JavaScript API Restriction Bypass in Adobe Reader and Acrobat
CVE-2015-3063

Currently unrated

Key Information:

Vendor: Adobe
Status: Acrobat; Mac Os X; Windows
Vendor: CVE Published:; 13 May 2015

What is CVE-2015-3063?

Adobe Reader and Acrobat on Windows and OS X versions 10.x prior to 10.1.14 and 11.x prior to 11.0.11 are susceptible to a vulnerability that permits attackers to bypass intended restrictions on the execution of JavaScript APIs via unspecified methods. This bypass can potentially allow unauthorized access to execute malicious scripts, leading to various security issues. Users of affected versions are advised to apply the necessary updates provided by Adobe to mitigate such risks.

References

http://www.securityfocus.com/bid/74604

vdb-entryx_refsource_BID

https://helpx.adobe.com/security/products/reader/apsb15-1...

x_refsource_CONFIRM

http://www.securitytracker.com/id/1032284

vdb-entryx_refsource_SECTRACK

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 13, 2015
Vulnerability Reserved
Apr 9, 2015