JavaScript API Execution Bypass in Adobe Reader and Acrobat Products
CVE-2015-3065

Currently unrated

Key Information:

Vendor: Adobe
Status: Acrobat Reader; Mac Os X; Windows
Vendor: CVE Published:; 13 May 2015

Summary

Adobe Reader and Acrobat versions prior to the specified updates exhibit a vulnerability that enables attackers to evade implemented restrictions on JavaScript API execution. This flaw manifests through unspecified vectors, allowing for potentially unauthorized actions within the application. Users of Adobe Reader and Acrobat should urgently apply the latest updates to safeguard their systems from exploitation.

References

http://www.securityfocus.com/bid/74604

vdb-entryx_refsource_BID

https://helpx.adobe.com/security/products/reader/apsb15-1...

x_refsource_CONFIRM

http://www.securitytracker.com/id/1032284

vdb-entryx_refsource_SECTRACK

Timeline

Vulnerability published
May 13, 2015
Vulnerability Reserved
Apr 9, 2015