CVE-2015-6701

Adobe Acrobat < 10.1.15 - Resource Leak

Title source: rule

Description

The ambientIlluminationColor property implementation in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to obtain sensitive information from process memory via a function call, a different vulnerability than CVE-2015-6697, CVE-2015-6699, CVE-2015-6700, CVE-2015-6702, CVE-2015-6703, and CVE-2015-6704.

References (3)

[Third Party Advisory, VDB Entry] http://www.securitytracker.com/id/1033796

[Third Party Advisory, VDB Entry] http://www.zerodayinitiative.com/advisories/ZDI-15-479

[Patch, Vendor Advisory] https://helpx.adobe.com/security/products/acrobat/apsb15-24.html

Scores

EPSS 0.0210

EPSS Percentile 83.8%

Classification

CWE

CWE-772

Status draft

Affected Products (6)

adobe/acrobat < 10.1.15

adobe/acrobat_dc < 15.006.30094

adobe/acrobat_dc < 15.009.20069

adobe/acrobat_reader < 10.1.15

adobe/acrobat_reader_dc < 15.006.30094

adobe/acrobat_reader_dc < 15.009.20069

Timeline

Published Oct 14, 2015

Tracked Since Feb 18, 2026