CVE-2014-8448Sensitive Information Exposure in Adobe Acrobat

CWE-200Sensitive Information Exposure4 documents2 sources
Severity
5.0MEDIUMNVD
EPSS
19.0%
top 4.65%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Adobe AcrobatAdobe Acrobat Reader
Timeline
PublishedDec 10
Latest updateMay 17

Description

An unspecified JavaScript API in Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allows attackers to obtain sensitive information via unknown vectors, a different vulnerability than CVE-2014-8451.

CVSS vector

AV:N/AC:L/C:P/I:N/A:NExploitability: 10.0 | Impact: 2.9

Affected Packages2 packages

NVDadobe/acrobat_reader27 versions+26
NVDadobe/acrobat27 versions+26

🔴Vulnerability Details

2
GHSA
GHSA-f48m-94vm-9jch: An unspecified JavaScript API in Adobe Reader and Acrobat 102022-05-17
GHSA
GHSA-4456-f89c-g4p5: An unspecified JavaScript API in Adobe Reader and Acrobat 102022-05-17
CVE-2014-8448 — Sensitive Information Exposure in Adobe | cvebase