cvelistv5 - cve-2015-7618

CVE-2015-7618 (GCVE-0-2015-7618)

Vulnerability from cvelistv5 – Published: 2015-10-14 23:00 – Updated: 2024-08-06 07:51

Summary

Severity ?

No CVSS data available.

CWE

Assigner

adobe

References

URL

Tags

	https://helpx.adobe.com/security/products/acrobat…	x_refsource_CONFIRM
	http://www.securitytracker.com/id/1033796	vdb-entryx_refsource_SECTRACK
	http://www.zerodayinitiative.com/advisories/ZDI-15-498	x_refsource_MISC

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T07:51:28.632Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html"
          },
          {
            "name": "1033796",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1033796"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.zerodayinitiative.com/advisories/ZDI-15-498"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2015-10-13T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The CBAutoConfigCommentRepository method in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to bypass JavaScript API execution restrictions via unspecified vectors, a different vulnerability than CVE-2015-6707, CVE-2015-6708, CVE-2015-6709, CVE-2015-6710, CVE-2015-6711, CVE-2015-6712, CVE-2015-6713, CVE-2015-6714, CVE-2015-6715, CVE-2015-6716, CVE-2015-6717, CVE-2015-6718, CVE-2015-6719, CVE-2015-6720, CVE-2015-6721, CVE-2015-6722, CVE-2015-6723, CVE-2015-6724, CVE-2015-6725, CVE-2015-7614, CVE-2015-7616, CVE-2015-7619, CVE-2015-7620, and CVE-2015-7623."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2016-12-06T18:57:01",
        "orgId": "078d4453-3bcd-4900-85e6-15281da43538",
        "shortName": "adobe"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html"
        },
        {
          "name": "1033796",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1033796"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.zerodayinitiative.com/advisories/ZDI-15-498"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@adobe.com",
          "ID": "CVE-2015-7618",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The CBAutoConfigCommentRepository method in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to bypass JavaScript API execution restrictions via unspecified vectors, a different vulnerability than CVE-2015-6707, CVE-2015-6708, CVE-2015-6709, CVE-2015-6710, CVE-2015-6711, CVE-2015-6712, CVE-2015-6713, CVE-2015-6714, CVE-2015-6715, CVE-2015-6716, CVE-2015-6717, CVE-2015-6718, CVE-2015-6719, CVE-2015-6720, CVE-2015-6721, CVE-2015-6722, CVE-2015-6723, CVE-2015-6724, CVE-2015-6725, CVE-2015-7614, CVE-2015-7616, CVE-2015-7619, CVE-2015-7620, and CVE-2015-7623."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html",
              "refsource": "CONFIRM",
              "url": "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html"
            },
            {
              "name": "1033796",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1033796"
            },
            {
              "name": "http://www.zerodayinitiative.com/advisories/ZDI-15-498",
              "refsource": "MISC",
              "url": "http://www.zerodayinitiative.com/advisories/ZDI-15-498"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
    "assignerShortName": "adobe",
    "cveId": "CVE-2015-7618",
    "datePublished": "2015-10-14T23:00:00",
    "dateReserved": "2015-10-01T00:00:00",
    "dateUpdated": "2024-08-06T07:51:28.632Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"10.0\", \"versionEndIncluding\": \"10.1.15\", \"matchCriteriaId\": \"51326A26-C718-4D3A-B43B-00D32D0AF530\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"11.0.0\", \"versionEndIncluding\": \"11.0.12\", \"matchCriteriaId\": \"B79BB301-C637-441A-AB91-DF59FE90C4F7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*\", \"versionStartIncluding\": \"15.006.30060\", \"versionEndExcluding\": \"15.006.30094\", \"matchCriteriaId\": \"8A0D144B-74E2-44FF-9910-47092166D809\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*\", \"versionStartIncluding\": \"15.008.20082\", \"versionEndExcluding\": \"15.009.20069\", \"matchCriteriaId\": \"40FAFBDF-582F-47A3-846E-C9404B035DFD\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:adobe:acrobat_reader:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"10.0\", \"versionEndIncluding\": \"10.1.15\", \"matchCriteriaId\": \"A7815802-4A3C-486D-9DEA-9B016E6BC7F5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:adobe:acrobat_reader:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"11.0.0\", \"versionEndIncluding\": \"11.0.12\", \"matchCriteriaId\": \"E461CC16-7FDB-4A0A-96BF-315485266832\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*\", \"versionStartIncluding\": \"15.006.30060\", \"versionEndExcluding\": \"15.006.30094\", \"matchCriteriaId\": \"782E2B5E-1BDF-42ED-9B41-C58EFB0E6231\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*\", \"versionStartIncluding\": \"15.008.20082\", \"versionEndExcluding\": \"15.009.20069\", \"matchCriteriaId\": \"AFDEB9E8-1AF3-4510-A2CB-AA2ED9AA1D30\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"387021A0-AF36-463C-A605-32EA7DAC172E\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A2572D17-1DE6-457B-99CC-64AFD54487EA\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"The CBAutoConfigCommentRepository method in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to bypass JavaScript API execution restrictions via unspecified vectors, a different vulnerability than CVE-2015-6707, CVE-2015-6708, CVE-2015-6709, CVE-2015-6710, CVE-2015-6711, CVE-2015-6712, CVE-2015-6713, CVE-2015-6714, CVE-2015-6715, CVE-2015-6716, CVE-2015-6717, CVE-2015-6718, CVE-2015-6719, CVE-2015-6720, CVE-2015-6721, CVE-2015-6722, CVE-2015-6723, CVE-2015-6724, CVE-2015-6725, CVE-2015-7614, CVE-2015-7616, CVE-2015-7619, CVE-2015-7620, and CVE-2015-7623.\"}, {\"lang\": \"es\", \"value\": \"El m\\u00e9todo CBAutoConfigCommentRepository en Adobe Reader y Acrobat 10.x en versiones anteriores a 10.1.16 y 11.x en versiones anteriores a 11.0.13, Acrobat y Acrobat Reader DC Classic en versiones anteriores a 2015.006.30094 y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 2015.009.20069 en Windows y OS X permite a atacantes eludir las restricciones de ejecuci\\u00f3n de la API JavaScript a trav\\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2015-6707, CVE-2015-6708, CVE-2015-6709, CVE-2015-6710, CVE-2015-6711, CVE-2015-6712, CVE-2015-6713, CVE-2015-6714, CVE-2015-6715, CVE-2015-6716, CVE-2015-6717, CVE-2015-6718, CVE-2015-6719, CVE-2015-6720, CVE-2015-6721, CVE-2015-6722, CVE-2015-6723, CVE-2015-6724, CVE-2015-6725, CVE-2015-7614, CVE-2015-7616, CVE-2015-7619, CVE-2015-7620 y CVE-2015-7623.\"}]",
      "id": "CVE-2015-7618",
      "lastModified": "2024-11-21T02:37:04.343",
      "metrics": "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:M/Au:N/C:P/I:P/A:P\", \"baseScore\": 6.8, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"MEDIUM\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 8.6, \"impactScore\": 6.4, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": true}]}",
      "published": "2015-10-14T23:59:51.980",
      "references": "[{\"url\": \"http://www.securitytracker.com/id/1033796\", \"source\": \"psirt@adobe.com\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.zerodayinitiative.com/advisories/ZDI-15-498\", \"source\": \"psirt@adobe.com\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://helpx.adobe.com/security/products/acrobat/apsb15-24.html\", \"source\": \"psirt@adobe.com\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"http://www.securitytracker.com/id/1033796\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.zerodayinitiative.com/advisories/ZDI-15-498\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://helpx.adobe.com/security/products/acrobat/apsb15-24.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}]",
      "sourceIdentifier": "psirt@adobe.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-416\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2015-7618\",\"sourceIdentifier\":\"psirt@adobe.com\",\"published\":\"2015-10-14T23:59:51.980\",\"lastModified\":\"2025-04-12T10:46:40.837\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The CBAutoConfigCommentRepository method in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to bypass JavaScript API execution restrictions via unspecified vectors, a different vulnerability than CVE-2015-6707, CVE-2015-6708, CVE-2015-6709, CVE-2015-6710, CVE-2015-6711, CVE-2015-6712, CVE-2015-6713, CVE-2015-6714, CVE-2015-6715, CVE-2015-6716, CVE-2015-6717, CVE-2015-6718, CVE-2015-6719, CVE-2015-6720, CVE-2015-6721, CVE-2015-6722, CVE-2015-6723, CVE-2015-6724, CVE-2015-6725, CVE-2015-7614, CVE-2015-7616, CVE-2015-7619, CVE-2015-7620, and CVE-2015-7623.\"},{\"lang\":\"es\",\"value\":\"El m\u00e9todo CBAutoConfigCommentRepository en Adobe Reader y Acrobat 10.x en versiones anteriores a 10.1.16 y 11.x en versiones anteriores a 11.0.13, Acrobat y Acrobat Reader DC Classic en versiones anteriores a 2015.006.30094 y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 2015.009.20069 en Windows y OS X permite a atacantes eludir las restricciones de ejecuci\u00f3n de la API JavaScript a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2015-6707, CVE-2015-6708, CVE-2015-6709, CVE-2015-6710, CVE-2015-6711, CVE-2015-6712, CVE-2015-6713, CVE-2015-6714, CVE-2015-6715, CVE-2015-6716, CVE-2015-6717, CVE-2015-6718, CVE-2015-6719, CVE-2015-6720, CVE-2015-6721, CVE-2015-6722, CVE-2015-6723, CVE-2015-6724, CVE-2015-6725, CVE-2015-7614, CVE-2015-7616, CVE-2015-7619, CVE-2015-7620 y CVE-2015-7623.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:P/I:P/A:P\",\"baseScore\":6.8,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.6,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-416\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"10.0\",\"versionEndIncluding\":\"10.1.15\",\"matchCriteriaId\":\"51326A26-C718-4D3A-B43B-00D32D0AF530\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"11.0.0\",\"versionEndIncluding\":\"11.0.12\",\"matchCriteriaId\":\"B79BB301-C637-441A-AB91-DF59FE90C4F7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*\",\"versionStartIncluding\":\"15.006.30060\",\"versionEndExcluding\":\"15.006.30094\",\"matchCriteriaId\":\"8A0D144B-74E2-44FF-9910-47092166D809\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*\",\"versionStartIncluding\":\"15.008.20082\",\"versionEndExcluding\":\"15.009.20069\",\"matchCriteriaId\":\"40FAFBDF-582F-47A3-846E-C9404B035DFD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat_reader:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"10.0\",\"versionEndIncluding\":\"10.1.15\",\"matchCriteriaId\":\"A7815802-4A3C-486D-9DEA-9B016E6BC7F5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat_reader:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"11.0.0\",\"versionEndIncluding\":\"11.0.12\",\"matchCriteriaId\":\"E461CC16-7FDB-4A0A-96BF-315485266832\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*\",\"versionStartIncluding\":\"15.006.30060\",\"versionEndExcluding\":\"15.006.30094\",\"matchCriteriaId\":\"782E2B5E-1BDF-42ED-9B41-C58EFB0E6231\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*\",\"versionStartIncluding\":\"15.008.20082\",\"versionEndExcluding\":\"15.009.20069\",\"matchCriteriaId\":\"AFDEB9E8-1AF3-4510-A2CB-AA2ED9AA1D30\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"387021A0-AF36-463C-A605-32EA7DAC172E\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A2572D17-1DE6-457B-99CC-64AFD54487EA\"}]}]}],\"references\":[{\"url\":\"http://www.securitytracker.com/id/1033796\",\"source\":\"psirt@adobe.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.zerodayinitiative.com/advisories/ZDI-15-498\",\"source\":\"psirt@adobe.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://helpx.adobe.com/security/products/acrobat/apsb15-24.html\",\"source\":\"psirt@adobe.com\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://www.securitytracker.com/id/1033796\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.zerodayinitiative.com/advisories/ZDI-15-498\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://helpx.adobe.com/security/products/acrobat/apsb15-24.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]}]}}"
  }
}

