Vulnerability Description
Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allow attackers to bypass intended restrictions on JavaScript API execution via unspecified vectors, a different vulnerability than CVE-2015-3060, CVE-2015-3061, CVE-2015-3062, CVE-2015-3063, CVE-2015-3064, CVE-2015-3065, CVE-2015-3066, CVE-2015-3067, CVE-2015-3069, CVE-2015-3071, CVE-2015-3072, CVE-2015-3073, and CVE-2015-3074.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Adobe | Acrobat | 10.1.0 |
| Apple | Mac Os X | All versions |
| Microsoft | Windows | All versions |
| Adobe | Acrobat Reader | 10.1.0 |
Related Weaknesses (CWE)
References
- http://www.securityfocus.com/bid/74604Third Party AdvisoryVDB Entry
- http://www.securitytracker.com/id/1032284Third Party AdvisoryVDB Entry
- http://www.zerodayinitiative.com/advisories/ZDI-15-202Third Party AdvisoryVDB Entry
- https://helpx.adobe.com/security/products/reader/apsb15-10.htmlPatchVendor Advisory
- http://www.securityfocus.com/bid/74604Third Party AdvisoryVDB Entry
- http://www.securitytracker.com/id/1032284Third Party AdvisoryVDB Entry
- http://www.zerodayinitiative.com/advisories/ZDI-15-202Third Party AdvisoryVDB Entry
- https://helpx.adobe.com/security/products/reader/apsb15-10.htmlPatchVendor Advisory
FAQ
What is CVE-2015-3068?
CVE-2015-3068 is a vulnerability with a CVSS score of 10.0 (HIGH). Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allow attackers to bypass intended restrictions on JavaScript API execution via unspecified vectors, a differen...
How severe is CVE-2015-3068?
CVE-2015-3068 has been rated HIGH with a CVSS base score of 10.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2015-3068?
Check the references section above for vendor advisories and patch information. Affected products include: Adobe Acrobat, Apple Mac Os X, Microsoft Windows, Adobe Acrobat Reader.