CVE-2015-5097

Adobe Acrobat/Reader RCE via Integer Overflow (10.x<10.1.15, 11.x<11.0.12, DC<2015.006.30060/2015.008.20082)

Title source: llm

Description

Integer overflow in Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, Acrobat and Acrobat Reader DC Classic before 2015.006.30060, and Acrobat and Acrobat Reader DC Continuous before 2015.008.20082 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-5108 and CVE-2015-5109.

References (3)

Core 3

Core References

Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack

http://www.securitytracker.com/id/1032892

Patch, Vendor Advisory x_refsource_confirm

https://helpx.adobe.com/security/products/reader/apsb15-15.html

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/75741

Scores

EPSS 0.1885

EPSS Percentile 96.9%

Details

CWE

CWE-190

Status published

Products (6)

adobe/acrobat 10.0 - 10.1.14

adobe/acrobat_dc 15.006.30033 - 15.006.30060

adobe/acrobat_dc 15.007.20033 - 15.008.20082

adobe/acrobat_reader 10.0 - 10.1.14

adobe/acrobat_reader_dc 15.006.30033 - 15.006.30060

adobe/acrobat_reader_dc 15.007.20033 - 15.008.20082

Published Jul 15, 2015

Tracked Since Feb 18, 2026