Vulnerability Description
Adobe Reader and Acrobat 10.x before 10.1.11 and 11.x before 11.0.08 on Windows allow attackers to bypass a sandbox protection mechanism, and consequently execute native code in a privileged context, via unspecified vectors.
CVSS Score
CRITICAL
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Adobe | Acrobat | >= 10.0, < 10.1.11 |
| Adobe | Acrobat Reader | >= 10.0, < 10.1.11 |
| Microsoft | Windows | All versions |
References
- http://helpx.adobe.com/security/products/reader/apsb14-19.htmlPatchVendor Advisory
- http://www.securitytracker.com/id/1030711Broken LinkThird Party AdvisoryVDB Entry
- http://helpx.adobe.com/security/products/reader/apsb14-19.htmlPatchVendor Advisory
- http://www.securitytracker.com/id/1030711Broken LinkThird Party AdvisoryVDB Entry
- https://github.com/cisagov/vulnrichment/issues/199Issue Tracking
- https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2014-US Government Resource
FAQ
What is CVE-2014-0546?
CVE-2014-0546 is a vulnerability with a CVSS score of 9.8 (CRITICAL). Adobe Reader and Acrobat 10.x before 10.1.11 and 11.x before 11.0.08 on Windows allow attackers to bypass a sandbox protection mechanism, and consequently execute native code in a privileged context, ...
How severe is CVE-2014-0546?
CVE-2014-0546 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2014-0546?
Check the references section above for vendor advisories and patch information. Affected products include: Adobe Acrobat, Adobe Acrobat Reader, Microsoft Windows.