CVE-2014-0521

Adobe Reader and Acrobat 10.x before 10.1.10 and 11.x before 11.0.07 on Windows and OS X do not properly implement JavaScript APIs, which allows remote attackers to obtain sensitive information via a crafted PDF document.
References
Configurations

Configuration 1 (hide)

AND
OR cpe:2.3:a:adobe:acrobat_reader:10.0:*:*:*:*:*:*:*
cpe:2.3:a:adobe:acrobat_reader:10.0.1:*:*:*:*:*:*:*
cpe:2.3:a:adobe:acrobat_reader:10.0.2:*:*:*:*:*:*:*
cpe:2.3:a:adobe:acrobat_reader:10.0.3:*:*:*:*:*:*:*
cpe:2.3:a:adobe:acrobat_reader:10.1:*:*:*:*:*:*:*
cpe:2.3:a:adobe:acrobat_reader:10.1.1:*:*:*:*:*:*:*
cpe:2.3:a:adobe:acrobat_reader:10.1.2:*:*:*:*:*:*:*
cpe:2.3:a:adobe:acrobat_reader:10.1.3:*:*:*:*:*:*:*
cpe:2.3:a:adobe:acrobat_reader:10.1.4:*:*:*:*:*:*:*
cpe:2.3:a:adobe:acrobat_reader:10.1.5:*:*:*:*:*:*:*
cpe:2.3:a:adobe:acrobat_reader:10.1.6:*:*:*:*:*:*:*
cpe:2.3:a:adobe:acrobat_reader:10.1.7:*:*:*:*:*:*:*
cpe:2.3:a:adobe:acrobat_reader:10.1.8:*:*:*:*:*:*:*
cpe:2.3:a:adobe:acrobat_reader:10.1.9:*:*:*:*:*:*:*
cpe:2.3:a:adobe:acrobat_reader:11.0:*:*:*:*:*:*:*
cpe:2.3:a:adobe:acrobat_reader:11.0.1:*:*:*:*:*:*:*
cpe:2.3:a:adobe:acrobat_reader:11.0.2:*:*:*:*:*:*:*
cpe:2.3:a:adobe:acrobat_reader:11.0.3:*:*:*:*:*:*:*
cpe:2.3:a:adobe:acrobat_reader:11.0.4:*:*:*:*:*:*:*
cpe:2.3:a:adobe:acrobat_reader:11.0.5:-:*:*:*:windows:*:*
cpe:2.3:a:adobe:acrobat_reader:11.0.6:*:*:*:*:*:*:*
OR cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
OR cpe:2.3:a:adobe:acrobat:10.0:*:*:*:*:*:*:*
cpe:2.3:a:adobe:acrobat:10.0.1:*:*:*:*:*:*:*
cpe:2.3:a:adobe:acrobat:10.0.2:*:*:*:*:*:*:*
cpe:2.3:a:adobe:acrobat:10.0.3:*:*:*:*:*:*:*
cpe:2.3:a:adobe:acrobat:10.1:*:*:*:*:*:*:*
cpe:2.3:a:adobe:acrobat:10.1.1:*:*:*:*:*:*:*
cpe:2.3:a:adobe:acrobat:10.1.2:*:*:*:*:*:*:*
cpe:2.3:a:adobe:acrobat:10.1.3:*:*:*:*:*:*:*
cpe:2.3:a:adobe:acrobat:10.1.4:*:*:*:*:*:*:*
cpe:2.3:a:adobe:acrobat:10.1.5:*:*:*:*:*:*:*
cpe:2.3:a:adobe:acrobat:10.1.6:*:*:*:*:*:*:*
cpe:2.3:a:adobe:acrobat:10.1.7:*:*:*:*:*:*:*
cpe:2.3:a:adobe:acrobat:10.1.8:*:*:*:*:*:*:*
cpe:2.3:a:adobe:acrobat:10.1.9:*:*:*:*:*:*:*
cpe:2.3:a:adobe:acrobat:11.0:*:*:*:*:*:*:*
cpe:2.3:a:adobe:acrobat:11.0.1:*:*:*:*:*:*:*
cpe:2.3:a:adobe:acrobat:11.0.2:*:*:*:*:*:*:*
cpe:2.3:a:adobe:acrobat:11.0.3:*:*:*:*:*:*:*
cpe:2.3:a:adobe:acrobat:11.0.4:*:*:*:*:*:*:*
cpe:2.3:a:adobe:acrobat:11.0.5:-:*:*:*:windows:*:*
cpe:2.3:a:adobe:acrobat:11.0.6:*:*:*:*:*:*:*
OR cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*

History

No history.

Information

Published : 2014-05-14 11:13

Updated : 2024-02-04 18:35


NVD link : CVE-2014-0521

Mitre link : CVE-2014-0521

CVE.ORG link : CVE-2014-0521


JSON object : View

Products Affected

apple

  • mac_os_x

microsoft

  • windows

adobe

  • acrobat
  • acrobat_reader
CWE
CWE-200

Exposure of Sensitive Information to an Unauthorized Actor