Lucene search
AbdulAziz Hariri - HPE Zero Day InitiativeZDI-16-285HistoryMay 10, 2016 - 12:00 a.m.
Adobe Acrobat Reader DC app.launchURL Command Execution Remote Code Execution Vulnerability
2016-05-1000:00:00
AbdulAziz Hariri - HPE Zero Day Initiative
www.zerodayinitiative.com
50
EPSS
0.044
Percentile
92.5%
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Acrobat Reader DC. Authentication is not required to exploit this vulnerability. The specific flaw exists within handling URL’s passed to app.launchURL. A specially crafted cURL passed to app.launchURL can force a command to be executed. A remote attacker could exploit this vulnerability to execute arbitrary code in the context of the process.
Related
prion
prion
nvd
nvd
cve
cve
cvelist
cvelist
nessus
nessus
openvas
openvas
Adobe Reader Security Updates (APSB16-14) - Windows
2016-05-12 00:00:00
Adobe Reader Security Updates (APSB16-14) - Mac OS X
2016-05-12 00:00:00
Adobe Acrobat Security Updates (APSB16-14) - Windows
2016-05-12 00:00:00
kaspersky
kaspersky
KLA10807 Multiple vulnerabilities in Adobe Acrobat
2016-05-10 00:00:00
adobe
adobe
APSB16-14 Security Updates Available for Adobe Acrobat and Reader
2016-05-05 00:00:00