Page 85 of 670 results (0.009 seconds)

CVSS: 6.8EPSS: 1%CPEs: 10EXPL: 0

The ANStartApproval method in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to bypass JavaScript API execution restrictions via unspecified vectors, a different vulnerability than CVE-2015-6707, CVE-2015-6709, CVE-2015-6710, CVE-2015-6711, CVE-2015-6712, CVE-2015-6713, CVE-2015-6714, CVE-2015-6715, CVE-2015-6716, CVE-2015-6717, CVE-2015-6718, CVE-2015-6719, CVE-2015-6720, CVE-2015-6721, CVE-2015-6722, CVE-2015-6723, CVE-2015-6724, CVE-2015-6725, CVE-2015-7614, CVE-2015-7616, CVE-2015-7618, CVE-2015-7619, CVE-2015-7620, and CVE-2015-7623. El método ANStartApproval en Adobe Reader y Acrobat 10.x en versiones anteriores a 10.1.16 y 11.x en versiones anteriores a 11.0.13, Acrobat y Acrobat Reader DC Classic en versiones anteriores a 2015.006.30094 y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 2015.009.20069 en Windows y OS X permite a atacantes eludir las restricciones de ejecución de la API JavaScript a través de vectores no especificados, una vulnerabilidad diferente a CVE-2015-6707, CVE-2015-6709, CVE-2015-6710, CVE-2015-6711, CVE-2015-6712, CVE-2015-6713, CVE-2015-6714, CVE-2015-6715, CVE-2015-6716, CVE-2015-6717, CVE-2015-6718, CVE-2015-6719, CVE-2015-6720, CVE-2015-6721, CVE-2015-6722, CVE-2015-6723, CVE-2015-6724, CVE-2015-6725, CVE-2015-7614, CVE-2015-7616, CVE-2015-7618, CVE-2015-7619, CVE-2015-7620 y CVE-2015-7623. This vulnerability allows remote attackers to bypass API restrictions on vulnerable installations of Adobe Acrobat Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the ANStartApproval method. By creating a specially crafted PDF with specific Javascript instructions, it is possible to bypass the Javascript API restrictions. • http://www.securitytracker.com/id/1033796 http://www.zerodayinitiative.com/advisories/ZDI-15-484 https://helpx.adobe.com/security/products/acrobat/apsb15-24.html •

CVSS: 7.5EPSS: 1%CPEs: 10EXPL: 0

The Function call implementation in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to bypass JavaScript API execution restrictions via unspecified vectors, a different vulnerability than CVE-2015-6707, CVE-2015-6708, CVE-2015-6709, CVE-2015-6710, CVE-2015-6711, CVE-2015-6712, CVE-2015-6714, CVE-2015-6715, CVE-2015-6716, CVE-2015-6717, CVE-2015-6718, CVE-2015-6719, CVE-2015-6720, CVE-2015-6721, CVE-2015-6722, CVE-2015-6723, CVE-2015-6724, CVE-2015-6725, CVE-2015-7614, CVE-2015-7616, CVE-2015-7618, CVE-2015-7619, CVE-2015-7620, and CVE-2015-7623. La implementación de Function call en Adobe Reader y Acrobat 10.x en versiones anteriores a 10.1.16 y 11.x en versiones anteriores a 11.0.13, Acrobat y Acrobat Reader DC Classic en versiones anteriores a 2015.006.30094 y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 2015.009.20069 en Windows y OS X permite a atacantes eludir las restricciones de ejecución de la API JavaScript a través de vectores no especificados, una vulnerabilidad diferente a CVE-2015-6707, CVE-2015-6708, CVE-2015-6709, CVE-2015-6710, CVE-2015-6711, CVE-2015-6712, CVE-2015-6714, CVE-2015-6715, CVE-2015-6716, CVE-2015-6717, CVE-2015-6718, CVE-2015-6719, CVE-2015-6720, CVE-2015-6721, CVE-2015-6722, CVE-2015-6723, CVE-2015-6724, CVE-2015-6725, CVE-2015-7614, CVE-2015-7616, CVE-2015-7618, CVE-2015-7619, CVE-2015-7620 y CVE-2015-7623. This vulnerability allows remote attackers to bypass API restrictions on vulnerable installations of Adobe Acrobat Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the call method of Function objects. By creating a specially crafted PDF with specific Javascript instructions, it is possible to bypass the Javascript API restrictions. • http://www.securitytracker.com/id/1033796 http://www.zerodayinitiative.com/advisories/ZDI-15-489 https://helpx.adobe.com/security/products/acrobat/apsb15-24.html •

