015-6693 high
CVE-2015-6714 high
CVE-2015-6691 critical
CVE-2015-6690 high
CVE-2015-6689 high
CVE-2015-6688 high
CVE-2015-7623 high
CVE-2015-7622 critical
CVE-2015-6723 high
CVE-2015-6722 high
CVE-2015-6683 critical
CVE-2015-6715 high
CVE-2015-6721 high
CVE-2015-6695 high
CVE-2015-6720 high
CVE-2015-7619 high
CVE-2015-6716 high
CVE-2015-6718 high
CVE-2015-6710 high
CVE-2015-6709 high
CVE-2015-6725 high
CVE-2015-7616 high
CVE-2015-7617 high
CVE-2015-7618 high
CVE-2015-6699 warning
CVE-2015-6724 high
CVE-2015-6711 high
CVE-2015-7614 high
CVE-2015-7615 high
CVE-2015-6696 high
CVE-2015-6692 critical
CVE-2015-7620 high
CVE-2015-7621 high
CVE-2015-6702 warning
CVE-2015-6703 warning
CVE-2015-6700 critical
CVE-2015-6713 critical
CVE-2015-6694 high
CVE-2015-6701 warning
Update to the latest version
Arbitrary code execution. Exploitation of vulnerabilities with this impact can lead to executing by abuser any code or commands at vulnerable machine or process.
Obtain sensitive information. Exploitation of vulnerabilities with this impact can lead to capturing by abuser information, critical for user or system.
Denial of service. Exploitation of vulnerabilities with this impact can lead to loss of system availability or critical functional fault.
Security bypass. Exploitation of vulnerabilities with this impact can lead to performing actions restricted by current security settings.
Privilege escalation. Exploitation of vulnerabilities with this impact can lead to performing by abuser actions, which are normally disallowed for current role.
helpx.adobe.com/security/products/acrobat/apsb15-24.html
statistics.securelist.com/
threats.kaspersky.com/en/product/Adobe-Acrobat-DC-Classic/
threats.kaspersky.com/en/product/Adobe-Acrobat-DC-Continuous/
threats.kaspersky.com/en/product/Adobe-Acrobat-Reader-DC-Classic/
threats.kaspersky.com/en/product/Adobe-Acrobat-Reader-DC-Continuous/
threats.kaspersky.com/en/product/Adobe-Acrobat-X/
threats.kaspersky.com/en/product/Adobe-Acrobat-XI/
threats.kaspersky.com/en/product/Adobe-Reader-X/
threats.kaspersky.com/en/product/Adobe-Reader-XI/