The addForegroundSprite function in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to obtain sensitive information from process memory via invalid arguments, a different vulnerability than CVE-2015-6697, CVE-2015-6700, CVE-2015-6701, CVE-2015-6702, CVE-2015-6703, and CVE-2015-6704.
References
Link | Resource |
---|---|
http://www.securitytracker.com/id/1033796 | Third Party Advisory VDB Entry |
http://www.zerodayinitiative.com/advisories/ZDI-15-477 | Third Party Advisory VDB Entry |
https://helpx.adobe.com/security/products/acrobat/apsb15-24.html | Patch Vendor Advisory |
http://www.securitytracker.com/id/1033796 | Third Party Advisory VDB Entry |
http://www.zerodayinitiative.com/advisories/ZDI-15-477 | Third Party Advisory VDB Entry |
https://helpx.adobe.com/security/products/acrobat/apsb15-24.html | Patch Vendor Advisory |
Configurations
Configuration 1 (hide)
AND |
|
History
21 Nov 2024, 02:35
Type | Values Removed | Values Added |
---|---|---|
References | () http://www.securitytracker.com/id/1033796 - Third Party Advisory, VDB Entry | |
References | () http://www.zerodayinitiative.com/advisories/ZDI-15-477 - Third Party Advisory, VDB Entry | |
References | () https://helpx.adobe.com/security/products/acrobat/apsb15-24.html - Patch, Vendor Advisory |
Information
Published : 2015-10-14 23:59
Updated : 2024-11-21 02:35
NVD link : CVE-2015-6699
Mitre link : CVE-2015-6699
CVE.ORG link : CVE-2015-6699
JSON object : View
Products Affected
adobe
- acrobat
- acrobat_dc
- acrobat_reader
- acrobat_reader_dc
apple
- macos
microsoft
- windows
CWE
CWE-772
Missing Release of Resource after Effective Lifetime