CVSS: 7.5EPSS: 1%CPEs: 10EXPL: 0

The Function apply implementation in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to bypass JavaScript API execution restrictions via unspecified vectors, a different vulnerability than CVE-2015-6707, CVE-2015-6708, CVE-2015-6709, CVE-2015-6710, CVE-2015-6711, CVE-2015-6712, CVE-2015-6713, CVE-2015-6714, CVE-2015-6716, CVE-2015-6717, CVE-2015-6718, CVE-2015-6719, CVE-2015-6720, CVE-2015-6721, CVE-2015-6722, CVE-2015-6723, CVE-2015-6724, CVE-2015-6725, CVE-2015-7614, CVE-2015-7616, CVE-2015-7618, CVE-2015-7619, CVE-2015-7620, and CVE-2015-7623. La implementación en Function apply en Adobe Reader y Acrobat 10.x en versiones anteriores a 10.1.16 y 11.x en versiones anteriores a 11.0.13, Acrobat y Acrobat Reader DC Classic en versiones anteriores a 2015.006.30094 y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 2015.009.20069 en Windows y OS X permite a atacantes eludir las restricciones de ejecución de la API JavaScript a través de vectores no especificados, una vulnerabilidad diferente a CVE-2015-6707, CVE-2015-6708, CVE-2015-6709, CVE-2015-6710, CVE-2015-6711, CVE-2015-6712, CVE-2015-6713, CVE-2015-6714, CVE-2015-6716, CVE-2015-6717, CVE-2015-6718, CVE-2015-6719, CVE-2015-6720, CVE-2015-6721, CVE-2015-6722, CVE-2015-6723, CVE-2015-6724, CVE-2015-6725, CVE-2015-7614, CVE-2015-7616, CVE-2015-7618, CVE-2015-7619, CVE-2015-7620 y CVE-2015-7623. This vulnerability allows remote attackers to bypass API restrictions on vulnerable installations of Adobe Acrobat Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the apply method of Function objects. By creating a specially crafted PDF with specific Javascript instructions, it is possible to bypass the Javascript API restrictions. • http://www.securitytracker.com/id/1033796 http://www.zerodayinitiative.com/advisories/ZDI-15-491 https://helpx.adobe.com/security/products/acrobat/apsb15-24.html •

CVSS: 6.8EPSS: 1%CPEs: 10EXPL: 0

The CBSharedReviewIfOfflineDialog method in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to bypass JavaScript API execution restrictions via unspecified vectors, a different vulnerability than CVE-2015-6707, CVE-2015-6708, CVE-2015-6709, CVE-2015-6710, CVE-2015-6711, CVE-2015-6712, CVE-2015-6713, CVE-2015-6714, CVE-2015-6715, CVE-2015-6716, CVE-2015-6717, CVE-2015-6719, CVE-2015-6720, CVE-2015-6721, CVE-2015-6722, CVE-2015-6723, CVE-2015-6724, CVE-2015-6725, CVE-2015-7614, CVE-2015-7616, CVE-2015-7618, CVE-2015-7619, CVE-2015-7620, and CVE-2015-7623. El método CBSharedReviewIfOfflineDialog en Adobe Reader y Acrobat 10.x en versiones anteriores a 10.1.16 y 11.x en versiones anteriores a 11.0.13, Acrobat y Acrobat Reader DC Classic en versiones anteriores a 2015.006.30094 y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 2015.009.20069 en Windows y OS X permite a atacantes eludir las restricciones de ejecución de la API JavaScript a través de vectores no especificados, una vulnerabilidad diferente a CVE-2015-6707, CVE-2015-6708, CVE-2015-6709, CVE-2015-6710, CVE-2015-6711, CVE-2015-6712, CVE-2015-6713, CVE-2015-6714, CVE-2015-6715, CVE-2015-6716, CVE-2015-6717, CVE-2015-6719, CVE-2015-6720, CVE-2015-6721, CVE-2015-6722, CVE-2015-6723, CVE-2015-6724, CVE-2015-6725, CVE-2015-7614, CVE-2015-7616, CVE-2015-7618, CVE-2015-7619, CVE-2015-7620 y CVE-2015-7623. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the CBSharedReviewIfOfflineDialog method. By creating a specially crafted PDF with specific Javascript instructions, it is possible to bypass the Javascript API restrictions. • http://www.securitytracker.com/id/1033796 http://www.zerodayinitiative.com/advisories/ZDI-15-503 https://helpx.adobe.com/security/products/acrobat/apsb15-24.html •

CVSS: 6.8EPSS: 1%CPEs: 10EXPL: 0

The ANRunSharedReviewEmailStep method in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to bypass JavaScript API execution restrictions via unspecified vectors, a different vulnerability than CVE-2015-6707, CVE-2015-6708, CVE-2015-6709, CVE-2015-6710, CVE-2015-6711, CVE-2015-6712, CVE-2015-6713, CVE-2015-6714, CVE-2015-6715, CVE-2015-6716, CVE-2015-6717, CVE-2015-6718, CVE-2015-6719, CVE-2015-6721, CVE-2015-6722, CVE-2015-6723, CVE-2015-6724, CVE-2015-6725, CVE-2015-7614, CVE-2015-7616, CVE-2015-7618, CVE-2015-7619, CVE-2015-7620, and CVE-2015-7623. El método ANRunSharedReviewEmailStep en Adobe Reader y Acrobat 10.x en versiones anteriores a 10.1.16 y 11.x en versiones anteriores a 11.0.13, Acrobat y Acrobat Reader DC Classic en versiones anteriores a 2015.006.30094 y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 2015.009.20069 en Windows y OS X permite a atacantes eludir las restricciones de ejecución de la API JavaScript a través de vectores no especificados, una vulnerabilidad diferente a CVE-2015-6707, CVE-2015-6708, CVE-2015-6709, CVE-2015-6710, CVE-2015-6711, CVE-2015-6712, CVE-2015-6713, CVE-2015-6714, CVE-2015-6715, CVE-2015-6716, CVE-2015-6717, CVE-2015-6718, CVE-2015-6719, CVE-2015-6721, CVE-2015-6722, CVE-2015-6723, CVE-2015-6724, CVE-2015-6725, CVE-2015-7614, CVE-2015-7616, CVE-2015-7618, CVE-2015-7619, CVE-2015-7620 y CVE-2015-7623. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the ANRunSharedReviewEmailStep method. By creating a specially crafted PDF with specific Javascript instructions, it is possible to bypass the Javascript API restrictions. • http://www.securitytracker.com/id/1033796 http://www.zerodayinitiative.com/advisories/ZDI-15-506 https://helpx.adobe.com/security/products/acrobat/apsb15-24.html •