FKIE_CVE-2015-7618

Vulnerability from fkie_nvd - Published: 2015-10-14 23:59 - Updated: 2025-04-12 10:46

Severity ?

Summary

References

URL	Tags
psirt@adobe.com	http://www.securitytracker.com/id/1033796	Third Party Advisory, VDB Entry
psirt@adobe.com	http://www.zerodayinitiative.com/advisories/ZDI-15-498	Third Party Advisory, VDB Entry
psirt@adobe.com	https://helpx.adobe.com/security/products/acrobat/apsb15-24.html	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id/1033796	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://www.zerodayinitiative.com/advisories/ZDI-15-498	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://helpx.adobe.com/security/products/acrobat/apsb15-24.html	Patch, Vendor Advisory

Impacted products

Vendor	Product	Version
adobe	acrobat	*
adobe	acrobat	*
adobe	acrobat_dc	*
adobe	acrobat_dc	*
adobe	acrobat_reader	*
adobe	acrobat_reader	*
adobe	acrobat_reader_dc	*
adobe	acrobat_reader_dc	*
apple	macos	-
microsoft	windows	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "51326A26-C718-4D3A-B43B-00D32D0AF530",
              "versionEndIncluding": "10.1.15",
              "versionStartIncluding": "10.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B79BB301-C637-441A-AB91-DF59FE90C4F7",
              "versionEndIncluding": "11.0.12",
              "versionStartIncluding": "11.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
              "matchCriteriaId": "8A0D144B-74E2-44FF-9910-47092166D809",
              "versionEndExcluding": "15.006.30094",
              "versionStartIncluding": "15.006.30060",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
              "matchCriteriaId": "40FAFBDF-582F-47A3-846E-C9404B035DFD",
              "versionEndExcluding": "15.009.20069",
              "versionStartIncluding": "15.008.20082",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:acrobat_reader:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A7815802-4A3C-486D-9DEA-9B016E6BC7F5",
              "versionEndIncluding": "10.1.15",
              "versionStartIncluding": "10.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:acrobat_reader:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E461CC16-7FDB-4A0A-96BF-315485266832",
              "versionEndIncluding": "11.0.12",
              "versionStartIncluding": "11.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
              "matchCriteriaId": "782E2B5E-1BDF-42ED-9B41-C58EFB0E6231",
              "versionEndExcluding": "15.006.30094",
              "versionStartIncluding": "15.006.30060",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
              "matchCriteriaId": "AFDEB9E8-1AF3-4510-A2CB-AA2ED9AA1D30",
              "versionEndExcluding": "15.009.20069",
              "versionStartIncluding": "15.008.20082",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The CBAutoConfigCommentRepository method in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to bypass JavaScript API execution restrictions via unspecified vectors, a different vulnerability than CVE-2015-6707, CVE-2015-6708, CVE-2015-6709, CVE-2015-6710, CVE-2015-6711, CVE-2015-6712, CVE-2015-6713, CVE-2015-6714, CVE-2015-6715, CVE-2015-6716, CVE-2015-6717, CVE-2015-6718, CVE-2015-6719, CVE-2015-6720, CVE-2015-6721, CVE-2015-6722, CVE-2015-6723, CVE-2015-6724, CVE-2015-6725, CVE-2015-7614, CVE-2015-7616, CVE-2015-7619, CVE-2015-7620, and CVE-2015-7623."
    },
    {
      "lang": "es",
      "value": "El m\u00e9todo CBAutoConfigCommentRepository en Adobe Reader y Acrobat 10.x en versiones anteriores a 10.1.16 y 11.x en versiones anteriores a 11.0.13, Acrobat y Acrobat Reader DC Classic en versiones anteriores a 2015.006.30094 y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 2015.009.20069 en Windows y OS X permite a atacantes eludir las restricciones de ejecuci\u00f3n de la API JavaScript a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2015-6707, CVE-2015-6708, CVE-2015-6709, CVE-2015-6710, CVE-2015-6711, CVE-2015-6712, CVE-2015-6713, CVE-2015-6714, CVE-2015-6715, CVE-2015-6716, CVE-2015-6717, CVE-2015-6718, CVE-2015-6719, CVE-2015-6720, CVE-2015-6721, CVE-2015-6722, CVE-2015-6723, CVE-2015-6724, CVE-2015-6725, CVE-2015-7614, CVE-2015-7616, CVE-2015-7619, CVE-2015-7620 y CVE-2015-7623."
    }
  ],
  "id": "CVE-2015-7618",
  "lastModified": "2025-04-12T10:46:40.837",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 6.8,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2015-10-14T23:59:51.980",
  "references": [
    {
      "source": "psirt@adobe.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1033796"
    },
    {
      "source": "psirt@adobe.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.zerodayinitiative.com/advisories/ZDI-15-498"
    },
    {
      "source": "psirt@adobe.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1033796"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.zerodayinitiative.com/advisories/ZDI-15-498"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html"
    }
  ],
  "sourceIdentifier": "psirt@adobe.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-416"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

