CVE-2014-0568

EUVD-2014-0599
The NtSetInformationFile system call hook feature in Adobe Reader and Acrobat 10.x before 10.1.12 and 11.x before 11.0.09 on Windows allows attackers to bypass a sandbox protection mechanism, and consequently execute native code in a privileged context, via an NTFS junction attack.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
10 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:C/I:C/A:C
Base Score
CVSS 3.x
EPSS Score
Percentile: 90%
Affected Products (NVD)
VendorProductVersion
adobeacrobat_reader
10.0
adobeacrobat_reader
10.0.1
adobeacrobat_reader
10.0.2
adobeacrobat_reader
10.0.3
adobeacrobat_reader
10.1
adobeacrobat_reader
10.1.1
adobeacrobat_reader
10.1.2
adobeacrobat_reader
10.1.3
adobeacrobat_reader
10.1.4
adobeacrobat_reader
10.1.5
adobeacrobat_reader
10.1.6
adobeacrobat_reader
10.1.7
adobeacrobat_reader
10.1.8
adobeacrobat_reader
10.1.9
adobeacrobat_reader
10.1.10
adobeacrobat_reader
10.1.11
adobeacrobat_reader
11.0
adobeacrobat_reader
11.0.1
adobeacrobat_reader
11.0.2
adobeacrobat_reader
11.0.3
adobeacrobat_reader
11.0.4
adobeacrobat_reader
11.0.5
adobeacrobat_reader
11.0.6
adobeacrobat_reader
11.0.7
adobeacrobat_reader
11.0.8
adobeacrobat
10.0
adobeacrobat
10.0
adobeacrobat
10.0.1
adobeacrobat
10.0.1
adobeacrobat
10.0.2
adobeacrobat
10.0.3
adobeacrobat
10.1
adobeacrobat
10.1.1
adobeacrobat
10.1.2
adobeacrobat
10.1.3
adobeacrobat
10.1.4
adobeacrobat
10.1.5
adobeacrobat
10.1.6
adobeacrobat
10.1.7
adobeacrobat
10.1.8
adobeacrobat
10.1.9
adobeacrobat
10.1.10
adobeacrobat
10.1.11
adobeacrobat
11.0
adobeacrobat
11.0.1
adobeacrobat
11.0.2
adobeacrobat
11.0.3
adobeacrobat
11.0.4
adobeacrobat
11.0.5
adobeacrobat
11.0.6
adobeacrobat
11.0.7
adobeacrobat
11.0.8
𝑥
= Vulnerable software versions
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
acroread
lucid
not-affected
precise
not-affected
trusty
dne
References
http://helpx.adobe.com/security/products/reader/apsb14-20.html
http://www.securityfocus.com/bid/69828
http://www.securitytracker.com/id/1030853
https://code.google.com/p/google-security-research/issues/detail?id=94
https://exchange.xforce.ibmcloud.com/vulnerabilities/96000
http://helpx.adobe.com/security/products/reader/apsb14-20.html
http://www.securityfocus.com/bid/69828
http://www.securitytracker.com/id/1030853
https://code.google.com/p/google-security-research/issues/detail?id=94
https://exchange.xforce.ibmcloud.com/vulnerabilities/96000