CVE-2015-6703

Name of the Vulnerable Software and Affected Versions Adobe Acrobat and Adobe Acrobat Document Cloud versions (affected versions not specified) Adobe Reader and Adobe Reader Document Cloud versions (affected versions not specified)

Description The issue is related to the loadFlashMovie function in Adobe's PDF editing and viewing software, which has inadequate access control mechanisms. This can be exploited by a remote attacker to access protected information in the process memory by providing invalid arguments. A memory-leak issue in Adobe Acrobat and Reader allows attackers to affect the system.

Recommendations For Adobe Acrobat and Adobe Acrobat Document Cloud, update to a version that addresses the loadFlashMovie function issue. For Adobe Reader and Adobe Reader Document Cloud, update to a version that addresses the loadFlashMovie function issue. As a temporary workaround, consider disabling the loadFlashMovie function until a patch is available.