CERTFR-2015-AVI-427

Vulnerability from certfr_avis - Published: - Updated:

De multiples vulnérabilités ont été corrigées dans Adobe Acrobat Reader. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une exécution de code arbitraire et un contournement de la politique de sécurité.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Adobe	Acrobat Reader	Acrobat DC (Classic) jusqu'à la version 2015.006.30060
Adobe	Acrobat Reader	Acrobat Reader DC (Classic) jusqu'à la version 2015.006.30060
Adobe	Acrobat Reader	Acrobat X jusqu'à la version 10.1.15
Adobe	Acrobat Reader	Acrobat DC (Continuous) jusqu'à la version 2015.008.20082
Adobe	Acrobat Reader	Acrobat XI jusqu'à la version 11.0.12
Adobe	Acrobat Reader	Reader XI jusqu'à la version 11.0.12
Adobe	Acrobat Reader	Reader X jusqu'à la version 10.1.15
Adobe	Acrobat Reader	Acrobat Reader DC (Continuous) jusqu'à la version 2015.008.20082

References

Title

Publication Time

Tags

Bulletin de sécurité Adobe APSB15-24 du 13 octobre 2015

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Acrobat DC (Classic) jusqu\u0027\u00e0 la version 2015.006.30060",
      "product": {
        "name": "Acrobat Reader",
        "vendor": {
          "name": "Adobe",
          "scada": false
        }
      }
    },
    {
      "description": "Acrobat Reader DC (Classic) jusqu\u0027\u00e0 la version 2015.006.30060",
      "product": {
        "name": "Acrobat Reader",
        "vendor": {
          "name": "Adobe",
          "scada": false
        }
      }
    },
    {
      "description": "Acrobat X jusqu\u0027\u00e0 la version 10.1.15",
      "product": {
        "name": "Acrobat Reader",
        "vendor": {
          "name": "Adobe",
          "scada": false
        }
      }
    },
    {
      "description": "Acrobat DC (Continuous) jusqu\u0027\u00e0 la version 2015.008.20082",
      "product": {
        "name": "Acrobat Reader",
        "vendor": {
          "name": "Adobe",
          "scada": false
        }
      }
    },
    {
      "description": "Acrobat XI jusqu\u0027\u00e0 la version 11.0.12",
      "product": {
        "name": "Acrobat Reader",
        "vendor": {
          "name": "Adobe",
          "scada": false
        }
      }
    },
    {
      "description": "Reader XI jusqu\u0027\u00e0 la version 11.0.12",
      "product": {
        "name": "Acrobat Reader",
        "vendor": {
          "name": "Adobe",
          "scada": false
        }
      }
    },
    {
      "description": "Reader X jusqu\u0027\u00e0 la version 10.1.15",
      "product": {
        "name": "Acrobat Reader",
        "vendor": {
          "name": "Adobe",
          "scada": false
        }
      }
    },
    {
      "description": "Acrobat Reader DC (Continuous) jusqu\u0027\u00e0 la version 2015.008.20082",
      "product": {
        "name": "Acrobat Reader",
        "vendor": {
          "name": "Adobe",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2015-6690",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-6690"
    },
    {
      "name": "CVE-2015-6695",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-6695"
    },
    {
      "name": "CVE-2015-6708",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-6708"
    },
    {
      "name": "CVE-2015-6688",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-6688"
    },
    {
      "name": "CVE-2015-6704",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-6704"
    },
    {
      "name": "CVE-2015-6720",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-6720"
    },
    {
      "name": "CVE-2015-7619",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-7619"
    },
    {
      "name": "CVE-2015-6706",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-6706"
    },
    {
      "name": "CVE-2015-7616",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-7616"
    },
    {
      "name": "CVE-2015-6717",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-6717"
    },
    {
      "name": "CVE-2015-6703",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-6703"
    },
    {
      "name": "CVE-2015-6718",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-6718"
    },
    {
      "name": "CVE-2015-7615",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-7615"
    },
    {
      "name": "CVE-2015-6710",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-6710"
    },
    {
      "name": "CVE-2015-6701",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-6701"
    },
    {
      "name": "CVE-2015-6698",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-6698"
    },
    {
      "name": "CVE-2015-6719",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-6719"
    },
    {
      "name": "CVE-2015-7620",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-7620"
    },
    {
      "name": "CVE-2015-6683",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-6683"
    },
    {
      "name": "CVE-2015-5583",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-5583"
    },
    {
      "name": "CVE-2015-6694",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-6694"
    },
    {
      "name": "CVE-2015-6721",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-6721"
    },
    {
      "name": "CVE-2015-6714",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-6714"
    },
    {
      "name": "CVE-2015-6709",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-6709"
    },
    {
      "name": "CVE-2015-7621",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-7621"
    },
    {
      "name": "CVE-2015-6705",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-6705"
    },
    {
      "name": "CVE-2015-7622",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-7622"
    },
    {
      "name": "CVE-2015-6700",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-6700"
    },
    {
      "name": "CVE-2015-6725",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-6725"
    },
    {
      "name": "CVE-2015-6691",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-6691"
    },
    {
      "name": "CVE-2015-6707",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-6707"
    },
    {
      "name": "CVE-2015-6686",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-6686"
    },
    {
      "name": "CVE-2015-6699",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-6699"
    },
    {
      "name": "CVE-2015-6702",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-6702"
    },
    {
      "name": "CVE-2015-6684",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-6684"
    },
    {
      "name": "CVE-2015-6693",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-6693"
    },
    {
      "name": "CVE-2015-6715",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-6715"
    },
    {
      "name": "CVE-2015-6712",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-6712"
    },
    {
      "name": "CVE-2015-6716",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-6716"
    },
    {
      "name": "CVE-2015-6724",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-6724"
    },
    {
      "name": "CVE-2015-6685",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-6685"
    },
    {
      "name": "CVE-2015-6692",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-6692"
    },
    {
      "name": "CVE-2015-7618",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-7618"
    },
    {
      "name": "CVE-2015-6711",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-6711"
    },
    {
      "name": "CVE-2015-6722",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-6722"
    },
    {
      "name": "CVE-2015-7624",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-7624"
    },
    {
      "name": "CVE-2015-6689",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-6689"
    },
    {
      "name": "CVE-2015-6696",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-6696"
    },
    {
      "name": "CVE-2015-7614",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-7614"
    },
    {
      "name": "CVE-2015-6687",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-6687"
    },
    {
      "name": "CVE-2015-6723",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-6723"
    },
    {
      "name": "CVE-2015-7617",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-7617"
    },
    {
      "name": "CVE-2015-6697",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-6697"
    },
    {
      "name": "CVE-2015-6713",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-6713"
    },
    {
      "name": "CVE-2015-5586",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-5586"
    },
    {
      "name": "CVE-2015-7623",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-7623"
    }
  ],
  "links": [],
  "reference": "CERTFR-2015-AVI-427",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2015-10-14T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003eAdobe Acrobat Reader\u003c/span\u003e. Certaines d\u0027entre elles\npermettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire\n\u00e0 distance, une ex\u00e9cution de code arbitraire et un contournement de la\npolitique de s\u00e9curit\u00e9.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans Adobe Acrobat Reader",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Adobe APSB15-24 du 13 octobre 2015",
      "url": "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html"
    }
  ]
}

CERTFR-2015-AVI-427

Vulnerability from certfr_avis - Published: - Updated:

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Adobe	Acrobat Reader	Acrobat DC (Classic) jusqu'à la version 2015.006.30060
Adobe	Acrobat Reader	Acrobat Reader DC (Classic) jusqu'à la version 2015.006.30060
Adobe	Acrobat Reader	Acrobat X jusqu'à la version 10.1.15
Adobe	Acrobat Reader	Acrobat DC (Continuous) jusqu'à la version 2015.008.20082
Adobe	Acrobat Reader	Acrobat XI jusqu'à la version 11.0.12
Adobe	Acrobat Reader	Reader XI jusqu'à la version 11.0.12
Adobe	Acrobat Reader	Reader X jusqu'à la version 10.1.15
Adobe	Acrobat Reader	Acrobat Reader DC (Continuous) jusqu'à la version 2015.008.20082

