The loadFlashMovie function in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to obtain sensitive information from process memory via invalid arguments, a different vulnerability than CVE-2015-6697, CVE-2015-6699, CVE-2015-6700, CVE-2015-6701, CVE-2015-6702, and CVE-2015-6704.
The product does not release a resource after its effective lifetime has ended, i.e., after the resource is no longer needed.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Acrobat | Adobe | 10.0 (including) | 10.1.15 (including) |
Acrobat | Adobe | 11.0.0 (including) | 11.0.12 (including) |
Acrobat_dc | Adobe | 15.006.30060 (including) | 15.006.30094 (excluding) |
Acrobat_dc | Adobe | 15.008.20082 (including) | 15.009.20069 (excluding) |
Acrobat_reader | Adobe | 10.0 (including) | 10.1.15 (including) |
Acrobat_reader | Adobe | 11.0.0 (including) | 11.0.12 (including) |
Acrobat_reader_dc | Adobe | 15.006.30060 (including) | 15.006.30094 (excluding) |
Acrobat_reader_dc | Adobe | 15.008.20082 (including) | 15.009.20069 (excluding) |