CyberSec.Space Logo
CVEブラウザに戻る

CVE-2014-0496

Known Exploited (CISA KEV)HIGH
8.8
CVSS Severity Score
EPSS Score40.3920%
EPSS Percentile93.19th
Published2014年1月15日
Last Modified2026年4月21日

Vulnerability Description

Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.9 and 11.x before 11.0.06 on Windows and Mac OS X allows attackers to execute arbitrary code via unspecified vectors.

Affected Platforms (CPE)

📦
Adobe

Acrobat

>= 10.0 and < 10.1.9
📦
Adobe

Acrobat

>= 11.0 and < 11.0.6

References & Advisories

🔗 http://helpx.adobe.com/security/products/acrobat/apsb14-01.html
🔗 http://www.securitytracker.com/id/1029604
🔗 http://helpx.adobe.com/security/products/acrobat/apsb14-01.html
🔗 http://www.securitytracker.com/id/1029604
🔗 https://github.com/cisagov/vulnrichment/issues/199
🔗 https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2014-0496

関連する脆弱性情報

CVE-2004-063110.0

Buffer overflow in the uudecoding feature for Adobe Acrobat Reader 5.0.5 and 5.0.6 for Unix and Linux, and possibly other versions...

CVE-2004-115210.0

Buffer overflow in the mailListIsPdf function in Adobe Acrobat Reader 5.09 for Unix allows remote attackers to execute arbitrary c...

CVE-2004-063010.0

The uudecoding feature in Adobe Acrobat Reader 5.0.5 and 5.0.6 for Unix and Linux, and possibly other versions including those bef...

CVE-2004-115310.0

Format string vulnerability in Adobe Acrobat Reader 6.0.0 through 6.0.2 allows remote attackers to cause a denial of service (appl...