References

Title

Publication Time

Tags

Bulletin de sécurité Adobe APSB15-24 du 13 octobre 2015

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Acrobat DC (Classic) jusqu\u0027\u00e0 la version 2015.006.30060",
      "product": {
        "name": "Acrobat Reader",
        "vendor": {
          "name": "Adobe",
          "scada": false
        }
      }
    },
    {
      "description": "Acrobat Reader DC (Classic) jusqu\u0027\u00e0 la version 2015.006.30060",
      "product": {
        "name": "Acrobat Reader",
        "vendor": {
          "name": "Adobe",
          "scada": false
        }
      }
    },
    {
      "description": "Acrobat X jusqu\u0027\u00e0 la version 10.1.15",
      "product": {
        "name": "Acrobat Reader",
        "vendor": {
          "name": "Adobe",
          "scada": false
        }
      }
    },
    {
      "description": "Acrobat DC (Continuous) jusqu\u0027\u00e0 la version 2015.008.20082",
      "product": {
        "name": "Acrobat Reader",
        "vendor": {
          "name": "Adobe",
          "scada": false
        }
      }
    },
    {
      "description": "Acrobat XI jusqu\u0027\u00e0 la version 11.0.12",
      "product": {
        "name": "Acrobat Reader",
        "vendor": {
          "name": "Adobe",
          "scada": false
        }
      }
    },
    {
      "description": "Reader XI jusqu\u0027\u00e0 la version 11.0.12",
      "product": {
        "name": "Acrobat Reader",
        "vendor": {
          "name": "Adobe",
          "scada": false
        }
      }
    },
    {
      "description": "Reader X jusqu\u0027\u00e0 la version 10.1.15",
      "product": {
        "name": "Acrobat Reader",
        "vendor": {
          "name": "Adobe",
          "scada": false
        }
      }
    },
    {
      "description": "Acrobat Reader DC (Continuous) jusqu\u0027\u00e0 la version 2015.008.20082",
      "product": {
        "name": "Acrobat Reader",
        "vendor": {
          "name": "Adobe",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2015-6690",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-6690"
    },
    {
      "name": "CVE-2015-6695",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-6695"
    },
    {
      "name": "CVE-2015-6708",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-6708"
    },
    {
      "name": "CVE-2015-6688",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-6688"
    },
    {
      "name": "CVE-2015-6704",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-6704"
    },
    {
      "name": "CVE-2015-6720",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-6720"
    },
    {
      "name": "CVE-2015-7619",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-7619"
    },
    {
      "name": "CVE-2015-6706",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-6706"
    },
    {
      "name": "CVE-2015-7616",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-7616"
    },
    {
      "name": "CVE-2015-6717",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-6717"
    },
    {
      "name": "CVE-2015-6703",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-6703"
    },
    {
      "name": "CVE-2015-6718",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-6718"
    },
    {
      "name": "CVE-2015-7615",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-7615"
    },
    {
      "name": "CVE-2015-6710",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-6710"
    },
    {
      "name": "CVE-2015-6701",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-6701"
    },
    {
      "name": "CVE-2015-6698",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-6698"
    },
    {
      "name": "CVE-2015-6719",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-6719"
    },
    {
      "name": "CVE-2015-7620",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-7620"
    },
    {
      "name": "CVE-2015-6683",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-6683"
    },
    {
      "name": "CVE-2015-5583",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-5583"
    },
    {
      "name": "CVE-2015-6694",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-6694"
    },
    {
      "name": "CVE-2015-6721",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-6721"
    },
    {
      "name": "CVE-2015-6714",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-6714"
    },
    {
      "name": "CVE-2015-6709",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-6709"
    },
    {
      "name": "CVE-2015-7621",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-7621"
    },
    {
      "name": "CVE-2015-6705",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-6705"
    },
    {
      "name": "CVE-2015-7622",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-7622"
    },
    {
      "name": "CVE-2015-6700",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-6700"
    },
    {
      "name": "CVE-2015-6725",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-6725"
    },
    {
      "name": "CVE-2015-6691",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-6691"
    },
    {
      "name": "CVE-2015-6707",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-6707"
    },
    {
      "name": "CVE-2015-6686",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-6686"
    },
    {
      "name": "CVE-2015-6699",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-6699"
    },
    {
      "name": "CVE-2015-6702",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-6702"
    },
    {
      "name": "CVE-2015-6684",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-6684"
    },
    {
      "name": "CVE-2015-6693",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-6693"
    },
    {
      "name": "CVE-2015-6715",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-6715"
    },
    {
      "name": "CVE-2015-6712",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-6712"
    },
    {
      "name": "CVE-2015-6716",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-6716"
    },
    {
      "name": "CVE-2015-6724",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-6724"
    },
    {
      "name": "CVE-2015-6685",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-6685"
    },
    {
      "name": "CVE-2015-6692",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-6692"
    },
    {
      "name": "CVE-2015-7618",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-7618"
    },
    {
      "name": "CVE-2015-6711",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-6711"
    },
    {
      "name": "CVE-2015-6722",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-6722"
    },
    {
      "name": "CVE-2015-7624",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-7624"
    },
    {
      "name": "CVE-2015-6689",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-6689"
    },
    {
      "name": "CVE-2015-6696",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-6696"
    },
    {
      "name": "CVE-2015-7614",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-7614"
    },
    {
      "name": "CVE-2015-6687",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-6687"
    },
    {
      "name": "CVE-2015-6723",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-6723"
    },
    {
      "name": "CVE-2015-7617",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-7617"
    },
    {
      "name": "CVE-2015-6697",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-6697"
    },
    {
      "name": "CVE-2015-6713",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-6713"
    },
    {
      "name": "CVE-2015-5586",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-5586"
    },
    {
      "name": "CVE-2015-7623",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-7623"
    }
  ],
  "links": [],
  "reference": "CERTFR-2015-AVI-427",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2015-10-14T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003eAdobe Acrobat Reader\u003c/span\u003e. Certaines d\u0027entre elles\npermettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire\n\u00e0 distance, une ex\u00e9cution de code arbitraire et un contournement de la\npolitique de s\u00e9curit\u00e9.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans Adobe Acrobat Reader",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Adobe APSB15-24 du 13 octobre 2015",
      "url": "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html"
    }
  ]
}

GHSA-88QG-R83J-HG74

Vulnerability from github – Published: 2022-05-13 01:06 – Updated: 2022-05-13 01:06

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2015-7618"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-416"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2015-10-14T23:59:00Z",
    "severity": "MODERATE"
  },
  "details": "The CBAutoConfigCommentRepository method in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to bypass JavaScript API execution restrictions via unspecified vectors, a different vulnerability than CVE-2015-6707, CVE-2015-6708, CVE-2015-6709, CVE-2015-6710, CVE-2015-6711, CVE-2015-6712, CVE-2015-6713, CVE-2015-6714, CVE-2015-6715, CVE-2015-6716, CVE-2015-6717, CVE-2015-6718, CVE-2015-6719, CVE-2015-6720, CVE-2015-6721, CVE-2015-6722, CVE-2015-6723, CVE-2015-6724, CVE-2015-6725, CVE-2015-7614, CVE-2015-7616, CVE-2015-7619, CVE-2015-7620, and CVE-2015-7623.",
  "id": "GHSA-88qg-r83j-hg74",
  "modified": "2022-05-13T01:06:35Z",
  "published": "2022-05-13T01:06:35Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-7618"
    },
    {
      "type": "WEB",
      "url": "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id/1033796"
    },
    {
      "type": "WEB",
      "url": "http://www.zerodayinitiative.com/advisories/ZDI-15-498"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

