CVE-2015-3067
Severity CVSS v4.0:
Pending analysis
Type:
CWE-284
Improper Access Control
Publication date:
13/05/2015
Last modified:
12/04/2025
Description
Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allow attackers to bypass intended restrictions on JavaScript API execution via unspecified vectors, a different vulnerability than CVE-2015-3060, CVE-2015-3061, CVE-2015-3062, CVE-2015-3063, CVE-2015-3064, CVE-2015-3065, CVE-2015-3066, CVE-2015-3068, CVE-2015-3069, CVE-2015-3071, CVE-2015-3072, CVE-2015-3073, and CVE-2015-3074.
Impact
Base Score 2.0
10.00
Severity 2.0
HIGH
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:a:adobe:acrobat:10.1.0:*:*:*:*:*:*:* | ||
| cpe:2.3:a:adobe:acrobat:10.1.1:*:*:*:*:*:*:* | ||
| cpe:2.3:a:adobe:acrobat:10.1.2:*:*:*:*:*:*:* | ||
| cpe:2.3:a:adobe:acrobat:10.1.3:*:*:*:*:*:*:* | ||
| cpe:2.3:a:adobe:acrobat:10.1.4:*:*:*:*:*:*:* | ||
| cpe:2.3:a:adobe:acrobat:10.1.5:*:*:*:*:*:*:* | ||
| cpe:2.3:a:adobe:acrobat:10.1.6:*:*:*:*:*:*:* | ||
| cpe:2.3:a:adobe:acrobat:10.1.7:*:*:*:*:*:*:* | ||
| cpe:2.3:a:adobe:acrobat:10.1.8:*:*:*:*:*:*:* | ||
| cpe:2.3:a:adobe:acrobat:10.1.9:*:*:*:*:*:*:* | ||
| cpe:2.3:a:adobe:acrobat:10.1.10:*:*:*:*:*:*:* | ||
| cpe:2.3:a:adobe:acrobat:10.1.11:*:*:*:*:*:*:* | ||
| cpe:2.3:a:adobe:acrobat:10.1.12:*:*:*:*:*:*:* | ||
| cpe:2.3:a:adobe:acrobat:10.1.13:*:*:*:*:*:*:* | ||
| cpe:2.3:a:adobe:acrobat:11.0.0:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- http://www.securityfocus.com/bid/74604
- http://www.securitytracker.com/id/1032284
- http://www.zerodayinitiative.com/advisories/ZDI-15-201
- https://helpx.adobe.com/security/products/reader/apsb15-10.html
- http://www.securityfocus.com/bid/74604
- http://www.securitytracker.com/id/1032284
- http://www.zerodayinitiative.com/advisories/ZDI-15-201
- https://helpx.adobe.com/security/products/reader/apsb15-10.html