CVE-2014-0521Sensitive Information Exposure in Adobe Acrobat

CWE-200Sensitive Information Exposure2 documents2 sources
Severity
4.3MEDIUMNVD
EPSS
18.3%
top 4.77%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Adobe AcrobatAdobe Acrobat Reader
Timeline
PublishedMay 14
Latest updateMay 17

Description

Adobe Reader and Acrobat 10.x before 10.1.10 and 11.x before 11.0.07 on Windows and OS X do not properly implement JavaScript APIs, which allows remote attackers to obtain sensitive information via a crafted PDF document.

CVSS vector

AV:N/AC:M/C:P/I:N/A:NExploitability: 8.6 | Impact: 2.9

Affected Packages2 packages

NVDadobe/acrobat_reader21 versions+20
NVDadobe/acrobat21 versions+20

🔴Vulnerability Details

1
GHSA
GHSA-496w-cc54-c96f: Adobe Reader and Acrobat 102022-05-17
CVE-2014-0521 — Sensitive Information Exposure in Adobe | cvebase