GSD-2015-7618

Vulnerability from gsd - Updated: 2023-12-13 01:20

Details

Aliases

CVE-2015-7618

Aliases

CVE-2015-7618

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2015-7618",
    "description": "The CBAutoConfigCommentRepository method in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to bypass JavaScript API execution restrictions via unspecified vectors, a different vulnerability than CVE-2015-6707, CVE-2015-6708, CVE-2015-6709, CVE-2015-6710, CVE-2015-6711, CVE-2015-6712, CVE-2015-6713, CVE-2015-6714, CVE-2015-6715, CVE-2015-6716, CVE-2015-6717, CVE-2015-6718, CVE-2015-6719, CVE-2015-6720, CVE-2015-6721, CVE-2015-6722, CVE-2015-6723, CVE-2015-6724, CVE-2015-6725, CVE-2015-7614, CVE-2015-7616, CVE-2015-7619, CVE-2015-7620, and CVE-2015-7623.",
    "id": "GSD-2015-7618",
    "references": [
      "https://www.suse.com/security/cve/CVE-2015-7618.html"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2015-7618"
      ],
      "details": "The CBAutoConfigCommentRepository method in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to bypass JavaScript API execution restrictions via unspecified vectors, a different vulnerability than CVE-2015-6707, CVE-2015-6708, CVE-2015-6709, CVE-2015-6710, CVE-2015-6711, CVE-2015-6712, CVE-2015-6713, CVE-2015-6714, CVE-2015-6715, CVE-2015-6716, CVE-2015-6717, CVE-2015-6718, CVE-2015-6719, CVE-2015-6720, CVE-2015-6721, CVE-2015-6722, CVE-2015-6723, CVE-2015-6724, CVE-2015-6725, CVE-2015-7614, CVE-2015-7616, CVE-2015-7619, CVE-2015-7620, and CVE-2015-7623.",
      "id": "GSD-2015-7618",
      "modified": "2023-12-13T01:20:01.828310Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "psirt@adobe.com",
        "ID": "CVE-2015-7618",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "The CBAutoConfigCommentRepository method in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to bypass JavaScript API execution restrictions via unspecified vectors, a different vulnerability than CVE-2015-6707, CVE-2015-6708, CVE-2015-6709, CVE-2015-6710, CVE-2015-6711, CVE-2015-6712, CVE-2015-6713, CVE-2015-6714, CVE-2015-6715, CVE-2015-6716, CVE-2015-6717, CVE-2015-6718, CVE-2015-6719, CVE-2015-6720, CVE-2015-6721, CVE-2015-6722, CVE-2015-6723, CVE-2015-6724, CVE-2015-6725, CVE-2015-7614, CVE-2015-7616, CVE-2015-7619, CVE-2015-7620, and CVE-2015-7623."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html",
            "refsource": "CONFIRM",
            "url": "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html"
          },
          {
            "name": "1033796",
            "refsource": "SECTRACK",
            "url": "http://www.securitytracker.com/id/1033796"
          },
          {
            "name": "http://www.zerodayinitiative.com/advisories/ZDI-15-498",
            "refsource": "MISC",
            "url": "http://www.zerodayinitiative.com/advisories/ZDI-15-498"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "10.1.15",
                    "versionStartIncluding": "10.0",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "11.0.12",
                    "versionStartIncluding": "11.0.0",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "15.006.30094",
                    "versionStartIncluding": "15.006.30060",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "15.009.20069",
                    "versionStartIncluding": "15.008.20082",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "10.1.15",
                    "versionStartIncluding": "10.0",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "11.0.12",
                    "versionStartIncluding": "11.0.0",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "15.006.30094",
                    "versionStartIncluding": "15.006.30060",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "15.009.20069",
                    "versionStartIncluding": "15.008.20082",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@adobe.com",
          "ID": "CVE-2015-7618"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "The CBAutoConfigCommentRepository method in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to bypass JavaScript API execution restrictions via unspecified vectors, a different vulnerability than CVE-2015-6707, CVE-2015-6708, CVE-2015-6709, CVE-2015-6710, CVE-2015-6711, CVE-2015-6712, CVE-2015-6713, CVE-2015-6714, CVE-2015-6715, CVE-2015-6716, CVE-2015-6717, CVE-2015-6718, CVE-2015-6719, CVE-2015-6720, CVE-2015-6721, CVE-2015-6722, CVE-2015-6723, CVE-2015-6724, CVE-2015-6725, CVE-2015-7614, CVE-2015-7616, CVE-2015-7619, CVE-2015-7620, and CVE-2015-7623."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-416"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html",
              "refsource": "CONFIRM",
              "tags": [
                "Patch",
                "Vendor Advisory"
              ],
              "url": "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html"
            },
            {
              "name": "http://www.zerodayinitiative.com/advisories/ZDI-15-498",
              "refsource": "MISC",
              "tags": [
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "http://www.zerodayinitiative.com/advisories/ZDI-15-498"
            },
            {
              "name": "1033796",
              "refsource": "SECTRACK",
              "tags": [
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "http://www.securitytracker.com/id/1033796"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "acInsufInfo": false,
          "cvssV2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 6.8,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 8.6,
          "impactScore": 6.4,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": true
        }
      },
      "lastModifiedDate": "2021-09-08T17:19Z",
      "publishedDate": "2015-10-14T23:59Z"
    }
  }
}

CNVD-2015-06693

Vulnerability from cnvd - Published: 2015-10-20

Title

Adobe Acrobat/Reader Javascript API执行绕过漏洞（CNVD-2015-06693）

Description

Adobe Reader/Acrobat是一款流行的处理PDF文件的应用程序。 Adobe Reader/Acrobat存在执行绕过漏洞。允许攻击者构建恶意PDF文件，诱使用户解析，可绕过Javascript API执行限制。

Severity

高

Patch Name

Adobe Acrobat/Reader Javascript API执行绕过漏洞（CNVD-2015-06693）的补丁

Patch Description

Adobe Reader/Acrobat是一款流行的处理PDF文件的应用程序。 Adobe Reader/Acrobat存在执行绕过漏洞，允许攻击者构建恶意PDF文件，诱使用户解析，可绕过Javascript API执行限制。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description

用户可参考如下厂商提供的安全公告获取补丁以修复该漏洞： https://helpx.adobe.com/content/help/en/security/products/acrobat/apsb15-24.html

Reference

https://helpx.adobe.com/content/help/en/security/products/acrobat/apsb15-24.html

Impacted products

Name
['Adobe Reader/Acrobat 10.x(<10.1.16)', 'Adobe Reader/Acrobat 11.x(<11.0.13)', 'Adobe Acrobat/Acrobat Reader DC Classic <2015.006.30094', 'Adobe Acrobat/Acrobat Reader DC Continuous(on Windows/OS X) <2015.009.20069']

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2015-7618"
    }
  },
  "description": "Adobe Reader/Acrobat\u662f\u4e00\u6b3e\u6d41\u884c\u7684\u5904\u7406PDF\u6587\u4ef6\u7684\u5e94\u7528\u7a0b\u5e8f\u3002\r\n\r\nAdobe Reader/Acrobat\u5b58\u5728\u6267\u884c\u7ed5\u8fc7\u6f0f\u6d1e\u3002\u5141\u8bb8\u653b\u51fb\u8005\u6784\u5efa\u6076\u610fPDF\u6587\u4ef6\uff0c\u8bf1\u4f7f\u7528\u6237\u89e3\u6790\uff0c\u53ef\u7ed5\u8fc7Javascript API\u6267\u884c\u9650\u5236\u3002",
  "discovererName": "Matt Molinyawe and Jasiel Spelman of HP\u0027s Zero Day Initiative",
  "formalWay": "\u7528\u6237\u53ef\u53c2\u8003\u5982\u4e0b\u5382\u5546\u63d0\u4f9b\u7684\u5b89\u5168\u516c\u544a\u83b7\u53d6\u8865\u4e01\u4ee5\u4fee\u590d\u8be5\u6f0f\u6d1e\uff1a\r\nhttps://helpx.adobe.com/content/help/en/security/products/acrobat/apsb15-24.html",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2015-06693",
  "openTime": "2015-10-20",
  "patchDescription": "Adobe Reader/Acrobat\u662f\u4e00\u6b3e\u6d41\u884c\u7684\u5904\u7406PDF\u6587\u4ef6\u7684\u5e94\u7528\u7a0b\u5e8f\u3002\r\nAdobe Reader/Acrobat\u5b58\u5728\u6267\u884c\u7ed5\u8fc7\u6f0f\u6d1e\uff0c\u5141\u8bb8\u653b\u51fb\u8005\u6784\u5efa\u6076\u610fPDF\u6587\u4ef6\uff0c\u8bf1\u4f7f\u7528\u6237\u89e3\u6790\uff0c\u53ef\u7ed5\u8fc7Javascript API\u6267\u884c\u9650\u5236\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Adobe Acrobat/Reader Javascript API\u6267\u884c\u7ed5\u8fc7\u6f0f\u6d1e\uff08CNVD-2015-06693\uff09\u7684\u8865\u4e01",
  "products": {
    "product": [
      "Adobe Reader/Acrobat 10.x(\u003c10.1.16)",
      "Adobe Reader/Acrobat 11.x(\u003c11.0.13)",
      "Adobe Acrobat/Acrobat Reader DC Classic \u003c2015.006.30094",
      "Adobe Acrobat/Acrobat Reader DC Continuous(on Windows/OS X) \u003c2015.009.20069"
    ]
  },
  "referenceLink": "https://helpx.adobe.com/content/help/en/security/products/acrobat/apsb15-24.html",
  "serverity": "\u9ad8",
  "submitTime": "2015-10-15",
  "title": "Adobe Acrobat/Reader Javascript API\u6267\u884c\u7ed5\u8fc7\u6f0f\u6d1e\uff08CNVD-2015-06693\uff09"
}

