CVE-2015-6697

Adobe Acrobat < 10.1.15 - Resource Leak

Title source: rule

Description

Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allow attackers to obtain sensitive information about color objects from process memory by reading a light object's RGB data, a different vulnerability than CVE-2015-6699, CVE-2015-6700, CVE-2015-6701, CVE-2015-6702, CVE-2015-6703, and CVE-2015-6704.

References (3)

[Third Party Advisory, VDB Entry] http://www.securitytracker.com/id/1033796

[Third Party Advisory, VDB Entry] http://www.zerodayinitiative.com/advisories/ZDI-15-475

[Patch, Vendor Advisory] https://helpx.adobe.com/security/products/acrobat/apsb15-24.html

Scores

EPSS 0.0169

EPSS Percentile 82.0%

Classification

CWE

CWE-772

Status draft

Affected Products (6)

adobe/acrobat < 10.1.15

adobe/acrobat_dc < 15.006.30094

adobe/acrobat_dc < 15.009.20069

adobe/acrobat_reader < 10.1.15

adobe/acrobat_reader_dc < 15.006.30094

adobe/acrobat_reader_dc < 15.009.20069

Timeline

Published Oct 14, 2015

Tracked Since Feb 18, 2026