CVE-2014-0525 — Adobe Acrobat vulnerability

CWE-2642 documents2 sources

Severity

10.0CRITICALNVD

EPSS

31.3%

top 3.22%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Adobe Acrobat Adobe Acrobat Reader

Timeline

PublishedMay 14

Latest updateMay 17

Description

The API in Adobe Reader and Acrobat 10.x before 10.1.10 and 11.x before 11.0.07 on Windows and OS X does not prevent access to unmapped memory, which allows attackers to execute arbitrary code via unspecified API calls.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages2 packages

▶NVDadobe/acrobat_reader21 versions+20

▶NVDadobe/acrobat21 versions+20

🔴Vulnerability Details

GHSA

GHSA-9px4-5h9j-2m63: The API in Adobe Reader and Acrobat 10↗2022-05-17

▶