VAR-201510-0043

Vulnerability from variot - Updated: 2023-12-18 12:06

The CBAutoConfigCommentRepository method in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to bypass JavaScript API execution restrictions via unspecified vectors, a different vulnerability than CVE-2015-6707, CVE-2015-6708, CVE-2015-6709, CVE-2015-6710, CVE-2015-6711, CVE-2015-6712, CVE-2015-6713, CVE-2015-6714, CVE-2015-6715, CVE-2015-6716, CVE-2015-6717, CVE-2015-6718, CVE-2015-6719, CVE-2015-6720, CVE-2015-6721, CVE-2015-6722, CVE-2015-6723, CVE-2015-6724, CVE-2015-6725, CVE-2015-7614, CVE-2015-7616, CVE-2015-7619, CVE-2015-7620, and CVE-2015-7623. This vulnerability CVE-2015-6707 , CVE-2015-6708 , CVE-2015-6709 , CVE-2015-6710 , CVE-2015-6711 , CVE-2015-6712 , CVE-2015-6713 , CVE-2015-6714 , CVE-2015-6715 , CVE-2015-6716 , CVE-2015-6717 , CVE-2015-6718 , CVE-2015-6719 , CVE-2015-6720 , CVE-2015-6721 , CVE-2015-6722 , CVE-2015-6723 , CVE-2015-6724 , CVE-2015-6725 , CVE-2015-7614 , CVE-2015-7616 , CVE-2015-7619 , CVE-2015-7620 ,and CVE-2015-7623 Is a different vulnerability.By the attacker, JavaScript API Execution restrictions may be avoided. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the CBAutoConfigCommentRepository method. By creating a specially crafted PDF with specific Javascript instructions, it is possible to bypass the Javascript API restrictions. A remote attacker could exploit this vulnerability to execute arbitrary code. Adobe Acrobat and Reader are prone to multiple security-bypass vulnerabilities. An attacker can exploit these issues to bypass certain security restrictions and perform unauthorized actions. This may lead to further attacks. Adobe Reader, etc. are all products of Adobe (Adobe) in the United States. Adobe Reader is a free PDF file reader; Acrobat is a PDF file editing and conversion tool; Acrobat Reader DC is a set of tools for viewing, printing and annotating PDF. Classic and Continuous are two update mechanisms provided by Acrobat Reader DC Product Download Center. A security vulnerability exists in the CBAutoConfigCommentRepository method of several Adobe products. 30060 and earlier, Acrobat XI Desktop 11.0.12 and earlier, Reader XI Desktop 11.0.12 and earlier, Acrobat X Desktop 10.1.15 and earlier, Reader X Desktop 10.1.15 and earlier

