CVE-2014-9150

Race condition in the MoveFileEx call hook feature in Adobe Reader and Acrobat 11.x before 11.0.09 on Windows allows attackers to bypass a sandbox protection mechanism, and consequently write to files in arbitrary locations, via an NTFS junction attack, a similar issue to CVE-2014-0568.
Race Condition
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
6.4 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:N/I:P/A:P
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 81%
VendorProductVersion
adobeacrobat_reader
𝑥
≤ 11.0.8
adobeacrobat_reader
11.0
adobeacrobat_reader
11.0.1
adobeacrobat_reader
11.0.2
adobeacrobat_reader
11.0.3
adobeacrobat_reader
11.0.4
adobeacrobat_reader
11.0.5
adobeacrobat_reader
11.0.6
adobeacrobat_reader
11.0.7
adobeacrobat
𝑥
≤ 11.0.8
adobeacrobat
11.0
adobeacrobat
11.0.1
adobeacrobat
11.0.2
adobeacrobat
11.0.3
adobeacrobat
11.0.4
adobeacrobat
11.0.5
adobeacrobat
11.0.6
adobeacrobat
11.0.7
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://helpx.adobe.com/security/products/reader/apsb14-28.html
https://code.google.com/p/google-security-research/issues/detail?id=103
http://helpx.adobe.com/security/products/reader/apsb14-28.html
https://code.google.com/p/google-security-research/issues/detail?id=103