CVE-2014-0496
KEV
🔴 Łataj teraz
Wykorzystanie błędu use-after-free w Adobe Reader umożliwia zdalne wykonanie kodu.
CVSS
8.8
EPSS
66.3%
Exploit
weaponized
Vendor
adobe
Opis źródłowy (NVD)
Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.9 and 11.x before 11.0.06 on Windows and Mac OS X allows attackers to execute arbitrary code via unspecified vectors.
brak
Brak patcha
Źródła i daty
| Źródło | Wartość |
|---|---|
| NVD – CVSS | 8.8 |
| CISA KEV (aktywnie wykorzystywane) | Tak |
| FIRST EPSS (prawdopodobieństwo exploita) | 66.3% |
| Opublikowano (NVD) | 2014-01-15 16:13:04 UTC |
| Ostatnia modyfikacja (NVD) | 2026-04-21 21:11:38 UTC |
Referencje
- http://helpx.adobe.com/security/products/acrobat/apsb14-01.html (psirt@adobe.com) [Vendor Advisory]
- http://www.securitytracker.com/id/1029604 (psirt@adobe.com) [Third Party Advisory, VDB Entry]
- https://github.com/cisagov/vulnrichment/issues/199 (134c704f-9b21-4f2e-91b3-4a467353bcc0) [Issue Tracking]
- https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2014-0496 (134c704f-9b21-4f2e-91b3-4a467353bcc0) [US Government Resource]