Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to execute arbitrary code by leveraging improper EScript exception handling, a different vulnerability than CVE-2015-5586, CVE-2015-6683, CVE-2015-6684, CVE-2015-6687, CVE-2015-6688, CVE-2015-6689, CVE-2015-6690, CVE-2015-6691, CVE-2015-7615, and CVE-2015-7621.
References
Link | Resource |
---|---|
http://www.securitytracker.com/id/1033796 | Third Party Advisory VDB Entry |
http://www.zerodayinitiative.com/advisories/ZDI-15-492 | Third Party Advisory VDB Entry |
https://helpx.adobe.com/security/products/acrobat/apsb15-24.html | Patch Vendor Advisory |
Configurations
Configuration 1 (hide)
AND |
|
History
08 Sep 2021, 17:19
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:* |
Information
Published : 2015-10-14 23:59
Updated : 2024-02-04 18:53
NVD link : CVE-2015-7617
Mitre link : CVE-2015-7617
CVE.ORG link : CVE-2015-7617
JSON object : View
Products Affected
adobe
- acrobat
- acrobat_dc
- acrobat_reader
- acrobat_reader_dc
apple
- macos
microsoft
- windows
CWE
CWE-416
Use After Free