VAR-201510-0367
Vulnerability from variot - Updated: 2023-12-18 12:06The ANSendForReview method in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to bypass JavaScript API execution restrictions via unspecified vectors, a different vulnerability than CVE-2015-6708, CVE-2015-6709, CVE-2015-6710, CVE-2015-6711, CVE-2015-6712, CVE-2015-6713, CVE-2015-6714, CVE-2015-6715, CVE-2015-6716, CVE-2015-6717, CVE-2015-6718, CVE-2015-6719, CVE-2015-6720, CVE-2015-6721, CVE-2015-6722, CVE-2015-6723, CVE-2015-6724, CVE-2015-6725, CVE-2015-7614, CVE-2015-7616, CVE-2015-7618, CVE-2015-7619, CVE-2015-7620, and CVE-2015-7623. This vulnerability CVE-2015-6708 , CVE-2015-6709 , CVE-2015-6710 , CVE-2015-6711 , CVE-2015-6712 , CVE-2015-6713 , CVE-2015-6714 , CVE-2015-6715 , CVE-2015-6716 , CVE-2015-6717 , CVE-2015-6718 , CVE-2015-6719 , CVE-2015-6720 , CVE-2015-6721 , CVE-2015-6722 , CVE-2015-6723 , CVE-2015-6724 , CVE-2015-6725 , CVE-2015-7614 , CVE-2015-7616 , CVE-2015-7618 , CVE-2015-7619 , CVE-2015-7620 ,and CVE-2015-7623 Is a different vulnerability.By the attacker, JavaScript API Execution restrictions may be avoided. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the ANSendForReview method. By creating a specially crafted PDF with specific JavaScript instructions, it is possible to bypass the Javascript API restrictions. A remote attacker could exploit this vulnerability to execute arbitrary code. Adobe Acrobat and Reader are prone to multiple security-bypass vulnerabilities. An attacker can exploit these issues to bypass certain security restrictions and perform unauthorized actions. This may lead to further attacks. Adobe Reader, etc. are all products of Adobe (Adobe) in the United States. Adobe Reader is a free PDF file reader; Acrobat is a PDF file editing and conversion tool; Acrobat Reader DC is a set of tools for viewing, printing and annotating PDF. Classic and Continuous are two update mechanisms provided by Acrobat Reader DC Product Download Center. A security vulnerability exists in the ANSendForReview method of several Adobe products. 30060 and earlier, Acrobat XI Desktop 11.0.12 and earlier, Reader XI Desktop 11.0.12 and earlier, Acrobat X Desktop 10.1.15 and earlier, Reader X Desktop 10.1.15 and earlier
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201510-0367",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat reader",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat reader",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.15"
},
{
"model": "acrobat",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.1.15"
},
{
"model": "acrobat",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.009.20069"
},
{
"model": "acrobat reader dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.008.20082"
},
{
"model": "acrobat dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.008.20082"
},
{
"model": "acrobat reader dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30060"
},
{
"model": "acrobat reader",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "acrobat reader",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "acrobat dc",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30060"
},
{
"model": "acrobat",
"scope": "gte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.0"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30094"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30094"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 1.0,
"vendor": "adobe",
"version": "15.009.20069"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.9,
"vendor": "adobe",
"version": "11.0.10"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.9,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.9,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.9,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.9,
"vendor": "adobe",
"version": "11.0.9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.9,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.9,
"vendor": "adobe",
"version": "11.0.11"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "(windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "classic 2015.006.30094"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows/macintosh)"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi desktop 11.0.13"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "11.x (windows/macintosh)"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "continuous 2015.009.20069"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows/macintosh)"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "xi desktop 11.0.13"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x desktop 10.1.16"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "classic 2015.006.30094"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "10.x (windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "continuous 2015.009.20069"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.8,
"vendor": "adobe",
"version": "x desktop 10.1.16"
},
{
"model": "acrobat reader dc",
"scope": null,
"trust": 0.7,
"vendor": "adobe",
"version": null
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.8"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "11.0.5"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.6,
"vendor": "adobe",
"version": "10.1.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.14"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.13"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.8.20082"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat dc",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.006.30094"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.15"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.6.30060"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.13"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.13"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0"
},
{
