CVE-2014-9150 - Vulnerability Details - OpenCVE

Race condition in the MoveFileEx call hook feature in Adobe Reader and Acrobat 11.x before 11.0.09 on Windows allows attackers to bypass a sandbox protection mechanism, and consequently write to files in arbitrary locations, via an NTFS junction attack, a similar issue to CVE-2014-0568.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact Partial

Availability Impact Partial

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Adobe	Acrobat Acrobat Reader
Microsoft	Windows

Configuration 1 [-]

AND

OR	cpe:2.3:a:adobe:acrobat_reader::::::::
	cpe:2.3:a:adobe:acrobat_reader:11.0:::::::*
	cpe:2.3:a:adobe:acrobat_reader:11.0.1:::::::*
	cpe:2.3:a:adobe:acrobat_reader:11.0.2:::::::*
	cpe:2.3:a:adobe:acrobat_reader:11.0.3:::::::*
	cpe:2.3:a:adobe:acrobat_reader:11.0.4:::::::*
	cpe:2.3:a:adobe:acrobat_reader:11.0.5:-::::windows::*
	cpe:2.3:a:adobe:acrobat_reader:11.0.6:::::::*
	cpe:2.3:a:adobe:acrobat_reader:11.0.7:::::::*

cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*

Configuration 2 [-]

AND

OR	cpe:2.3:a:adobe:acrobat::::::::
	cpe:2.3:a:adobe:acrobat:11.0:::::::*
	cpe:2.3:a:adobe:acrobat:11.0.1:::::::*
	cpe:2.3:a:adobe:acrobat:11.0.2:::::::*
	cpe:2.3:a:adobe:acrobat:11.0.3:::::::*
	cpe:2.3:a:adobe:acrobat:11.0.4:::::::*
	cpe:2.3:a:adobe:acrobat:11.0.5:-::::windows::*
	cpe:2.3:a:adobe:acrobat:11.0.6:::::::*
	cpe:2.3:a:adobe:acrobat:11.0.7:::::::*

cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*

No data.

References

Link	Providers
http://helpx.adobe.com/security/products/reader/apsb14-28.html
https://code.google.com/p/google-security-research/issues/detail?id=103

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2014-11-30T02:00:00

Updated: 2024-08-06T13:33:13.595Z

Reserved: 2014-11-29T00:00:00

Link: CVE-2014-9150

Vulnrichment

No data.

