JavaScript API Execution Bypass in Adobe Reader and Acrobat
CVE-2015-3060

Currently unrated

Key Information:

Vendor: Adobe
Status: Acrobat Reader; Mac Os X; Windows
Vendor: CVE Published:; 13 May 2015

Summary

A vulnerability exists in Adobe Reader and Acrobat that allows attackers to bypass the intended restrictions on JavaScript API execution. This issue affects various versions of the software running on Windows and OS X, enabling potential exploitation through unspecified vectors. Users of Adobe products should ensure they are using patched versions to mitigate potential risks associated with this vulnerability.

References

http://www.securityfocus.com/bid/74604

vdb-entryx_refsource_BID

https://helpx.adobe.com/security/products/reader/apsb15-1...

x_refsource_CONFIRM

http://www.zerodayinitiative.com/advisories/ZDI-15-208

x_refsource_MISC

Timeline

Vulnerability published
May 13, 2015
Vulnerability Reserved
Apr 9, 2015