"model": "acrobat reader dc",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.006.30094"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.10"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "acrobat",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.16"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.11"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.6"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.13"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.14"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.3"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "reader",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.16"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.5"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.007.20033"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.12"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.13"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.4"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.8"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.11"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.3"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.2"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.08"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.7"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.6"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.006.30060"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.05"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.10"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.09"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.3"
},
{
"model": "acrobat dc",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.009.20069"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.006.30033"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.12"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.1"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.9"
},
{
"model": "acrobat reader dc",
"scope": "ne",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.009.20069"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.006.30033"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.12"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.08"
},
{
"model": "acrobat dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.008.20082"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.7"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.0.1"
},
{
"model": "acrobat reader dc",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "2015.007.20033"
},
{
"model": "reader",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "11.0.09"
},
{
"model": "acrobat",
"scope": "eq",
"trust": 0.3,
"vendor": "adobe",
"version": "10.1.15"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-483"
},
{
"db": "BID",
"id": "77074"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005264"
},
{
"db": "NVD",
"id": "CVE-2015-6707"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-220"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "10.1.15",
"versionStartIncluding": "10.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "11.0.12",
"versionStartIncluding": "11.0.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"cpe_name": [],
"versionEndExcluding": "15.006.30094",
"versionStartIncluding": "15.006.30060",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"cpe_name": [],
"versionEndExcluding": "15.009.20069",
"versionStartIncluding": "15.008.20082",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "10.1.15",
"versionStartIncluding": "10.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "11.0.12",
"versionStartIncluding": "11.0.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"cpe_name": [],
"versionEndExcluding": "15.006.30094",
"versionStartIncluding": "15.006.30060",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"cpe_name": [],
"versionEndExcluding": "15.009.20069",
"versionStartIncluding": "15.008.20082",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2015-6707"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "AbdulAziz Hariri - HP Zero Day Initiative",
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-483"
}
],
"trust": 0.7
},
"cve": "CVE-2015-6707",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 9.3,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2015-6707",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "ZDI",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2015-6707",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "MEDIUM",
"trust": 0.7,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "VHN-84668",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2015-6707",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2015-6707",
"trust": 0.8,
"value": "High"
},
{
"author": "ZDI",
"id": "CVE-2015-6707",
"trust": 0.7,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201510-220",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-84668",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-483"
},
{
"db": "VULHUB",
"id": "VHN-84668"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005264"
},
{
"db": "NVD",
"id": "CVE-2015-6707"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-220"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The ANSendForReview method in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to bypass JavaScript API execution restrictions via unspecified vectors, a different vulnerability than CVE-2015-6708, CVE-2015-6709, CVE-2015-6710, CVE-2015-6711, CVE-2015-6712, CVE-2015-6713, CVE-2015-6714, CVE-2015-6715, CVE-2015-6716, CVE-2015-6717, CVE-2015-6718, CVE-2015-6719, CVE-2015-6720, CVE-2015-6721, CVE-2015-6722, CVE-2015-6723, CVE-2015-6724, CVE-2015-6725, CVE-2015-7614, CVE-2015-7616, CVE-2015-7618, CVE-2015-7619, CVE-2015-7620, and CVE-2015-7623. This vulnerability CVE-2015-6708 , CVE-2015-6709 , CVE-2015-6710 , CVE-2015-6711 , CVE-2015-6712 , CVE-2015-6713 , CVE-2015-6714 , CVE-2015-6715 , CVE-2015-6716 , CVE-2015-6717 , CVE-2015-6718 , CVE-2015-6719 , CVE-2015-6720 , CVE-2015-6721 , CVE-2015-6722 , CVE-2015-6723 , CVE-2015-6724 , CVE-2015-6725 , CVE-2015-7614 , CVE-2015-7616 , CVE-2015-7618 , CVE-2015-7619 , CVE-2015-7620 ,and CVE-2015-7623 Is a different vulnerability.By the attacker, JavaScript API Execution restrictions may be avoided. