CVE-2014-0496 - OpenCVE

Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.9 and 11.x before 11.0.06 on Windows and Mac OS X allows attackers to execute arbitrary code via unspecified vectors.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

AV:N/AC:L/Au:N/C:C/I:C/A:C

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Adobe	Acrobat
Apple	Mac Os X
Microsoft	Windows

Configuration 1 [-]

AND

OR	cpe:2.3:a:adobe:acrobat::::::::
	cpe:2.3:a:adobe:acrobat::::::::

OR	cpe:2.3:o:apple:mac_os_x::::::::
	cpe:2.3:o:microsoft:windows::::::::

No data.

References

Link	Providers
http://helpx.adobe.com/security/products/acrobat/apsb14-01.html
http://www.securitytracker.com/id/1029604

History

No history.

MITRE

Status: PUBLISHED

Assigner: adobe

Published: 2014-01-15T02:00:00

Updated: 2024-08-06T09:20:19.341Z

Reserved: 2013-12-20T00:00:00

Link: CVE-2014-0496

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2014-01-15T16:13:04.100

Modified: 2018-12-13T15:50:55.103

Link: CVE-2014-0496

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2014-01-14T00:00:00", "descriptions": [{"lang": "en", "value": "Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.9 and 11.x before 11.0.06 on Windows and Mac OS X allows attackers to execute arbitrary code via unspecified vectors."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2014-01-30T19:57:02", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe"}, "references": [{"name": "1029604", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id/1029604"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://helpx.adobe.com/security/products/acrobat/apsb14-01.html"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "psirt@adobe.com", "ID": "CVE-2014-0496", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.9 and 11.x before 11.0.06 on Windows and Mac OS X allows attackers to execute arbitrary code via unspecified vectors."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "1029604", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1029604"}, {"name": "http://helpx.adobe.com/security/products/acrobat/apsb14-01.html", "refsource": "CONFIRM", "url": "http://helpx.adobe.com/security/products/acrobat/apsb14-01.html"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T09:20:19.341Z"}, "title": "CVE Program Container", "references": [{"name": "1029604", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id/1029604"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://helpx.adobe.com/security/products/acrobat/apsb14-01.html"}]}]}, "cveMetadata": {"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2014-0496", "datePublished": "2014-01-15T02:00:00", "dateReserved": "2013-12-20T00:00:00", "dateUpdated": "2024-08-06T09:20:19.341Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"cisaActionDue": "2022-03-24", "cisaExploitAdd": "2022-03-03", "cisaRequiredAction": "Apply updates per vendor instructions.", "cisaVulnerabilityName": "Adobe Reader and Acrobat Use-After-Free Vulnerability", "configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*", "matchCriteriaId": "93FD4A65-ED2D-46CB-8E9D-0D1A08315985", "versionEndExcluding": "10.1.9", "versionStartIncluding": "10.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*", "matchCriteriaId": "34C0535A-C32C-4365-932A-48F9610B5293", "versionEndExcluding": "11.0.6", "versionStartIncluding": "11.0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*", "matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574", "vulnerable": false}, {"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*", "matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.9 and 11.x before 11.0.06 on Windows and Mac OS X allows attackers to execute arbitrary code via unspecified vectors."}, {"lang": "es", "value": "Vulnerabilidad de uso despues de liberaci\u00f3n en Adobe Reader y Acrobat 10.x anteriores a 10.1.9 y 11.x anteriores a 11.0.06 en Windows y mac OS X permite a los atacantes ejecutar c\u00f3digo de forma arbitraria a trav\u00e9s de vectores no especificados."}], "id": "CVE-2014-0496", "lastModified": "2018-12-13T15:50:55.103", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2014-01-15T16:13:04.100", "references": [{"source": "psirt@adobe.com", "tags": ["Vendor Advisory"], "url": "http://helpx.adobe.com/security/products/acrobat/apsb14-01.html"}, {"source": "psirt@adobe.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securitytracker.com/id/1029604"}], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-399"}], "source": "nvd@nist.gov", "type": "Primary"}]}