Use-After-Free Vulnerability in Adobe Reader and Acrobat
CVE-2015-3059

Currently unrated

Key Information:

Vendor: Adobe
Status: Acrobat; Mac Os X; Windows
Vendor: CVE Published:; 13 May 2015

Summary

A use-after-free vulnerability exists in Adobe Reader and Acrobat affecting versions 10.x prior to 10.1.14 and 11.x prior to 11.0.11 on Windows and OS X. This flaw allows attackers to exploit subtle coding errors to achieve arbitrary code execution through unspecified vectors, leading to severe implications for the affected systems if successfully executed. Users should promptly update to the latest versions to mitigate this security risk.

References

http://www.zerodayinitiative.com/advisories/ZDI-15-212

x_refsource_MISC

https://helpx.adobe.com/security/products/reader/apsb15-1...

x_refsource_CONFIRM

http://www.securitytracker.com/id/1032284

vdb-entryx_refsource_SECTRACK

Timeline

Vulnerability published
May 13, 2015
Vulnerability Reserved
Apr 9, 2015