VIR Vulnerability Intelligence Relay

CVE-2015-7622

critical
Published 2015-10-14 ยท Modified 2026-05-06
๐Ÿ’ฌ Discuss on Community โœš Propose mitigation
CVSS v3
โ€”
CVSS v4 NEW
โ€”
not yet in upstream
VIR risk
10.0

Description

Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-6685, CVE-2015-6686, CVE-2015-6693, CVE-2015-6694, and CVE-2015-6695.

Predictions

Exploit likelihood
20%
Patch ETA
โ€”

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

No mitigations published for this CVE yet.

The vendor-content worker queues fetches as references arrive (check back in a few minutes). Or โ€” if you've already worked around this in production โ€” publish your fix to the community-verified tier.

โœš Propose a mitigation on Community โ†’ Mitigations published via the community go through AI scoring + 2 human reviewers + 7-day silent objection window before landing here with source_tier=community-verified.

Exploits

Public proof-of-concept code below. AS-IS, for defenders and authorised testing only.

Exploit-DB

EDB-38787 dos windows text ยท 2 KB
Francis Provencher ยท 2015-11-23

Acrobat Reader DC 15.008.20082.15957 - '.PDF' Parsing Memory Corruption

text exploit Source: Exploit-DB 
#####################################################################################

Application:   Acrobat Reader DC

Platforms:   Windows

Versions:   15.008.20082.15957

CVE:   CVE-2015-7622

Author:   Francis Provencher of COSIG

Twitter:   @COSIG_

 

#####################################################################################

1) Introduction
2) Report Timeline
3) Technical details
4) POC

#####################################################################################

===============
1) Introduction
===============

Adobe Acrobat is a family of application software and Web services developed by Adobe Systems to view, create, manipulate, print and manage files in Portable Document Format (PDF).[14]

The family comprises Acrobat Reader (formerly Adobe Reader), Acrobat (formerly Acrobat Exchange) and Acrobat.com. Thefreeware Acrobat Reader, available for several desktop and mobile platforms, can view, print and annotate PDF files.[15] Thecommercial proprietary Acrobat, available for Microsoft Windows and OS X only, can also create, edit, convert, digitally sign, encrypt, export and publish PDF files. Acrobat.com complements the family with a variety of enterprise content managementand file hosting services.

(https://en.wikipedia.org/wiki/Adobe_Acrobat)

#####################################################################################

============================
2) Report Timeline
============================

2015-08-09: Francis Provencher of COSIG found the issue;
2015-08-11: Francis Provencher of COSIG report vulnerability to PSIRT;
2015-10-13: Adobe release a patch (APSB15-24)

#####################################################################################

============================
3) Technical details
============================

An error in the the PDF parser, could lead to a memory corruption when processing a crafted PDF with an invalid image.

Successful exploitation of the vulnerabilities may allow execution of arbitrary code, but requires tricking a user into opening or previewing a malicious file.

#####################################################################################

===========

4) POC

===========

http://protekresearchlab.com/exploits/COSIG-2015-001.pdf
https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/38787.zip

###############################################################################

OS impact
macos macOS Fixed 1 release
VersionStatusFixed in
- Not affected โ€”

Application impact
VendorProductVersionsFixed
adobe adobeacrobat{"startIncluding":"10.0","endIncluding":"10.1.15"}
adobe adobeacrobat_dc{"startIncluding":"15.006.30060","endExcluding":"15.006.30094"}15.006.30094
adobe adobeacrobat_reader{"startIncluding":"10.0","endIncluding":"10.1.15"}
adobe adobeacrobat_reader_dc{"startIncluding":"15.006.30060","endExcluding":"15.006.30094"}15.006.30094

References

CWEs

CWE-119

Community-verified mitigations for this CVE will appear above when contributors publish them.

Verify integrity in audit chain (admin only). AS-IS.