CVE-2014-8454 — Adobe Acrobat vulnerability

6 documents2 sources

Severity

10.0CRITICALNVD

EPSS

17.0%

top 5.01%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Adobe Acrobat Adobe Acrobat Reader

Timeline

PublishedDec 10

Latest updateMay 17

Description

Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2014-8455 and CVE-2014-9165.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages2 packages

▶NVDadobe/acrobat_reader27 versions+26

▶NVDadobe/acrobat27 versions+26

🔴Vulnerability Details

GHSA

GHSA-9p5m-pvjx-2xxw: Use-after-free vulnerability in Adobe Reader and Acrobat 10↗2022-05-17

▶

GHSA

GHSA-5pxv-jf6q-f96h: Use-after-free vulnerability in Adobe Reader and Acrobat 10↗2022-05-17

▶

GHSA

GHSA-r4p2-qv8q-wxj3: Use-after-free vulnerability in Adobe Reader and Acrobat 10↗2022-05-17

▶