CVE-2015-5086
First published: Wed Jul 15 2015(Updated: )
Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, Acrobat and Acrobat Reader DC Classic before 2015.006.30060, and Acrobat and Acrobat Reader DC Continuous before 2015.008.20082 on Windows and OS X allow attackers to bypass JavaScript API execution restrictions via unspecified vectors, a different vulnerability than CVE-2015-4435, CVE-2015-4438, CVE-2015-4441, CVE-2015-4445, CVE-2015-4447, CVE-2015-4451, CVE-2015-4452, and CVE-2015-5085.
Credit: psirt@adobe.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Adobe Acrobat Reader | >=10.0<=10.1.14 | |
| Adobe Acrobat Reader | >=11.0.0<=11.0.11 | |
| Adobe Acrobat | >=15.006.30033<15.006.30060 | |
| Adobe Acrobat | >=15.007.20033<15.008.20082 | |
| Adobe Acrobat Reader | >=10.0<=10.1.14 | |
| Adobe Acrobat Reader | >=11.0.0<=11.0.11 | |
| Adobe Acrobat Reader | >=15.006.30033<15.006.30060 | |
| Adobe Acrobat Reader | >=15.007.20033<15.008.20082 | |
| Apple iOS and macOS | ||
| Microsoft Windows |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2015-5086?
CVE-2015-5086 is classified as a critical vulnerability affecting Adobe Reader and Acrobat.
How do I fix CVE-2015-5086?
To fix CVE-2015-5086, update Adobe Reader or Acrobat to the latest version provided by Adobe.
Which versions are affected by CVE-2015-5086?
CVE-2015-5086 affects Adobe Reader and Acrobat versions before 10.1.15, 11.0.12, and various versions of Acrobat DC before 2015.006.30060 and 2015.008.20082.
What kind of attacks can exploit CVE-2015-5086?
CVE-2015-5086 can be exploited to bypass JavaScript API execution restrictions, allowing for potential unauthorized actions.
Is there a specific configuration required to exploit CVE-2015-5086?
No specific configuration is required; the vulnerability allows attackers to exploit the inherent weaknesses in the affected versions.
- agent/type
- agent/severity
- agent/references
- agent/remedy
- agent/author
- agent/description
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/first-publish-date
- agent/event
- agent/source
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/adobe
- canonical/adobe acrobat reader
- version/adobe acrobat reader/10.0
- version/adobe acrobat reader/10.1.14
- version/adobe acrobat reader/11.0.0
- version/adobe acrobat reader/11.0.11
- canonical/adobe acrobat
- version/adobe acrobat/15.006.30033
- version/adobe acrobat/15.007.20033
- version/adobe acrobat reader/15.006.30033
- version/adobe acrobat reader/15.007.20033
- vendor/apple
- canonical/apple ios and macos
- vendor/microsoft
- canonical/microsoft windows