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201510-0043",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "acrobat reader",
        "scope": "gte",
        "trust": 1.0,
        "vendor": "adobe",
        "version": "10.0"
      },
      {
        "model": "acrobat reader",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "adobe",
        "version": "10.1.15"
      },
      {
        "model": "acrobat",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "adobe",
        "version": "10.1.15"
      },
      {
        "model": "acrobat",
        "scope": "gte",
        "trust": 1.0,
        "vendor": "adobe",
        "version": "10.0"
      },
      {
        "model": "acrobat dc",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "adobe",
        "version": "15.009.20069"
      },
      {
        "model": "acrobat reader dc",
        "scope": "gte",
        "trust": 1.0,
        "vendor": "adobe",
        "version": "15.008.20082"
      },
      {
        "model": "acrobat dc",
        "scope": "gte",
        "trust": 1.0,
        "vendor": "adobe",
        "version": "15.008.20082"
      },
      {
        "model": "acrobat reader dc",
        "scope": "gte",
        "trust": 1.0,
        "vendor": "adobe",
        "version": "15.006.30060"
      },
      {
        "model": "acrobat reader",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "adobe",
        "version": "11.0.12"
      },
      {
        "model": "acrobat reader",
        "scope": "gte",
        "trust": 1.0,
        "vendor": "adobe",
        "version": "11.0.0"
      },
      {
        "model": "acrobat",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "adobe",
        "version": "11.0.12"
      },
      {
        "model": "acrobat dc",
        "scope": "gte",
        "trust": 1.0,
        "vendor": "adobe",
        "version": "15.006.30060"
      },
      {
        "model": "acrobat",
        "scope": "gte",
        "trust": 1.0,
        "vendor": "adobe",
        "version": "11.0.0"
      },
      {
        "model": "acrobat reader dc",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "adobe",
        "version": "15.006.30094"
      },
      {
        "model": "acrobat dc",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "adobe",
        "version": "15.006.30094"
      },
      {
        "model": "acrobat reader dc",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "adobe",
        "version": "15.009.20069"
      },
      {
        "model": "acrobat",
        "scope": "eq",
        "trust": 0.9,
        "vendor": "adobe",
        "version": "10.1.14"
      },
      {
        "model": "acrobat",
        "scope": "eq",
        "trust": 0.9,
        "vendor": "adobe",
        "version": "10.1.10"
      },
      {
        "model": "acrobat dc",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "adobe",
        "version": "(windows/macintosh)"
      },
      {
        "model": "acrobat reader dc",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "adobe",
        "version": "(windows/macintosh)"
      },
      {
        "model": "acrobat reader dc",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "adobe",
        "version": "classic 2015.006.30094"
      },
      {
        "model": "acrobat",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "adobe",
        "version": "11.x (windows/macintosh)"
      },
      {
        "model": "acrobat",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "adobe",
        "version": "xi desktop 11.0.13"
      },
      {
        "model": "reader",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "adobe",
        "version": "11.x (windows/macintosh)"
      },
      {
        "model": "acrobat dc",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "adobe",
        "version": "continuous 2015.009.20069"
      },
      {
        "model": "acrobat",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "adobe",
        "version": "10.x (windows/macintosh)"
      },
      {
        "model": "reader",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "adobe",
        "version": "xi desktop 11.0.13"
      },
      {
        "model": "acrobat",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "adobe",
        "version": "x desktop 10.1.16"
      },
      {
        "model": "acrobat dc",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "adobe",
        "version": "classic 2015.006.30094"
      },
      {
        "model": "reader",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "adobe",
        "version": "10.x (windows/macintosh)"
      },
      {
        "model": "acrobat reader dc",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "adobe",
        "version": "continuous 2015.009.20069"
      },
      {
        "model": "reader",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "adobe",
        "version": "x desktop 10.1.16"
      },
      {
        "model": "acrobat reader dc",
        "scope": null,
        "trust": 0.7,
        "vendor": "adobe",
        "version": null
      },
      {
        "model": "acrobat reader",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "adobe",
        "version": "11.0.5"
      },
      {
        "model": "acrobat reader",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "adobe",
        "version": "11.0.2"
      },
      {
        "model": "acrobat reader",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "adobe",
        "version": "10.1.9"
      },
      {
        "model": "acrobat reader",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "adobe",
        "version": "10.1.10"
      },
      {
        "model": "acrobat reader",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "adobe",
        "version": "11.0.1"
      },
      {
        "model": "acrobat reader",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "adobe",
        "version": "11.0.4"
      },
      {
        "model": "acrobat reader",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "adobe",
        "version": "10.1.8"
      },
      {
        "model": "acrobat reader",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "adobe",
        "version": "11.0.3"
      },
      {
        "model": "reader",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "adobe",
        "version": "10.1.9"
      },
      {
        "model": "acrobat",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "adobe",
        "version": "10.1.1"
      },
      {
        "model": "reader",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "adobe",
        "version": "10.1.13"
      },
      {
        "model": "acrobat reader dc",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "adobe",
        "version": "2015.8.20082"
      },
      {
        "model": "acrobat",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "adobe",
        "version": "11.0.10"
      },
      {
        "model": "acrobat",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "adobe",
        "version": "10.0"
      },
      {
        "model": "acrobat",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "adobe",
        "version": "10.1.2"
      },
      {
        "model": "acrobat dc",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "adobe",
        "version": "2015.006.30094"
      },
      {
        "model": "reader",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "adobe",
        "version": "10.1.15"
      },
      {
        "model": "acrobat reader dc",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "adobe",
        "version": "2015.6.30060"
      },
      {
        "model": "acrobat",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "adobe",
        "version": "10.0.3"
      },
      {
        "model": "reader",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "adobe",
        "version": "10.1.10"
      },
      {
        "model": "reader",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "adobe",
        "version": "11.0.3"
      },
      {
        "model": "acrobat",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "adobe",
        "version": "10.0.13"
      },
      {
        "model": "acrobat",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "adobe",
        "version": "11.0.6"
      },
      {
        "model": "acrobat",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "adobe",
        "version": "11.0.13"
      },
      {
        "model": "acrobat",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "adobe",
        "version": "11.0"
      },
      {
        "model": "acrobat reader dc",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "adobe",
        "version": "2015.006.30094"
      },
      {
        "model": "reader",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "adobe",
        "version": "11.0.10"
      },
      {
        "model": "reader",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "adobe",
        "version": "11.0.4"
      },
      {
        "model": "acrobat",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "adobe",
        "version": "10.1.3"
      },
      {
        "model": "acrobat",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "adobe",
        "version": "10.1.16"
      },
      {
        "model": "acrobat",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "adobe",
        "version": "10.0.2"
      },
      {
        "model": "reader",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "adobe",
        "version": "10.0.1"
      },
      {
        "model": "reader",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "adobe",
        "version": "11.0.11"
      },
      {
        "model": "acrobat",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "adobe",
        "version": "10.1.4"
      },
      {
        "model": "acrobat",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "adobe",
        "version": "10.1.6"
      },
      {
        "model": "acrobat",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "adobe",
        "version": "10.1.11"
      },
      {
        "model": "reader",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "adobe",
        "version": "11.0.13"
      },
      {
        "model": "reader",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "adobe",
        "version": "11.0"
      },
      {
        "model": "acrobat",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "adobe",
        "version": "11.0.7"
      },
      {
        "model": "reader",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "adobe",
        "version": "10.1.14"
      },
      {
        "model": "reader",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "adobe",
        "version": "10.1.3"
      },
      {
        "model": "reader",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "adobe",
        "version": "10.1.1"
      },
      {
        "model": "acrobat",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "adobe",
        "version": "10.1"
      },
      {
        "model": "reader",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "adobe",
        "version": "10.1.16"
      },
      {
        "model": "reader",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "adobe",
        "version": "10.0.2"
      },
      {
        "model": "acrobat",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "adobe",
        "version": "10.1.5"
      },
      {
        "model": "reader",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "adobe",
        "version": "10.0"
      },
      {
        "model": "acrobat dc",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "adobe",
        "version": "2015.007.20033"
      },
      {
        "model": "acrobat",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "adobe",
        "version": "10.1.12"
      },
      {
        "model": "acrobat",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "adobe",
        "version": "11.0.1"
      },
      {
        "model": "reader",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "adobe",
        "version": "10.1.2"
      },
      {
        "model": "acrobat",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "adobe",
        "version": "10.1.13"
      },
      {
        "model": "reader",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "adobe",
        "version": "10.1.4"
      },
      {
        "model": "acrobat",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "adobe",
        "version": "10.1.8"
      },
      {
        "model": "reader",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "adobe",
        "version": "10.1.11"
      },
      {
        "model": "reader",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "adobe",
        "version": "10.0.3"
      },
      {
        "model": "acrobat",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "adobe",
        "version": "11.0.2"
      },
      {
        "model": "acrobat",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "adobe",
        "version": "11.0.12"
      },
      {
        "model": "acrobat",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "adobe",
        "version": "11.0.08"
      },
      {
        "model": "acrobat",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "adobe",
        "version": "11.0.9"
      },
      {
        "model": "reader",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "adobe",
        "version": "11.0.7"
      },
      {
        "model": "reader",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "adobe",
        "version": "11.0.6"
      },
      {
        "model": "acrobat dc",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "adobe",
        "version": "2015.006.30060"
      },
      {
        "model": "reader",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "adobe",
        "version": "11.0.05"
      },
      {
        "model": "reader",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "adobe",
        "version": "10.1"
      },
      {
        "model": "acrobat",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "adobe",
        "version": "11.0.09"
      },
      {
        "model": "acrobat",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "adobe",
        "version": "11.0.3"
      },
      {
        "model": "acrobat dc",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "adobe",
        "version": "2015.009.20069"
      },
      {
        "model": "acrobat dc",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "adobe",
        "version": "2015.006.30033"
      },
      {
        "model": "reader",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "adobe",
        "version": "10.1.12"
      },
      {
        "model": "reader",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "adobe",
        "version": "11.0.1"
      },
      {
        "model": "acrobat",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "adobe",
        "version": "11.0.4"
      },
      {
        "model": "acrobat",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "adobe",
        "version": "10.1.9"
      },
      {
