4.3
CVE-2015-6703
- EPSS 2.1%
- Veröffentlicht 14.10.2015 23:59:25
- Zuletzt bearbeitet 12.04.2025 10:46:40
- Quelle psirt@adobe.com
- CVE-Watchlists
- Unerledigt
LoginThe loadFlashMovie function in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to obtain sensitive information from process memory via invalid arguments, a different vulnerability than CVE-2015-6697, CVE-2015-6699, CVE-2015-6700, CVE-2015-6701, CVE-2015-6702, and CVE-2015-6704.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Adobe ≫ Acrobat Dc SwEditionclassic Version >= 15.006.30060 < 15.006.30094
Adobe ≫ Acrobat Dc SwEditioncontinuous Version >= 15.008.20082 < 15.009.20069
Adobe ≫ Acrobat Reader Version >= 10.0 <= 10.1.15
Adobe ≫ Acrobat Reader Version >= 11.0.0 <= 11.0.12
Adobe ≫ Acrobat Reader Dc SwEditionclassic Version >= 15.006.30060 < 15.006.30094
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 2.1% | 0.835 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 4.3 | 8.6 | 2.9 |
AV:N/AC:M/Au:N/C:P/I:N/A:N
|
CWE-772 Missing Release of Resource after Effective Lifetime
The product does not release a resource after its effective lifetime has ended, i.e., after the resource is no longer needed.