JavaScript API Execution Bypass in Adobe Reader and Acrobat
CVE-2015-3066

Currently unrated

Key Information:

Vendor: Adobe
Status: Acrobat; Mac Os X; Windows
Vendor: CVE Published:; 13 May 2015

What is CVE-2015-3066?

Adobe Reader and Acrobat on Windows and OS X prior to specified versions are susceptible to a vulnerability that allows unauthorized bypassing of restrictions on JavaScript API execution. Attackers may exploit this flaw through various unspecified vectors, which could lead to unintended actions and potentially harmful outcomes for users. This vulnerability poses a security risk that requires urgent attention to mitigate potential threats.

References

http://www.securityfocus.com/bid/74604

vdb-entryx_refsource_BID

http://www.zerodayinitiative.com/advisories/ZDI-15-200

x_refsource_MISC

https://helpx.adobe.com/security/products/reader/apsb15-1...

x_refsource_CONFIRM

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 13, 2015
Vulnerability Reserved
Apr 9, 2015