OpenCVE

Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allow attackers to obtain sensitive information about color objects from process memory by reading a light object's RGB data, a different vulnerability than CVE-2015-6699, CVE-2015-6700, CVE-2015-6701, CVE-2015-6702, CVE-2015-6703, and CVE-2015-6704.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:N/AC:M/Au:N/C:P/I:P/A:P

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Adobe	Acrobat Acrobat Dc Acrobat Reader Acrobat Reader Dc
Apple	Macos
Microsoft	Windows

Configuration 1 [-]

AND

OR	cpe:2.3:a:adobe:acrobat::::::::
	cpe:2.3:a:adobe:acrobat::::::::
	cpe:2.3:a:adobe:acrobat_dc:::::classic:::*
	cpe:2.3:a:adobe:acrobat_dc:::::continuous:::*
	cpe:2.3:a:adobe:acrobat_reader::::::::
	cpe:2.3:a:adobe:acrobat_reader::::::::
	cpe:2.3:a:adobe:acrobat_reader_dc:::::classic:::*
	cpe:2.3:a:adobe:acrobat_reader_dc:::::continuous:::*

OR	cpe:2.3:o:apple:macos:-:::::::*
	cpe:2.3:o:microsoft:windows:-:::::::*

No data.

References

Link	Providers
http://www.securitytracker.com/id/1033796
http://www.zerodayinitiative.com/advisories/ZDI-15-475
https://helpx.adobe.com/security/products/acrobat/apsb15-24.html

History

No history.

MITRE

Status: PUBLISHED

Assigner: adobe

Published: 2015-10-14T23:00:00

Updated: 2024-08-06T07:29:24.366Z

Reserved: 2015-08-26T00:00:00

Link: CVE-2015-6697

Vulnrichment

No data.

NVD

Status : Modified

Published: 2015-10-14T23:59:19.300

Modified: 2024-11-21T02:35:27.837

Link: CVE-2015-6697

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2015-10-13T00:00:00", "descriptions": [{"lang": "en", "value": "Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allow attackers to obtain sensitive information about color objects from process memory by reading a light object's RGB data, a different vulnerability than CVE-2015-6699, CVE-2015-6700, CVE-2015-6701, CVE-2015-6702, CVE-2015-6703, and CVE-2015-6704."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2016-12-06T18:57:01", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html"}, {"name": "1033796", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id/1033796"}, {"tags": ["x_refsource_MISC"], "url": "http://www.zerodayinitiative.com/advisories/ZDI-15-475"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "psirt@adobe.com", "ID": "CVE-2015-6697", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allow attackers to obtain sensitive information about color objects from process memory by reading a light object's RGB data, a different vulnerability than CVE-2015-6699, CVE-2015-6700, CVE-2015-6701, CVE-2015-6702, CVE-2015-6703, and CVE-2015-6704."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html"}, {"name": "1033796", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1033796"}, {"name": "http://www.zerodayinitiative.com/advisories/ZDI-15-475", "refsource": "MISC", "url": "http://www.zerodayinitiative.com/advisories/ZDI-15-475"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T07:29:24.366Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html"}, {"name": "1033796", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id/1033796"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://www.zerodayinitiative.com/advisories/ZDI-15-475"}]}]}, "cveMetadata": {"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2015-6697", "datePublished": "2015-10-14T23:00:00", "dateReserved": "2015-08-26T00:00:00", "dateUpdated": "2024-08-06T07:29:24.366Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*", "matchCriteriaId": "51326A26-C718-4D3A-B43B-00D32D0AF530", "versionEndIncluding": "10.1.15", "versionStartIncluding": "10.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*", "matchCriteriaId": "B79BB301-C637-441A-AB91-DF59FE90C4F7", "versionEndIncluding": "11.0.12", "versionStartIncluding": "11.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*", "matchCriteriaId": "8A0D144B-74E2-44FF-9910-47092166D809", "versionEndExcluding": "15.006.30094", "versionStartIncluding": "15.006.30060", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*", "matchCriteriaId": "40FAFBDF-582F-47A3-846E-C9404B035DFD", "versionEndExcluding": "15.009.20069", "versionStartIncluding": "15.008.20082", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:acrobat_reader:*:*:*:*:*:*:*:*", "matchCriteriaId": "A7815802-4A3C-486D-9DEA-9B016E6BC7F5", "versionEndIncluding": "10.1.15", "versionStartIncluding": "10.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:acrobat_reader:*:*:*:*:*:*:*:*", "matchCriteriaId": "E461CC16-7FDB-4A0A-96BF-315485266832", "versionEndIncluding": "11.0.12", "versionStartIncluding": "11.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*", "matchCriteriaId": "782E2B5E-1BDF-42ED-9B41-C58EFB0E6231", "versionEndExcluding": "15.006.30094", "versionStartIncluding": "15.006.30060", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*", "matchCriteriaId": "AFDEB9E8-1AF3-4510-A2CB-AA2ED9AA1D30", "versionEndExcluding": "15.009.20069", "versionStartIncluding": "15.008.20082", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*", "matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E", "vulnerable": false}, {"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allow attackers to obtain sensitive information about color objects from process memory by reading a light object's RGB data, a different vulnerability than CVE-2015-6699, CVE-2015-6700, CVE-2015-6701, CVE-2015-6702, CVE-2015-6703, and CVE-2015-6704."}, {"lang": "es", "value": "Adobe Reader y Acrobat 10.x en versiones anteriores a 10.1.16 y 11.x en versiones anteriores a 11.0.13, Acrobat y Acrobat Reader DC Classic en versiones anteriores a 2015.006.30094 y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 2015.009.20069 en Windows y OS X permite a atacantes obtener informaci\u00f3n sensible sobre objetos color desde la memoria de proceso mediante la lectura de datos RGB de un objeto light, una vulnerabilidad diferente a CVE-2015-6699, CVE-2015-6700, CVE-2015-6701, CVE-2015-6702, CVE-2015-6703 y CVE-2015-6704."}], "id": "CVE-2015-6697", "lastModified": "2024-11-21T02:35:27.837", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}]}, "published": "2015-10-14T23:59:19.300", "references": [{"source": "psirt@adobe.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securitytracker.com/id/1033796"}, {"source": "psirt@adobe.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.zerodayinitiative.com/advisories/ZDI-15-475"}, {"source": "psirt@adobe.com", "tags": ["Patch", "Vendor Advisory"], "url": "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securitytracker.com/id/1033796"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.zerodayinitiative.com/advisories/ZDI-15-475"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Vendor Advisory"], "url": "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html"}], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-772"}], "source": "nvd@nist.gov", "type": "Primary"}]}