CVE-2015-6699

Name of the Vulnerable Software and Affected Versions Adobe Acrobat versions (affected versions not specified) Adobe Acrobat Document Cloud versions (affected versions not specified) Adobe Reader versions (affected versions not specified) Adobe Reader Document Cloud versions (affected versions not specified)

Description The issue is related to the addForegroundSprite function in Adobe's PDF editing and viewing software, which has inadequate access control mechanisms. This can be exploited by a remote attacker to access protected information in the process memory by providing invalid arguments. A memory-leak issue in Adobe Acrobat and Reader allows attackers to affect the system.

Recommendations For Adobe Acrobat, update to a version that addresses the addForegroundSprite function issue. For Adobe Acrobat Document Cloud, restrict access to the addForegroundSprite function until a patch is available. For Adobe Reader, avoid using the addForegroundSprite function in sensitive operations until the issue is resolved. For Adobe Reader Document Cloud, consider disabling the addForegroundSprite function as a temporary workaround until a fix is provided. At the moment, there is no information about a newer version that contains a fix for this vulnerability.