CVE-2014-8452

Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allow remote attackers to read arbitrary files via an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:P/I:N/A:N
adobeCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 92%
VendorProductVersion
adobeacrobat_reader
10.0
adobeacrobat_reader
10.0.1
adobeacrobat_reader
10.0.2
adobeacrobat_reader
10.0.3
adobeacrobat_reader
10.1
adobeacrobat_reader
10.1.1
adobeacrobat_reader
10.1.2
adobeacrobat_reader
10.1.3
adobeacrobat_reader
10.1.4
adobeacrobat_reader
10.1.5
adobeacrobat_reader
10.1.6
adobeacrobat_reader
10.1.7
adobeacrobat_reader
10.1.8
adobeacrobat_reader
10.1.9
adobeacrobat_reader
10.1.10
adobeacrobat_reader
10.1.11
adobeacrobat_reader
10.1.12
adobeacrobat_reader
11.0.0
adobeacrobat_reader
11.0.01
adobeacrobat_reader
11.0.02
adobeacrobat_reader
11.0.03
adobeacrobat_reader
11.0.04
adobeacrobat_reader
11.0.05
adobeacrobat_reader
11.0.06
adobeacrobat_reader
11.0.07
adobeacrobat_reader
11.0.08
adobeacrobat_reader
11.0.09
applemac_os_x
*
microsoftwindows
*
adobeacrobat
10.0
adobeacrobat
10.0.1
adobeacrobat
10.0.2
adobeacrobat
10.0.3
adobeacrobat
10.1
adobeacrobat
10.1.1
adobeacrobat
10.1.2
adobeacrobat
10.1.3
adobeacrobat
10.1.4
adobeacrobat
10.1.5
adobeacrobat
10.1.6
adobeacrobat
10.1.7
adobeacrobat
10.1.8
adobeacrobat
10.1.9
adobeacrobat
10.1.10
adobeacrobat
10.1.11
adobeacrobat
10.1.12
adobeacrobat
11.0
adobeacrobat
11.0.1
adobeacrobat
11.0.2
adobeacrobat
11.0.3
adobeacrobat
11.0.4
adobeacrobat
11.0.5
adobeacrobat
11.0.6
adobeacrobat
11.0.7
adobeacrobat
11.0.8
adobeacrobat
11.0.9
applemac_os_x
*
microsoftwindows
*
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://helpx.adobe.com/security/products/reader/apsb14-28.html
http://helpx.adobe.com/security/products/reader/apsb14-28.html