|
|
|||
| Rule General Information |
|---|
| Release Date: | 2015-07-17 | |
| Rule Name: | Adobe Acrobat Reader Javascript API Privilege Escalation Vulnerability (CVE-2015-5086) | |
| Severity: | ||
| CVE ID: | ||
| Rule Protection Details |
|---|
| Description: | Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, Acrobat and Acrobat Reader DC Classic before 2015.006.30060, and Acrobat and Acrobat Reader DC Continuous before 2015.008.20082 on Windows and OS X allow attackers to bypass JavaScript API execution restrictions via unspecified vectors. | |
| Impact: | An attacker can abtain more privileges which he is not entitled to by exloiting the vulnerability, such as executing arbitrary code, deleting files, viewing sensitive information, changing configurations. | |
| Affected OS: | Windows | |
| Reference: | SecurityFocusBID:75737 AdobeSecurityBulletins:apsb15-15 |
|
| Solutions |
|---|
| Adobe has issued a fix on the official website. For more advisory, please visit https://helpx.adobe.com/security/products/reader/apsb15-15.html |