4.3

CVE-2014-0521

Adobe Reader and Acrobat 10.x before 10.1.10 and 11.x before 11.0.07 on Windows and OS X do not properly implement JavaScript APIs, which allows remote attackers to obtain sensitive information via a crafted PDF document.

Data is provided by the National Vulnerability Database (NVD)
AdobeAcrobat Reader Version10.0
   ApplemacOS X
   MicrosoftWindows
AdobeAcrobat Reader Version10.0.1
   ApplemacOS X
   MicrosoftWindows
AdobeAcrobat Reader Version10.0.2
   ApplemacOS X
   MicrosoftWindows
AdobeAcrobat Reader Version10.0.3
   ApplemacOS X
   MicrosoftWindows
AdobeAcrobat Reader Version10.1
   ApplemacOS X
   MicrosoftWindows
AdobeAcrobat Reader Version10.1.1
   ApplemacOS X
   MicrosoftWindows
AdobeAcrobat Reader Version10.1.2
   ApplemacOS X
   MicrosoftWindows
AdobeAcrobat Reader Version10.1.3
   ApplemacOS X
   MicrosoftWindows
AdobeAcrobat Reader Version10.1.4
   ApplemacOS X
   MicrosoftWindows
AdobeAcrobat Reader Version10.1.5
   ApplemacOS X
   MicrosoftWindows
AdobeAcrobat Reader Version10.1.6
   ApplemacOS X
   MicrosoftWindows
AdobeAcrobat Reader Version10.1.7
   ApplemacOS X
   MicrosoftWindows
AdobeAcrobat Reader Version10.1.8
   ApplemacOS X
   MicrosoftWindows
AdobeAcrobat Reader Version10.1.9
   ApplemacOS X
   MicrosoftWindows
AdobeAcrobat Reader Version11.0
   ApplemacOS X
   MicrosoftWindows
AdobeAcrobat Reader Version11.0.1
   ApplemacOS X
   MicrosoftWindows
AdobeAcrobat Reader Version11.0.2
   ApplemacOS X
   MicrosoftWindows
AdobeAcrobat Reader Version11.0.3
   ApplemacOS X
   MicrosoftWindows
AdobeAcrobat Reader Version11.0.4
   ApplemacOS X
   MicrosoftWindows
AdobeAcrobat Reader Version11.0.5 Update- SwPlatformwindows
   ApplemacOS X
   MicrosoftWindows
AdobeAcrobat Reader Version11.0.6
   ApplemacOS X
   MicrosoftWindows
AdobeAcrobat Version10.0
   ApplemacOS X
   MicrosoftWindows
AdobeAcrobat Version10.0.1
   ApplemacOS X
   MicrosoftWindows
AdobeAcrobat Version10.0.2
   ApplemacOS X
   MicrosoftWindows
AdobeAcrobat Version10.0.3
   ApplemacOS X
   MicrosoftWindows
AdobeAcrobat Version10.1
   ApplemacOS X
   MicrosoftWindows
AdobeAcrobat Version10.1.1
   ApplemacOS X
   MicrosoftWindows
AdobeAcrobat Version10.1.2
   ApplemacOS X
   MicrosoftWindows
AdobeAcrobat Version10.1.3
   ApplemacOS X
   MicrosoftWindows
AdobeAcrobat Version10.1.4
   ApplemacOS X
   MicrosoftWindows
AdobeAcrobat Version10.1.5
   ApplemacOS X
   MicrosoftWindows
AdobeAcrobat Version10.1.6
   ApplemacOS X
   MicrosoftWindows
AdobeAcrobat Version10.1.7
   ApplemacOS X
   MicrosoftWindows
AdobeAcrobat Version10.1.8
   ApplemacOS X
   MicrosoftWindows
AdobeAcrobat Version10.1.9
   ApplemacOS X
   MicrosoftWindows
AdobeAcrobat Version11.0
   ApplemacOS X
   MicrosoftWindows
AdobeAcrobat Version11.0.1
   ApplemacOS X
   MicrosoftWindows
AdobeAcrobat Version11.0.2
   ApplemacOS X
   MicrosoftWindows
AdobeAcrobat Version11.0.3
   ApplemacOS X
   MicrosoftWindows
AdobeAcrobat Version11.0.4
   ApplemacOS X
   MicrosoftWindows
AdobeAcrobat Version11.0.5 Update- SwPlatformwindows
   ApplemacOS X
   MicrosoftWindows
AdobeAcrobat Version11.0.6
   ApplemacOS X
   MicrosoftWindows
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Type Source Score Percentile
EPSS FIRST.org 12.68% 0.938
CVSS Metriken
Source Base Score Exploit Score Impact Score Vector string
nvd@nist.gov 4.3 8.6 2.9
AV:N/AC:M/Au:N/C:P/I:N/A:N
CWE-200 Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.