Lucene search
WanderingGlitch of HP Zero Day InitiativeZDI-15-490HistoryOct 13, 2015 - 12:00 a.m.
Adobe Acrobat Reader DC bind Javascript API Restrictions Bypass Vulnerability
2015-10-1300:00:00
WanderingGlitch of HP Zero Day Initiative
www.zerodayinitiative.com
15
EPSS
0.017
Percentile
87.7%
This vulnerability allows remote attackers to bypass API restrictions on vulnerable installations of Adobe Acrobat Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the bind method of Function objects. By creating a specially crafted PDF with specific Javascript instructions, it is possible to bypass the Javascript API restrictions. A remote attacker could exploit this vulnerability to execute arbitrary code.
Related
prion
prion
Design/Logic Flaw
2015-10-14 23:59:00
Design/Logic Flaw
2015-10-14 23:59:00
Design/Logic Flaw
2015-10-14 23:59:00
cvelist
cvelist
nvd
nvd
cve
cve
nessus
nessus
openvas
openvas
Adobe Acrobat Multiple Vulnerabilities - 01 (Oct 2015) - Mac OS X
2015-10-20 00:00:00
Adobe Reader Multiple Vulnerabilities - 01 (Oct 2015) - Windows
2015-10-20 00:00:00
Adobe Reader Multiple Vulnerabilities - 01 (Oct 2015) - Mac OS X
2015-10-20 00:00:00
kaspersky
kaspersky
KLA10682 Multiple vulnerabilities in Adobe Acrobat and Reader
2015-10-13 00:00:00