Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2015-6685

Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) by using the Format action for unspecified fields, a different vulnerability than CVE-2015-6686, CVE-2015-6693, CVE-2015-6694, CVE-2015-6695, and CVE-2015-7622.

Published

2015-10-14T23:59:06.530

Last Modified

2025-04-12T10:46:40.837

Status

Deferred

Source

[email protected]

Severity

CVSSv2: 6.8 (MEDIUM)

CVSSv2 Vector

AV:N/AC:M/Au:N/C:P/I:P/A:P

  • Access Vector: NETWORK
  • Access Complexity: MEDIUM
  • Authentication: NONE
  • Confidentiality Impact: PARTIAL
  • Integrity Impact: PARTIAL
  • Availability Impact: PARTIAL
Exploitability Score

8.6

Impact Score

6.4

Weaknesses
  • Type: Primary
    CWE-119
Affected Vendors & Products
Type Vendor Product Version/Range Vulnerable?
Application adobe acrobat ≤ 10.1.15 Yes
Application adobe acrobat ≤ 11.0.12 Yes
Application adobe acrobat_dc < 15.006.30094 Yes
Application adobe acrobat_dc < 15.009.20069 Yes
Application adobe acrobat_reader ≤ 10.1.15 Yes
Application adobe acrobat_reader ≤ 11.0.12 Yes
Application adobe acrobat_reader_dc < 15.006.30094 Yes
Application adobe acrobat_reader_dc < 15.009.20069 Yes
Operating System apple macos - No
Operating System microsoft windows - No
References