HTTP: Adobe Reader API Call Handling Arbitrary Code Execution
This signature detects attempts to exploit a known vulnerability against Adobe Reader API. A successful attack can lead to memory corruption and arbitrary code execution.
Extended Description
The API in Adobe Reader and Acrobat 10.x before 10.1.10 and 11.x before 11.0.07 on Windows and OS X does not prevent access to unmapped memory, which allows attackers to execute arbitrary code via unspecified API calls.
Short Name
HTTP:STC:ADOBE:READER-API-CE
Severity
Major
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
API Adobe Arbitrary CVE-2014-0525 Call Code Execution Handling Reader bid:67365
Release Date
05/22/2014
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3761
False Positive
Unknown
CVSS Score
10.0