Skip to main content
CVE-2015-6692 MEDIUM PATCH This Month

Buffer overflow in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Adobe Buffer Overflow Microsoft Acrobat Acrobat Dc +2
NVD
CVSS 2.0
5.0
EPSS
2.3%
CVE-2015-7624 MEDIUM PATCH This Month

Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Adobe Information Disclosure Microsoft Acrobat Acrobat Dc +2
NVD
CVSS 2.0
5.0
EPSS
2.1%
CVE-2015-6706 MEDIUM PATCH This Month

Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Adobe Information Disclosure Microsoft Acrobat Acrobat Dc +2
NVD
CVSS 2.0
5.0
EPSS
2.1%
CVE-2015-6705 MEDIUM PATCH This Month

Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Adobe Information Disclosure Microsoft Acrobat Acrobat Dc +2
NVD
CVSS 2.0
5.0
EPSS
2.1%
CVE-2015-6700 MEDIUM PATCH This Month

The setBackground function in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity.

Adobe Information Disclosure Microsoft Acrobat Acrobat Dc +2
NVD
CVSS 2.0
5.0
EPSS
2.1%
CVE-2015-7371 MEDIUM This Month

Revive Adserver before 3.2.2 does not restrict access to run-mpe.php, which allows remote attackers to run the Maintenance Priority Engine and possibly cause a denial of service (resource. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service PHP Privilege Escalation Revive Adserver
NVD
CVSS 2.0
5.0
EPSS
0.7%
CVE-2015-5583 MEDIUM PATCH This Month

Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Adobe Information Disclosure Microsoft Acrobat Acrobat Dc +2
NVD
CVSS 2.0
4.3
EPSS
3.0%
CVE-2015-6704 MEDIUM PATCH This Month

The animations property implementation in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable.

Adobe Information Disclosure Microsoft Acrobat Acrobat Dc +2
NVD
CVSS 2.0
4.3
EPSS
2.1%
CVE-2015-6703 MEDIUM PATCH This Month

The loadFlashMovie function in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable.

Adobe Information Disclosure Microsoft Acrobat Acrobat Dc +2
NVD
CVSS 2.0
4.3
EPSS
2.1%
CVE-2015-6702 MEDIUM PATCH This Month

The createSquareMesh function in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable.

Adobe Information Disclosure Microsoft Acrobat Acrobat Dc +2
NVD
CVSS 2.0
4.3
EPSS
2.1%
CVE-2015-6701 MEDIUM PATCH This Month

The ambientIlluminationColor property implementation in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable.

Adobe Information Disclosure Microsoft Acrobat Acrobat Dc +2
NVD
CVSS 2.0
4.3
EPSS
2.1%
CVE-2015-6699 MEDIUM PATCH This Month

The addForegroundSprite function in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable.

Adobe Information Disclosure Microsoft Acrobat Acrobat Dc +2
NVD
CVSS 2.0
4.3
EPSS
2.1%
CVE-2015-7370 MEDIUM This Month

Multiple cross-site scripting (XSS) vulnerabilities in open-flash-chart.swf in Open Flash Chart 2, as used in the VideoAds plugin in Revive Adserver before 3.2.2 and CA Release Automation (formerly. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

XSS Revive Adserver
NVD
CVSS 2.0
4.3
EPSS
0.5%
CVE-2015-7373 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in the "magic-macros" feature in Revive Adserver before 3.2.2 allows remote attackers to inject arbitrary web script or HTML via a GET parameter, which is not. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

XSS Revive Adserver
NVD
CVSS 2.0
4.3
EPSS
0.3%
CVE-2015-7365 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in the plugin upgrade form in Revive Adserver before 3.2.2 allows remote attackers to inject arbitrary web script or HTML via the filename of an uploaded file. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

XSS Revive Adserver
NVD
CVSS 2.0
4.3
EPSS
0.3%
Prev Page 2 of 2

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy