CVE-2015-3073

Exploit

EPSS 31.11%
Veröffentlicht 13.05.2015 11:00:07
Zuletzt bearbeitet 12.04.2025 10:46:40
Quelle psirt@adobe.com
Teams Watchlist Login
Unerledigt Login

Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allow attackers to bypass intended restrictions on JavaScript API execution via unspecified vectors, a different vulnerability than CVE-2015-3060, CVE-2015-3061, CVE-2015-3062, CVE-2015-3063, CVE-2015-3064, CVE-2015-3065, CVE-2015-3066, CVE-2015-3067, CVE-2015-3068, CVE-2015-3069, CVE-2015-3071, CVE-2015-3072, and CVE-2015-3074.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 8

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Adobe ≫ Acrobat Version10.1.0

Adobe ≫ Acrobat Version10.1.1

Adobe ≫ Acrobat Version10.1.2

Adobe ≫ Acrobat Version10.1.3

Adobe ≫ Acrobat Version10.1.4

Adobe ≫ Acrobat Version10.1.5

Adobe ≫ Acrobat Version10.1.6

Adobe ≫ Acrobat Version10.1.7

Adobe ≫ Acrobat Version10.1.8

Adobe ≫ Acrobat Version10.1.9

Adobe ≫ Acrobat Version10.1.10

Adobe ≫ Acrobat Version10.1.11

Adobe ≫ Acrobat Version10.1.12

Adobe ≫ Acrobat Version10.1.13

Adobe ≫ Acrobat Version11.0.0

Adobe ≫ Acrobat Version11.0.1

Adobe ≫ Acrobat Version11.0.2

Adobe ≫ Acrobat Version11.0.3

Adobe ≫ Acrobat Version11.0.4

Adobe ≫ Acrobat Version11.0.5

Adobe ≫ Acrobat Version11.0.6

Adobe ≫ Acrobat Version11.0.7

Adobe ≫ Acrobat Version11.0.8

Adobe ≫ Acrobat Version11.0.9

Adobe ≫ Acrobat Version11.0.10

Apple ≫ macOS X

Microsoft ≫ Windows

Adobe ≫ Acrobat Reader Version10.1.0

Adobe ≫ Acrobat Reader Version10.1.1

Adobe ≫ Acrobat Reader Version10.1.2

Adobe ≫ Acrobat Reader Version10.1.3

Adobe ≫ Acrobat Reader Version10.1.4

Adobe ≫ Acrobat Reader Version10.1.5

Adobe ≫ Acrobat Reader Version10.1.6

Adobe ≫ Acrobat Reader Version10.1.7

Adobe ≫ Acrobat Reader Version10.1.8

Adobe ≫ Acrobat Reader Version10.1.9

Adobe ≫ Acrobat Reader Version10.1.10

Adobe ≫ Acrobat Reader Version10.1.11

Adobe ≫ Acrobat Reader Version10.1.12

Adobe ≫ Acrobat Reader Version10.1.13

Adobe ≫ Acrobat Reader Version11.0.0

Adobe ≫ Acrobat Reader Version11.0.1

Adobe ≫ Acrobat Reader Version11.0.2

Adobe ≫ Acrobat Reader Version11.0.3

Adobe ≫ Acrobat Reader Version11.0.4

Adobe ≫ Acrobat Reader Version11.0.5

Adobe ≫ Acrobat Reader Version11.0.6

Adobe ≫ Acrobat Reader Version11.0.7

Adobe ≫ Acrobat Reader Version11.0.8

Adobe ≫ Acrobat Reader Version11.0.9

Adobe ≫ Acrobat Reader Version11.0.10

Apple ≫ macOS X

Microsoft ≫ Windows

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	31.11%	0.963

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	10	10	10	AV:N/AC:L/Au:N/C:C/I:C/A:C

CWE-284 Improper Access Control

The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.

http://www.securitytracker.com/id/1032284

Third Party Advisory

VDB Entry

https://helpx.adobe.com/security/products/reader/apsb15-10.html

Patch

Vendor Advisory

http://www.securityfocus.com/bid/74604

Third Party Advisory

VDB Entry

http://www.zerodayinitiative.com/advisories/ZDI-15-197

Third Party Advisory

VDB Entry

https://www.exploit-db.com/exploits/38344/

Third Party Advisory

Exploit

VDB Entry

https://nvd.nist.gov/vuln/detail/CVE-2015-3073

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2015-3073

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2015-3073

EUVD