Vulnerability Details : CVE-2015-5096
Heap-based buffer overflow in Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, Acrobat and Acrobat Reader DC Classic before 2015.006.30060, and Acrobat and Acrobat Reader DC Continuous before 2015.008.20082 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-5098 and CVE-2015-5105.
Vulnerability category: OverflowMemory CorruptionExecute code
Products affected by CVE-2015-5096
- cpe:2.3:a:adobe:acrobat_reader:*:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:acrobat_reader:*:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*
- Adobe » Acrobat Dc » Continuous EditionVersions from including (>=) 15.007.20033 and before (<) 15.008.20082cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*
- Adobe » Acrobat Dc » Classic EditionVersions from including (>=) 15.006.30033 and before (<) 15.006.30060cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*
- Adobe » Acrobat Reader Dc » Classic EditionVersions from including (>=) 15.006.30033 and before (<) 15.006.30060cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*
- Adobe » Acrobat Reader Dc » Continuous EditionVersions from including (>=) 15.007.20033 and before (<) 15.008.20082cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2015-5096
10.56%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 95 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2015-5096
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
10.0
|
HIGH | AV:N/AC:L/Au:N/C:C/I:C/A:C |
10.0
|
10.0
|
NIST |
CWE ids for CVE-2015-5096
-
The product writes data past the end, or before the beginning, of the intended buffer.Assigned by: nvd@nist.gov (Primary)
References for CVE-2015-5096
-
http://www.securitytracker.com/id/1032892
Adobe Acrobat/Reader Multiple Flaws Let Remote Users Obtain Potentially Sensitive Information, Gain Elevated Privileges, Execute Arbitrary Code, and Deny Service - SecurityTrackerThird Party Advisory;VDB Entry
-
https://helpx.adobe.com/security/products/reader/apsb15-15.html
Adobe Security BulletinPatch;Vendor Advisory
Jump to