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the ANSendForReview method. By creating a specially crafted PDF with specific JavaScript instructions, it is possible to bypass the Javascript API restrictions. A remote attacker could exploit this vulnerability to execute arbitrary code. Adobe Acrobat and Reader are prone to multiple security-bypass vulnerabilities. \nAn attacker can exploit these issues to bypass certain security restrictions and perform unauthorized actions. This may lead to further attacks. Adobe Reader, etc. are all products of Adobe (Adobe) in the United States. Adobe Reader is a free PDF file reader; Acrobat is a PDF file editing and conversion tool; Acrobat Reader DC is a set of tools for viewing, printing and annotating PDF. Classic and Continuous are two update mechanisms provided by Acrobat Reader DC Product Download Center. A security vulnerability exists in the ANSendForReview method of several Adobe products. 30060 and earlier, Acrobat XI Desktop 11.0.12 and earlier, Reader XI Desktop 11.0.12 and earlier, Acrobat X Desktop 10.1.15 and earlier, Reader X Desktop 10.1.15 and earlier",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-6707"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005264"
},
{
"db": "ZDI",
"id": "ZDI-15-483"
},
{
"db": "BID",
"id": "77074"
},
{
"db": "VULHUB",
"id": "VHN-84668"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2015-6707",
"trust": 3.5
},
{
"db": "ZDI",
"id": "ZDI-15-483",
"trust": 2.4
},
{
"db": "SECTRACK",
"id": "1033796",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005264",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-3058",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-201510-220",
"trust": 0.7
},
{
"db": "BID",
"id": "77074",
"trust": 0.3
},
{
"db": "VULHUB",
"id": "VHN-84668",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-483"
},
{
"db": "VULHUB",
"id": "VHN-84668"
},
{
"db": "BID",
"id": "77074"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005264"
},
{
"db": "NVD",
"id": "CVE-2015-6707"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-220"
}
]
},
"id": "VAR-201510-0367",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-84668"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T12:06:49.959000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB15-24",
"trust": 1.5,
"url": "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html"
},
{
"title": "APSB15-24",
"trust": 0.8,
"url": "https://helpx.adobe.com/jp/security/products/reader/apsb15-24.html"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Reader \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20151015.html"
},
{
"title": "Multiple Adobe Product Privilege License and Access Control Vulnerability Fixes",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=58069"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-483"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005264"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-220"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
},
{
"problemtype": "CWE-264",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-84668"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005264"
},
{
"db": "NVD",
"id": "CVE-2015-6707"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.4,
"url": "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html"
},
{
"trust": 1.7,
"url": "http://www.zerodayinitiative.com/advisories/zdi-15-483"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id/1033796"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-6707"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/vul/20151014-adobereader.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2015/at150035.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-6707"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/topics/?seq=17022"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-15-483"
},
{
"db": "VULHUB",
"id": "VHN-84668"
},
{
"db": "BID",
"id": "77074"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005264"
},
{
"db": "NVD",
"id": "CVE-2015-6707"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-220"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-15-483"
},
{
"db": "VULHUB",
"id": "VHN-84668"
},
{
"db": "BID",
"id": "77074"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-005264"
},
{
"db": "NVD",
"id": "CVE-2015-6707"
},
{
"db": "CNNVD",
"id": "CNNVD-201510-220"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-10-13T00:00:00",
"db": "ZDI",
"id": "ZDI-15-483"
},
{
"date": "2015-10-14T00:00:00",
"db": "VULHUB",
"id": "VHN-84668"
},
{
"date": "2015-10-13T00:00:00",
"db": "BID",
"id": "77074"
},
{
"date": "2015-10-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-005264"
},
{
"date": "2015-10-14T23:59:29.303000",
"db": "NVD",
"id": "CVE-2015-6707"
},
{
"date": "2015-10-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201510-220"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-10-13T00:00:00",
"db": "ZDI",
"id": "ZDI-15-483"
},
{
"date": "2020-05-18T00:00:00",
"db": "VULHUB",
"id": "VHN-84668"
},
{
"date": "2015-11-03T19:59:00",
"db": "BID",
"id": "77074"
},
{
"date": "2015-10-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-005264"
},
{
"date": "2021-09-08T17:19:32.003000",
"db": "NVD",
"id": "CVE-2015-6707"
},
{
"date": "2020-05-19T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201510-220"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201510-220"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Windows and Mac OS X Run on Adobe Reader and Acrobat of ANSendForReview In the method JavaScript API Vulnerability that circumvents execution restrictions",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-005264"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "permissions and access control issues",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201510-220"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…