cbcvebase.
CVE-2015-7622
published 2015-10-14

CVE-2015-7622: Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat…

PriorityP266critical10CVSS 2.0
AVNACLAuNCCICAC
EXPLOIT
EPSS
23.39%
97.5th percentile
Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-6685, CVE-2015-6686, CVE-2015-6693, CVE-2015-6694, and CVE-2015-6695.

Affected

8 ranges
VendorProductVersion rangeFixed in
adobeacrobat10.0 – 10.1.15
adobeacrobat11.0.0 – 11.0.12
adobeacrobat_dc>= 15.006.30060 < 15.006.3009415.006.30094
adobeacrobat_dc>= 15.008.20082 < 15.009.2006915.009.20069
adobeacrobat_reader10.0 – 10.1.15
adobeacrobat_reader11.0.0 – 11.0.12
adobeacrobat_reader_dc>= 15.006.30060 < 15.006.3009415.006.30094
adobeacrobat_reader_dc>= 15.008.20082 < 15.009.2006915.009.20069

Detection & IOCsextracted from sources · hover to see the quote

urlhttp://protekresearchlab.com/exploits/COSIG-2015-001.pdf
urlhttps://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/38787.zip
version15.008.20082.15957
  • Trigger condition is a crafted PDF file with an invalid image processed by the PDF parser, leading to memory corruption. Flag suspicious PDF files opened in Acrobat Reader DC 15.008.20082.15957 on Windows.
  • Exploitation requires user interaction — monitor for Acrobat Reader DC processes spawning unexpected child processes after opening or previewing a PDF file.
  • ·CVE-2015-7622 is distinct from the fillColor-attribute memory corruption bugs (CVE-2015-6685, CVE-2015-6686, CVE-2015-6693, CVE-2015-6694, CVE-2015-6695) even though they share the same affected version ranges; ensure detections/signatures target the PDF image-parsing code path, not the fillColor attribute path.
  • ·The vulnerability affects Windows and OS X platforms across Acrobat/Reader 10.x before 10.1.16, 11.x before 11.0.13, DC Classic before 2015.006.30094, and DC Continuous before 2015.009.20069; scope detections accordingly.
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.