NVD

Status : Deferred

Published: 2014-11-30T02:59:00.087

Modified: 2025-04-12T10:46:40.837

Link: CVE-2014-9150

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2014-11-26T00:00:00", "descriptions": [{"lang": "en", "value": "Race condition in the MoveFileEx call hook feature in Adobe Reader and Acrobat 11.x before 11.0.09 on Windows allows attackers to bypass a sandbox protection mechanism, and consequently write to files in arbitrary locations, via an NTFS junction attack, a similar issue to CVE-2014-0568."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2014-12-10T20:57:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "http://helpx.adobe.com/security/products/reader/apsb14-28.html"}, {"tags": ["x_refsource_MISC"], "url": "https://code.google.com/p/google-security-research/issues/detail?id=103"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2014-9150", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Race condition in the MoveFileEx call hook feature in Adobe Reader and Acrobat 11.x before 11.0.09 on Windows allows attackers to bypass a sandbox protection mechanism, and consequently write to files in arbitrary locations, via an NTFS junction attack, a similar issue to CVE-2014-0568."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "http://helpx.adobe.com/security/products/reader/apsb14-28.html", "refsource": "CONFIRM", "url": "http://helpx.adobe.com/security/products/reader/apsb14-28.html"}, {"name": "https://code.google.com/p/google-security-research/issues/detail?id=103", "refsource": "MISC", "url": "https://code.google.com/p/google-security-research/issues/detail?id=103"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T13:33:13.595Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://helpx.adobe.com/security/products/reader/apsb14-28.html"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://code.google.com/p/google-security-research/issues/detail?id=103"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2014-9150", "datePublished": "2014-11-30T02:00:00", "dateReserved": "2014-11-29T00:00:00", "dateUpdated": "2024-08-06T13:33:13.595Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:adobe:acrobat_reader:*:*:*:*:*:*:*:*", "matchCriteriaId": "CE2C8B96-BA70-45B5-B24F-2DE4E6DD1BD0", "versionEndIncluding": "11.0.8", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:acrobat_reader:11.0:*:*:*:*:*:*:*", "matchCriteriaId": "3597B29D-1871-460A-A128-86C6BB777F36", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:acrobat_reader:11.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "E72C3C61-511E-4977-B029-70277C68E24D", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:acrobat_reader:11.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "47478166-EE66-4837-A6C0-0A519F9EDD26", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:acrobat_reader:11.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "C4E8E909-3277-429B-9CB2-973A606BB4A8", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:acrobat_reader:11.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "D1F0F0C4-0008-452E-99F5-6264465C3FFC", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:acrobat_reader:11.0.5:-:*:*:*:windows:*:*", "matchCriteriaId": "FB938F41-0273-4028-897D-00E95D56A7C6", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:acrobat_reader:11.0.6:*:*:*:*:*:*:*", "matchCriteriaId": "A48CD244-BCF6-4D0F-B07D-44304493BCFD", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:acrobat_reader:11.0.7:*:*:*:*:*:*:*", "matchCriteriaId": "86A84BB0-85D3-47E8-BC90-291E8C2CCEEC", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*", "matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*", "matchCriteriaId": "9EC17E7F-EFFD-4779-AA28-F454DD3C8B2B", "versionEndIncluding": "11.0.8", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:acrobat:11.0:*:*:*:*:*:*:*", "matchCriteriaId": "10D5B006-F8CD-4B51-A5B6-A282C95C6C19", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:acrobat:11.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "51C67ABD-5800-46DD-9E81-2A586698BC90", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:acrobat:11.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "F9FF4675-A9FF-4B0F-BBC6-D29B6324D27D", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:acrobat:11.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "76CE9DE1-FFB6-483B-A76C-38819C1407B9", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:acrobat:11.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "AA71918B-F2B2-442B-AA12-3E16759B0674", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:acrobat:11.0.5:-:*:*:*:windows:*:*", "matchCriteriaId": "693776A0-D3AA-4BF3-B8C2-DD76AC6DB1FD", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:acrobat:11.0.6:*:*:*:*:*:*:*", "matchCriteriaId": "3BBFA7D7-1A9E-4751-A14A-62C2DB2672A9", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:acrobat:11.0.7:*:*:*:*:*:*:*", "matchCriteriaId": "106D9571-59BF-4056-B7CD-F70FC3F1B73B", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*", "matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Race condition in the MoveFileEx call hook feature in Adobe Reader and Acrobat 11.x before 11.0.09 on Windows allows attackers to bypass a sandbox protection mechanism, and consequently write to files in arbitrary locations, via an NTFS junction attack, a similar issue to CVE-2014-0568."}, {"lang": "es", "value": "Condici\u00f3n de carrera en la caracteristica 'MoveFileEx call hook' en Adobe Reader and Acrobat 11.x anterior a 11.0.09 en Windows permite a atacantes remotos evadir el mecanismo de protecci\u00f3n de sandbox, y como consecuencia escribir a ficheros en localizaciones arbitrarias, a trav\u00e9s de un ataque de uni\u00f3n NTFS, un problema similar a CVE-2014-0568."}], "id": "CVE-2014-9150", "lastModified": "2025-04-12T10:46:40.837", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.4, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 4.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2014-11-30T02:59:00.087", "references": [{"source": "cve@mitre.org", "tags": ["Patch", "Vendor Advisory"], "url": "http://helpx.adobe.com/security/products/reader/apsb14-28.html"}, {"source": "cve@mitre.org", "url": "https://code.google.com/p/google-security-research/issues/detail?id=103"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Vendor Advisory"], "url": "http://helpx.adobe.com/security/products/reader/apsb14-28.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://code.google.com/p/google-security-research/issues/detail?id=103"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-362"}], "source": "nvd@nist.gov", "type": "Primary"}]}