CVE-2015-3059Use After Free in Adobe Acrobat

CWE-416Use After Free12 documents4 sources
Severity
10.0CRITICALNVD
NVD7.5
EPSS
3.6%
top 12.28%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Adobe AcrobatAdobe Acrobat Reader
Timeline
PublishedMay 13
Latest updateMay 17

Description

Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-3053, CVE-2015-3054, CVE-2015-3055, and CVE-2015-3075.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages2 packages

NVDadobe/acrobat_reader25 versions+24
NVDadobe/acrobat25 versions+24

Patches

Patch: helpx.adobe.comPatch: helpx.adobe.com

🔴Vulnerability Details

5
GHSA
GHSA-wgc8-2wwh-f797: Use-after-free vulnerability in Adobe Reader and Acrobat 102022-05-17
GHSA
GHSA-hvmw-wvjj-3h3x: Use-after-free vulnerability in Adobe Reader and Acrobat 102022-05-17
GHSA
GHSA-f5qr-chhp-9g8p: Use-after-free vulnerability in Adobe Reader and Acrobat 102022-05-17
GHSA
GHSA-hqh5-x7wr-q63c: Use-after-free vulnerability in Adobe Reader and Acrobat 102022-05-17
GHSA
GHSA-wq8p-3q98-gw6h: Use-after-free vulnerability in Adobe Reader and Acrobat 102022-05-17

🕵️Threat Intelligence

1
Zscaler
Zscaler detects Flash Player Vulnerabilities | 05-21-2015

💬Community

1
Bugzilla
CVE-2015-9262 libxcursor: 1-byte heap-based overflow in _XcursorThemeInherits function in library.c2018-08-02
CVE-2015-3059 — Use After Free in Adobe Acrobat | cvebase