CVE-2014-0568

The NtSetInformationFile system call hook feature in Adobe Reader and Acrobat 10.x before 10.1.12 and 11.x before 11.0.09 on Windows allows attackers to bypass a sandbox protection mechanism, and consequently execute native code in a privileged context, via an NTFS junction attack.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
10 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:C/I:C/A:C
adobeCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 90%
VendorProductVersion
adobeacrobat_reader
10.0
adobeacrobat_reader
10.0.1
adobeacrobat_reader
10.0.2
adobeacrobat_reader
10.0.3
adobeacrobat_reader
10.1
adobeacrobat_reader
10.1.1
adobeacrobat_reader
10.1.2
adobeacrobat_reader
10.1.3
adobeacrobat_reader
10.1.4
adobeacrobat_reader
10.1.5
adobeacrobat_reader
10.1.6
adobeacrobat_reader
10.1.7
adobeacrobat_reader
10.1.8
adobeacrobat_reader
10.1.9
adobeacrobat_reader
10.1.10
adobeacrobat_reader
10.1.11
adobeacrobat_reader
11.0
adobeacrobat_reader
11.0.1
adobeacrobat_reader
11.0.2
adobeacrobat_reader
11.0.3
adobeacrobat_reader
11.0.4
adobeacrobat_reader
11.0.5
adobeacrobat_reader
11.0.6
adobeacrobat_reader
11.0.7
adobeacrobat_reader
11.0.8
adobeacrobat
10.0
adobeacrobat
10.0
adobeacrobat
10.0.1
adobeacrobat
10.0.1
adobeacrobat
10.0.2
adobeacrobat
10.0.3
adobeacrobat
10.1
adobeacrobat
10.1.1
adobeacrobat
10.1.2
adobeacrobat
10.1.3
adobeacrobat
10.1.4
adobeacrobat
10.1.5
adobeacrobat
10.1.6
adobeacrobat
10.1.7
adobeacrobat
10.1.8
adobeacrobat
10.1.9
adobeacrobat
10.1.10
adobeacrobat
10.1.11
adobeacrobat
11.0
adobeacrobat
11.0.1
adobeacrobat
11.0.2
adobeacrobat
11.0.3
adobeacrobat
11.0.4
adobeacrobat
11.0.5
adobeacrobat
11.0.6
adobeacrobat
11.0.7
adobeacrobat
11.0.8
𝑥
= Vulnerable software versions
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
acroread
trusty
dne
precise
not-affected
lucid
not-affected
References
http://helpx.adobe.com/security/products/reader/apsb14-20.html
http://www.securityfocus.com/bid/69828
http://www.securitytracker.com/id/1030853
https://code.google.com/p/google-security-research/issues/detail?id=94
https://exchange.xforce.ibmcloud.com/vulnerabilities/96000
http://helpx.adobe.com/security/products/reader/apsb14-20.html
http://www.securityfocus.com/bid/69828
http://www.securitytracker.com/id/1030853
https://code.google.com/p/google-security-research/issues/detail?id=94
https://exchange.xforce.ibmcloud.com/vulnerabilities/96000