6.8
CVE-2015-6698
- EPSS 1.5%
- Veröffentlicht 14.10.2015 23:59:20
- Zuletzt bearbeitet 12.04.2025 10:46:40
- Quelle psirt@adobe.com
- CVE-Watchlists
- Unerledigt
LoginHeap-based buffer overflow in the AcroForm implementation in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-6696.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Adobe ≫ Acrobat Dc SwEditionclassic Version >= 15.006.30060 < 15.006.30094
Adobe ≫ Acrobat Dc SwEditioncontinuous Version >= 15.008.20082 < 15.009.20069
Adobe ≫ Acrobat Reader Version >= 10.0 <= 10.1.15
Adobe ≫ Acrobat Reader Version >= 11.0.0 <= 11.0.12
Adobe ≫ Acrobat Reader Dc SwEditionclassic Version >= 15.006.30060 < 15.006.30094
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 1.5% | 0.806 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 6.8 | 8.6 | 6.4 |
AV:N/AC:M/Au:N/C:P/I:P/A:P
|
CWE-787 Out-of-bounds Write
The product writes data past the end, or before the beginning, of the intended buffer.