← back
CVE-2014-0546

CVE-2014-0546

CVSS 8.8 HIGHEPSS 22.3%● KEV
In short

Adobe Reader and Acrobat versions 10.x (before 10.1.11) and 11.x (before 11.0.08) on Windows contain a flaw that allows attackers to escape the sandbox security boundary and run malicious code with elevated privileges. This is dangerous because the sandbox normally isolates PDFs from the rest of your system.

Technical detail

A sandbox bypass vulnerability in Adobe Reader/Acrobat 10.x and 11.x on Windows enables privilege escalation through unspecified attack vectors, allowing arbitrary native code execution in a privileged context. The vulnerability requires user interaction to open a malicious PDF and affects the sandbox isolation mechanism that contains untrusted content.

Summary generated and translated by AI from the official description.
Adobe Reader and Acrobat 10.x before 10.1.11 and 11.x before 11.0.08 on Windows allow attackers to bypass a sandbox protection mechanism, and consequently execute native code in a privileged context, via unspecified vectors.
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://helpx.adobe.com/security/products/reader/apsb14-19.htmlhttps://github.com/cisagov/vulnrichment/issues/199https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2014-0546http://www.securitytracker.com/id/1030711