Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2015-4446

Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, Acrobat and Acrobat Reader DC Classic before 2015.006.30060, and Acrobat and Acrobat Reader DC Continuous before 2015.008.20082 on Windows and OS X allow attackers to bypass intended access restrictions and perform a transition from Low Integrity to Medium Integrity via unspecified vectors, a different vulnerability than CVE-2015-5090 and CVE-2015-5106.

Published

2015-07-15T14:59:09.863

Last Modified

2025-04-12T10:46:40.837

Status

Deferred

Source

[email protected]

Severity

CVSSv2: 7.5 (HIGH)

CVSSv2 Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

  • Access Vector: NETWORK
  • Access Complexity: LOW
  • Authentication: NONE
  • Confidentiality Impact: PARTIAL
  • Integrity Impact: PARTIAL
  • Availability Impact: PARTIAL
Exploitability Score

10.0

Impact Score

6.4

Weaknesses
  • Type: Primary
    CWE-269
Affected Vendors & Products
Type Vendor Product Version/Range Vulnerable?
Application adobe acrobat < 10.1.15 Yes
Application adobe acrobat < 11.0.12 Yes
Application adobe acrobat_dc < 15.006.30060 Yes
Application adobe acrobat_dc < 15.008.20082 Yes
Application adobe acrobat_reader < 10.1.15 Yes
Application adobe acrobat_reader < 11.0.12 Yes
Application adobe acrobat_reader_dc < 15.006.30060 Yes
Application adobe acrobat_reader_dc < 15.008.20082 Yes
Operating System apple macos - No
Operating System microsoft windows - No
References