CVE-2014-0568Insecure Operation on Windows Junction / Mount Point in Adobe Acrobat

CWE-1386Insecure Operation on Windows Junction / Mount PointCWE-362Race Condition6 documents4 sources
Severity
10.0CRITICALNVD
NVD6.4
EPSS
5.4%
top 9.90%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Adobe AcrobatAdobe Acrobat Reader
Timeline
PublishedSep 17
Latest updateMay 17

Description

The NtSetInformationFile system call hook feature in Adobe Reader and Acrobat 10.x before 10.1.12 and 11.x before 11.0.09 on Windows allows attackers to bypass a sandbox protection mechanism, and consequently execute native code in a privileged context, via an NTFS junction attack.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages2 packages

NVDadobe/acrobat_reader11.0.8+25
NVDadobe/acrobat11.0.8+25

Patches

Patch: helpx.adobe.comPatch: helpx.adobe.com

🔴Vulnerability Details

3
GHSA
GHSA-x8vq-jv88-c5cc: Race condition in the MoveFileEx call hook feature in Adobe Reader and Acrobat 112022-05-17
GHSA
GHSA-xx89-v728-cjjc: The NtSetInformationFile system call hook feature in Adobe Reader and Acrobat 102022-05-17
Project0
Windows 10^H^H Symbolic Link Mitigations - Project Zero2015-08-01

📐Framework References

1
CWE
Insecure Operation on Windows Junction / Mount Point
CVE-2014-0568 — Adobe Acrobat vulnerability | cvebase