Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to execute arbitrary code by leveraging improper EScript exception handling, a different vulnerability than CVE-2015-5586, CVE-2015-6683, CVE-2015-6684, CVE-2015-6687, CVE-2015-6688, CVE-2015-6689, CVE-2015-6690, CVE-2015-6691, CVE-2015-7615, and CVE-2015-7621.
References
| Link | Resource |
|---|---|
| http://www.securitytracker.com/id/1033796 | Third Party Advisory VDB Entry |
| http://www.zerodayinitiative.com/advisories/ZDI-15-492 | Third Party Advisory VDB Entry |
| https://helpx.adobe.com/security/products/acrobat/apsb15-24.html | Patch Vendor Advisory |
Configurations
Configuration 1 (hide)
| AND |
|
History
08 Sep 2021, 17:19
| Type | Values Removed | Values Added |
|---|---|---|
| CPE | cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:* |
Information
Published : 2015-10-14 23:59
Updated : 2023-12-10 11:46
NVD link : CVE-2015-7617
Mitre link : CVE-2015-7617
CVE.ORG link : CVE-2015-7617
JSON object : View
Products Affected
adobe
- acrobat_reader
- acrobat
- acrobat_reader_dc
- acrobat_dc
microsoft
- windows
apple
- macos
CWE
CWE-416
Use After Free