Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC Classic before 15.006.30119, and Acrobat and Acrobat Reader DC Continuous before 15.010.20056 on Windows and OS X mishandle the Global object, which allows attackers to bypass JavaScript API execution restrictions via unspecified vectors.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Acrobat_dc | Adobe | * | 15.006.30097 (including) |
Acrobat_dc | Adobe | * | 15.009.20077 (including) |
Acrobat_reader_dc | Adobe | * | 15.006.30097 (including) |
Acrobat_reader_dc | Adobe | * | 15.009.20077 (including) |