cbcvebase.
CVE-2014-0514
published 2014-04-15

CVE-2014-0514: The Adobe Reader Mobile application before 11.2 for Android does not properly restrict use of JavaScript, which allows remote attackers to execute arbitrary…

PriorityP271critical9.3CVSS 2.0
AVNACMAuNCCICAC
EXPLOIT
EPSS
72.00%
99.4th percentile
The Adobe Reader Mobile application before 11.2 for Android does not properly restrict use of JavaScript, which allows remote attackers to execute arbitrary code via a crafted PDF document, a related issue to CVE-2012-6636.

Affected

2 ranges
VendorProductVersion rangeFixed in
adobeadobe_reader<= 11.1.3
adobeadobe_reader

Detection & IOCsextracted from sources · hover to see the quote

path/data/data/com.adobe.reader/mobilereader.poc.txt
urlfile:///android_asset/javascript/index.html
urlhttp://www.securify.nl/advisory/SFY20140401/mobilereader.poc.pdf
  • Detect JavaScript in PDFs referencing the window._app, window._doc, or window._adobereader objects, which are the exposed insecure JavascriptInterface bridge names used in exploitation.
  • The Metasploit module embeds a webview_addjavascriptinterface browser exploit inside a PDF; look for PDF files containing compressed/encoded JavaScript streams consistent with this technique, particularly targeting ARM, MIPS, or x86 Android architectures.
  • ·The Metasploit module defaults to the Android ARM target; separate payloads/shellcode are required for MIPSLE and x86 Android architectures.
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.