CVE-2014-8446Code Injection in Adobe Acrobat

CWE-94Code Injection16 documents2 sources
Severity
10.0CRITICALNVD
EPSS
22.2%
top 4.18%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Adobe AcrobatAdobe Acrobat Reader
Timeline
PublishedDec 10
Latest updateMay 17

Description

Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-8445, CVE-2014-8447, CVE-2014-8456, CVE-2014-8458, CVE-2014-8459, CVE-2014-8461, and CVE-2014-9158.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages2 packages

NVDadobe/acrobat_reader27 versions+26
NVDadobe/acrobat27 versions+26

🔴Vulnerability Details

8
GHSA
GHSA-wmp5-56j9-7fr5: Adobe Reader and Acrobat 102022-05-17
GHSA
GHSA-3263-6j5q-9qmj: Adobe Reader and Acrobat 102022-05-17
GHSA
GHSA-6qgq-7mc3-cq6v: Adobe Reader and Acrobat 102022-05-17
GHSA
GHSA-v65r-6mhh-6pcx: Adobe Reader and Acrobat 102022-05-17
GHSA
GHSA-pf29-rp33-xrc7: Adobe Reader and Acrobat 102022-05-17
CVE-2014-8446 — Code Injection in Adobe Acrobat | cvebase