        "model": "acrobat reader dc",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "adobe",
        "version": "2015.009.20069"
      },
      {
        "model": "acrobat reader dc",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "adobe",
        "version": "2015.006.30033"
      },
      {
        "model": "reader",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "adobe",
        "version": "11.0.12"
      },
      {
        "model": "reader",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "adobe",
        "version": "11.0.08"
      },
      {
        "model": "acrobat dc",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "adobe",
        "version": "2015.008.20082"
      },
      {
        "model": "acrobat",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "adobe",
        "version": "10.1.7"
      },
      {
        "model": "acrobat",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "adobe",
        "version": "10.0.1"
      },
      {
        "model": "acrobat reader dc",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "adobe",
        "version": "2015.007.20033"
      },
      {
        "model": "reader",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "adobe",
        "version": "11.0.09"
      },
      {
        "model": "acrobat",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "adobe",
        "version": "11.0.11"
      },
      {
        "model": "acrobat",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "adobe",
        "version": "10.1.15"
      }
    ],
    "sources": [
      {
        "db": "ZDI",
        "id": "ZDI-15-498"
      },
      {
        "db": "BID",
        "id": "77074"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-005284"
      },
      {
        "db": "NVD",
        "id": "CVE-2015-7618"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201510-243"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "10.1.15",
                    "versionStartIncluding": "10.0",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "11.0.12",
                    "versionStartIncluding": "11.0.0",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "15.006.30094",
                    "versionStartIncluding": "15.006.30060",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "15.009.20069",
                    "versionStartIncluding": "15.008.20082",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "10.1.15",
                    "versionStartIncluding": "10.0",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "11.0.12",
                    "versionStartIncluding": "11.0.0",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "15.006.30094",
                    "versionStartIncluding": "15.006.30060",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "15.009.20069",
                    "versionStartIncluding": "15.008.20082",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2015-7618"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Matt Molinyawe and Jasiel Spelman of HP Zero Day Initiative",
    "sources": [
      {
        "db": "ZDI",
        "id": "ZDI-15-498"
      }
    ],
    "trust": 0.7
  },
  "cve": "CVE-2015-7618",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": false,
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "NVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 6.8,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 8.6,
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "obtainAllPrivilege": false,
            "obtainOtherPrivilege": false,
            "obtainUserPrivilege": false,
            "severity": "MEDIUM",
            "trust": 1.0,
            "userInteractionRequired": true,
            "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "Medium",
            "accessVector": "Network",
            "authentication": "None",
            "author": "NVD",
            "availabilityImpact": "Complete",
            "baseScore": 9.3,
            "confidentialityImpact": "Complete",
            "exploitabilityScore": null,
            "id": "CVE-2015-7618",
            "impactScore": null,
            "integrityImpact": "Complete",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "High",
            "trust": 0.8,
            "userInteractionRequired": null,
            "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "ZDI",
            "availabilityImpact": "PARTIAL",
            "baseScore": 6.8,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 8.6,
            "id": "CVE-2015-7618",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "MEDIUM",
            "trust": 0.7,
            "userInteractionRequired": null,
            "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "PARTIAL",
            "baseScore": 6.8,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 8.6,
            "id": "VHN-85579",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 0.1,
            "vectorString": "AV:N/AC:M/AU:N/C:P/I:P/A:P",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "NVD",
            "id": "CVE-2015-7618",
            "trust": 1.0,
            "value": "MEDIUM"
          },
          {
            "author": "NVD",
            "id": "CVE-2015-7618",
            "trust": 0.8,
            "value": "High"
          },
          {
            "author": "ZDI",
            "id": "CVE-2015-7618",
            "trust": 0.7,
            "value": "MEDIUM"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201510-243",
            "trust": 0.6,
            "value": "CRITICAL"
          },
          {
            "author": "VULHUB",
            "id": "VHN-85579",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "ZDI",
        "id": "ZDI-15-498"
      },
      {
        "db": "VULHUB",
        "id": "VHN-85579"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-005284"
      },
      {
        "db": "NVD",
        "id": "CVE-2015-7618"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201510-243"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "The CBAutoConfigCommentRepository method in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to bypass JavaScript API execution restrictions via unspecified vectors, a different vulnerability than CVE-2015-6707, CVE-2015-6708, CVE-2015-6709, CVE-2015-6710, CVE-2015-6711, CVE-2015-6712, CVE-2015-6713, CVE-2015-6714, CVE-2015-6715, CVE-2015-6716, CVE-2015-6717, CVE-2015-6718, CVE-2015-6719, CVE-2015-6720, CVE-2015-6721, CVE-2015-6722, CVE-2015-6723, CVE-2015-6724, CVE-2015-6725, CVE-2015-7614, CVE-2015-7616, CVE-2015-7619, CVE-2015-7620, and CVE-2015-7623. This vulnerability CVE-2015-6707 , CVE-2015-6708 , CVE-2015-6709 , CVE-2015-6710 , CVE-2015-6711 , CVE-2015-6712 , CVE-2015-6713 , CVE-2015-6714 , CVE-2015-6715 , CVE-2015-6716 , CVE-2015-6717 , CVE-2015-6718 , CVE-2015-6719 , CVE-2015-6720 , CVE-2015-6721 , CVE-2015-6722 , CVE-2015-6723 , CVE-2015-6724 , CVE-2015-6725 , CVE-2015-7614 , CVE-2015-7616 , CVE-2015-7619 , CVE-2015-7620 ,and CVE-2015-7623 Is a different vulnerability.By the attacker, JavaScript API Execution restrictions may be avoided. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the CBAutoConfigCommentRepository method. By creating a specially crafted PDF with specific Javascript instructions, it is possible to bypass the Javascript API restrictions. A remote attacker could exploit this vulnerability to execute arbitrary code. Adobe Acrobat and Reader are prone to multiple security-bypass vulnerabilities. \nAn attacker can exploit these issues to bypass certain security restrictions and perform unauthorized actions. This may lead to further attacks. Adobe Reader, etc. are all products of Adobe (Adobe) in the United States. Adobe Reader is a free PDF file reader; Acrobat is a PDF file editing and conversion tool; Acrobat Reader DC is a set of tools for viewing, printing and annotating PDF. Classic and Continuous are two update mechanisms provided by Acrobat Reader DC Product Download Center. A security vulnerability exists in the CBAutoConfigCommentRepository method of several Adobe products. 30060 and earlier, Acrobat XI Desktop 11.0.12 and earlier, Reader XI Desktop 11.0.12 and earlier, Acrobat X Desktop 10.1.15 and earlier, Reader X Desktop 10.1.15 and earlier",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2015-7618"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-005284"
      },
      {
        "db": "ZDI",
        "id": "ZDI-15-498"
      },
      {
        "db": "BID",
        "id": "77074"
      },
      {
        "db": "VULHUB",
        "id": "VHN-85579"
      }
    ],
    "trust": 2.61
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2015-7618",
        "trust": 3.5
      },
      {
        "db": "ZDI",
        "id": "ZDI-15-498",
        "trust": 2.4
      },
      {
        "db": "SECTRACK",
        "id": "1033796",
        "trust": 1.7
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-005284",
        "trust": 0.8
      },
      {
        "db": "ZDI_CAN",
        "id": "ZDI-CAN-3082",
        "trust": 0.7
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201510-243",
        "trust": 0.7
      },
      {
        "db": "BID",
        "id": "77074",
        "trust": 0.3
      },
      {
        "db": "VULHUB",
        "id": "VHN-85579",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "ZDI",
        "id": "ZDI-15-498"
      },
      {
        "db": "VULHUB",
        "id": "VHN-85579"
      },
      {
        "db": "BID",
        "id": "77074"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-005284"
      },
      {
        "db": "NVD",
        "id": "CVE-2015-7618"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201510-243"
      }
    ]
  },
  "id": "VAR-201510-0043",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-85579"
      }
    ],
    "trust": 0.01
  },
  "last_update_date": "2023-12-18T12:06:45.733000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "APSB15-24",
        "trust": 1.5,
        "url": "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html"
      },
      {
        "title": "APSB15-24",
        "trust": 0.8,
        "url": "https://helpx.adobe.com/jp/security/products/reader/apsb15-24.html"
      },
      {
        "title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Reader \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
        "trust": 0.8,
        "url": "http://www.fmworld.net/biz/common/adobe/20151015.html"
      },
      {
        "title": "Multiple Adobe Product Privilege License and Access Control Vulnerability Fixes",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=58092"
      }
    ],
    "sources": [
      {
        "db": "ZDI",
        "id": "ZDI-15-498"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-005284"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201510-243"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-416",
        "trust": 1.1
      },
      {
        "problemtype": "CWE-264",
        "trust": 0.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-85579"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-005284"
      },
      {
        "db": "NVD",
        "id": "CVE-2015-7618"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.4,
        "url": "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html"
      },
      {
        "trust": 1.7,
        "url": "http://www.zerodayinitiative.com/advisories/zdi-15-498"
      },
      {
        "trust": 1.7,
        "url": "http://www.securitytracker.com/id/1033796"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-7618"
      },
      {
        "trust": 0.8,
        "url": "http://www.ipa.go.jp/security/ciadr/vul/20151014-adobereader.html"
      },
      {
        "trust": 0.8,
        "url": "http://www.jpcert.or.jp/at/2015/at150035.html"
      },
      {
        "trust": 0.8,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-7618"
      },
      {
        "trust": 0.8,
        "url": "http://www.npa.go.jp/cyberpolice/topics/?seq=17022"
      },
      {
        "trust": 0.3,
        "url": "http://www.adobe.com"
      }
    ],
    "sources": [
      {
        "db": "ZDI",
        "id": "ZDI-15-498"
      },
      {
        "db": "VULHUB",
        "id": "VHN-85579"
      },
      {
        "db": "BID",
        "id": "77074"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-005284"
      },
      {
        "db": "NVD",
        "id": "CVE-2015-7618"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201510-243"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "ZDI",
        "id": "ZDI-15-498"
      },
      {
        "db": "VULHUB",
        "id": "VHN-85579"
      },
      {
        "db": "BID",
        "id": "77074"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-005284"
      },
      {
        "db": "NVD",
        "id": "CVE-2015-7618"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201510-243"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2015-10-13T00:00:00",
        "db": "ZDI",
        "id": "ZDI-15-498"
      },
      {
        "date": "2015-10-14T00:00:00",
        "db": "VULHUB",
        "id": "VHN-85579"
      },
      {
        "date": "2015-10-13T00:00:00",
        "db": "BID",
        "id": "77074"
      },
      {
        "date": "2015-10-16T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2015-005284"
      },
      {
        "date": "2015-10-14T23:59:51.980000",
        "db": "NVD",
        "id": "CVE-2015-7618"
      },
      {
        "date": "2015-10-15T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201510-243"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2015-10-13T00:00:00",
        "db": "ZDI",
        "id": "ZDI-15-498"
      },
      {
        "date": "2020-05-18T00:00:00",
        "db": "VULHUB",
        "id": "VHN-85579"
      },
      {
        "date": "2015-11-03T19:59:00",
        "db": "BID",
        "id": "77074"
      },
      {
        "date": "2015-10-16T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2015-005284"
      },
      {
        "date": "2021-09-08T17:19:32.573000",
        "db": "NVD",
        "id": "CVE-2015-7618"
      },
      {
        "date": "2020-05-19T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201510-243"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201510-243"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Windows and  Mac OS X Run on  Adobe Reader and  Acrobat of  CBAutoConfigCommentRepository In the method  JavaScript API Vulnerability that circumvents execution restrictions",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-005284"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "resource management error",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201510-243"
      }
    ],
    "trust": 0.6
  }
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2015-7618 (GCVE-0-2015-7618)

FKIE_CVE-2015-7618

CERTFR-2015-AVI-427

Solution

CERTFR-2015-AVI-427

Solution

GHSA-88QG-R83J-HG74

GSD-2015-7618

CNVD-2015-06693

VAR-201510-0043

Tags

Sightings

Nomenclature