CVE-2015-7622
published 2015-10-14CVE-2015-7622: Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat…
PriorityP266critical10CVSS 2.0
AVNACLAuNCCICAC
EXPLOIT
EPSS
23.39%
97.5th percentile
Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-6685, CVE-2015-6686, CVE-2015-6693, CVE-2015-6694, and CVE-2015-6695.
Affected
8 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| adobe | acrobat | 10.0 – 10.1.15 | — |
| adobe | acrobat | 11.0.0 – 11.0.12 | — |
| adobe | acrobat_dc | >= 15.006.30060 < 15.006.30094 | 15.006.30094 |
| adobe | acrobat_dc | >= 15.008.20082 < 15.009.20069 | 15.009.20069 |
| adobe | acrobat_reader | 10.0 – 10.1.15 | — |
| adobe | acrobat_reader | 11.0.0 – 11.0.12 | — |
| adobe | acrobat_reader_dc | >= 15.006.30060 < 15.006.30094 | 15.006.30094 |
| adobe | acrobat_reader_dc | >= 15.008.20082 < 15.009.20069 | 15.009.20069 |
Detection & IOCsextracted from sources · hover to see the quote
- →Trigger condition is a crafted PDF file with an invalid image processed by the PDF parser, leading to memory corruption. Flag suspicious PDF files opened in Acrobat Reader DC 15.008.20082.15957 on Windows. ↗
- →Exploitation requires user interaction — monitor for Acrobat Reader DC processes spawning unexpected child processes after opening or previewing a PDF file. ↗
- ·CVE-2015-7622 is distinct from the fillColor-attribute memory corruption bugs (CVE-2015-6685, CVE-2015-6686, CVE-2015-6693, CVE-2015-6694, CVE-2015-6695) even though they share the same affected version ranges; ensure detections/signatures target the PDF image-parsing code path, not the fillColor attribute path. ↗
- ·The vulnerability affects Windows and OS X platforms across Acrobat/Reader 10.x before 10.1.16, 11.x before 11.0.13, DC Classic before 2015.006.30094, and DC Continuous before 2015.009.20069; scope detections accordingly. ↗
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-v9xf-2767-3v8v: Adobe Reader and Acrobat 10
ghsa_unreviewed·2022-05-13·CVSS 6.8
CVE-2015-6695 [MEDIUM] CWE-119 GHSA-v9xf-2767-3v8v: Adobe Reader and Acrobat 10
Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted use of the value attribute, a different vulnerability than CVE-2015-6685, CVE-2015-6686, CVE-2015-6693, CVE-2015-6694, and CVE-2015-7622.
GHSA
GHSA-4j77-57g7-9jgm: Adobe Reader and Acrobat 10
ghsa_unreviewed·2022-05-13·CVSS 6.8
CVE-2015-6686 [MEDIUM] CWE-119 GHSA-4j77-57g7-9jgm: Adobe Reader and Acrobat 10
Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted set of fields, a different vulnerability than CVE-2015-6685, CVE-2015-6693, CVE-2015-6694, CVE-2015-6695, and CVE-2015-7622.
GHSA
GHSA-x4g3-938c-pqqc: Adobe Reader and Acrobat 10
ghsa_unreviewed·2022-05-13·CVSS 6.8
CVE-2015-6685 [MEDIUM] CWE-119 GHSA-x4g3-938c-pqqc: Adobe Reader and Acrobat 10
Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) by using the Format action for unspecified fields, a different vulnerability than CVE-2015-6686, CVE-2015-6693, CVE-2015-6694, CVE-2015-6695, and CVE-2015-7622.
GHSA
GHSA-2m8j-8668-5vg5: The signatureSetSeedValue method in Adobe Reader and Acrobat 10
ghsa_unreviewed·2022-05-13·CVSS 6.8
CVE-2015-6693 [MEDIUM] CWE-119 GHSA-2m8j-8668-5vg5: The signatureSetSeedValue method in Adobe Reader and Acrobat 10
The signatureSetSeedValue method in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted arguments, a different vulnerability than CVE-2015-6685, CVE-2015-6686, CVE-2015-6694, CVE-2015-6695, and CVE-2015-7622.
GHSA
GHSA-hp8q-jv2q-wp3j: Adobe Reader and Acrobat 10
ghsa_unreviewed·2022-05-13·CVSS 6.8
CVE-2015-6694 [MEDIUM] CWE-119 GHSA-hp8q-jv2q-wp3j: Adobe Reader and Acrobat 10
Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted use of the fillColor attribute, a different vulnerability than CVE-2015-6685, CVE-2015-6686, CVE-2015-6693, CVE-2015-6695, and CVE-2015-7622.
GHSA
GHSA-5297-rr9c-r4f6: Adobe Reader and Acrobat 10
ghsa_unreviewed·2022-05-13·CVSS 6.8
CVE-2015-7622 [MEDIUM] CWE-119 GHSA-5297-rr9c-r4f6: Adobe Reader and Acrobat 10
Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-6685, CVE-2015-6686, CVE-2015-6693, CVE-2015-6694, and CVE-2015-6695.
GHSA
GHSA-xmm3-99cm-jpgq: Adobe Reader and Acrobat 10
ghsa_unreviewed·2022-05-13·CVSS 6.8
CVE-2015-7650 [MEDIUM] CWE-119 GHSA-xmm3-99cm-jpgq: Adobe Reader and Acrobat 10
Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (out-of-bounds read and memory corruption) via a crafted CMAP table in a PDF document, a different vulnerability than CVE-2015-6685, CVE-2015-6686, CVE-2015-6693, CVE-2015-6694, CVE-2015-6695, and CVE-2015-7622.
No detection rules found.
No writeups or analysis indexed.
2015-10-14
Published