CVE-2015-3050
published 2015-05-13CVE-2015-3050: Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service…
PriorityP351critical10CVSS 2.0
AVNACLAuNCCICAC
EPSS
12.21%
95.7th percentile
Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-9161, CVE-2015-3046, CVE-2015-3049, CVE-2015-3051, CVE-2015-3052, CVE-2015-3056, CVE-2015-3057, CVE-2015-3070, and CVE-2015-3076.
Affected
50 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| adobe | acrobat | — | — |
| adobe | acrobat | — | — |
| adobe | acrobat | — | — |
| adobe | acrobat | — | — |
| adobe | acrobat | — | — |
| adobe | acrobat | — | — |
| adobe | acrobat | — | — |
| adobe | acrobat | — | — |
| adobe | acrobat | — | — |
| adobe | acrobat | — | — |
| adobe | acrobat | — | — |
| adobe | acrobat | — | — |
| adobe | acrobat | — | — |
| adobe | acrobat | — | — |
| adobe | acrobat | — | — |
| adobe | acrobat | — | — |
| adobe | acrobat | — | — |
| adobe | acrobat | — | — |
| adobe | acrobat | — | — |
| adobe | acrobat | — | — |
| adobe | acrobat | — | — |
| adobe | acrobat | — | — |
| adobe | acrobat | — | — |
| adobe | acrobat | — | — |
| adobe | acrobat | — | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-4rph-jf58-r356: Adobe Reader and Acrobat 10
ghsa_unreviewed·2022-05-17·CVSS 9.3
CVE-2015-3050 [CRITICAL] CWE-119 GHSA-4rph-jf58-r356: Adobe Reader and Acrobat 10
Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-9161, CVE-2015-3046, CVE-2015-3049, CVE-2015-3051, CVE-2015-3052, CVE-2015-3056, CVE-2015-3057, CVE-2015-3070, and CVE-2015-3076.
GHSA
GHSA-wx98-qq43-5g58: Adobe Reader and Acrobat 10
ghsa_unreviewed·2022-05-17·CVSS 9.3
CVE-2015-3057 [CRITICAL] CWE-119 GHSA-wx98-qq43-5g58: Adobe Reader and Acrobat 10
Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-9161, CVE-2015-3046, CVE-2015-3049, CVE-2015-3050, CVE-2015-3051, CVE-2015-3052, CVE-2015-3056, CVE-2015-3070, and CVE-2015-3076.
GHSA
GHSA-gqw2-24hf-qv8p: Adobe Reader and Acrobat 10
ghsa_unreviewed·2022-05-17·CVSS 9.3
CVE-2015-3052 [CRITICAL] CWE-119 GHSA-gqw2-24hf-qv8p: Adobe Reader and Acrobat 10
Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-9161, CVE-2015-3046, CVE-2015-3049, CVE-2015-3050, CVE-2015-3051, CVE-2015-3056, CVE-2015-3057, CVE-2015-3070, and CVE-2015-3076.
GHSA
GHSA-w3h5-qr68-5ff4: Adobe Reader and Acrobat 10
ghsa_unreviewed·2022-05-17·CVSS 9.3
CVE-2015-3049 [CRITICAL] CWE-119 GHSA-w3h5-qr68-5ff4: Adobe Reader and Acrobat 10
Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-9161, CVE-2015-3046, CVE-2015-3050, CVE-2015-3051, CVE-2015-3052, CVE-2015-3056, CVE-2015-3057, CVE-2015-3070, and CVE-2015-3076.
GHSA
GHSA-77gp-7427-w37r: Adobe Reader and Acrobat 10
ghsa_unreviewed·2022-05-17·CVSS 9.3
CVE-2015-3076 [CRITICAL] CWE-119 GHSA-77gp-7427-w37r: Adobe Reader and Acrobat 10
Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-9161, CVE-2015-3046, CVE-2015-3049, CVE-2015-3050, CVE-2015-3051, CVE-2015-3052, CVE-2015-3056, CVE-2015-3057, and CVE-2015-3070.
GHSA
GHSA-9659-pqfr-cff6: Adobe Reader and Acrobat 10
ghsa_unreviewed·2022-05-17·CVSS 9.3
CVE-2015-3046 [CRITICAL] CWE-119 GHSA-9659-pqfr-cff6: Adobe Reader and Acrobat 10
Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-9161, CVE-2015-3049, CVE-2015-3050, CVE-2015-3051, CVE-2015-3052, CVE-2015-3056, CVE-2015-3057, CVE-2015-3070, and CVE-2015-3076.
GHSA
GHSA-fc2f-r9p9-rcqq: Adobe Reader and Acrobat 10
ghsa_unreviewed·2022-05-17·CVSS 9.3
CVE-2015-3051 [CRITICAL] CWE-119 GHSA-fc2f-r9p9-rcqq: Adobe Reader and Acrobat 10
Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-9161, CVE-2015-3046, CVE-2015-3049, CVE-2015-3050, CVE-2015-3052, CVE-2015-3056, CVE-2015-3057, CVE-2015-3070, and CVE-2015-3076.
GHSA
GHSA-g996-x3qr-fm83: Adobe Reader and Acrobat 10
ghsa_unreviewed·2022-05-17·CVSS 9.3
CVE-2015-3070 [CRITICAL] CWE-119 GHSA-g996-x3qr-fm83: Adobe Reader and Acrobat 10
Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-9161, CVE-2015-3046, CVE-2015-3049, CVE-2015-3050, CVE-2015-3051, CVE-2015-3052, CVE-2015-3056, CVE-2015-3057, and CVE-2015-3076.
GHSA
GHSA-gcr8-c572-x97j: Adobe Reader and Acrobat 10
ghsa_unreviewed·2022-05-17·CVSS 9.3
CVE-2015-3056 [CRITICAL] CWE-119 GHSA-gcr8-c572-x97j: Adobe Reader and Acrobat 10
Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-9161, CVE-2015-3046, CVE-2015-3049, CVE-2015-3050, CVE-2015-3051, CVE-2015-3052, CVE-2015-3057, CVE-2015-3070, and CVE-2015-3076.
Project0
One font vulnerability to rule them all #1: Introducing the BLEND vulnerability - Project Zero
project_zero·2015-07-01·CVSS 4.3
CVE-2015-0074 [MEDIUM] One font vulnerability to rule them all #1: Introducing the BLEND vulnerability - Project Zero
Posted by Mateusz Jurczyk of Google Project Zero
Last month, I presented parts of my PostScript font security research at the REcon security conference in Montreal, in a talk titled “One font vulnerability to rule them all: A story of cross-software ownage, shared codebases and advanced exploitation”. This talk discussed the exploitation process of a vulnerability found in the implementation of a BLEND Charstring instruction, discovered in a user-mode Adobe Reader’s CoolType library and a kernel-mode Adobe Type Manager Font Driver (ATMFD.DLL) used by Windows, both of which are responsible for supporting Type 1 and OpenType fonts in the Reader and system GDI environments. This research was performed as part of my Project Zero work, and more generally resulted in a multitude of vulnerabili
No detection rules found.
No public exploits indexed.
2015-05-13
Published