CVE-2015-6720

Name of the Vulnerable Software and Affected Versions Adobe Acrobat versions (affected versions not specified) Adobe Acrobat Document Cloud versions (affected versions not specified) Adobe Reader versions (affected versions not specified) Adobe Reader Document Cloud versions (affected versions not specified)

Description The issue is related to insufficient access restrictions to certain functions in Adobe Acrobat and Adobe Reader. It allows a remote attacker to bypass JavaScript execution restrictions.

Recommendations For Adobe Acrobat, consider disabling JavaScript execution until a patch is available. For Adobe Acrobat Document Cloud, restrict access to sensitive functions to minimize the risk of exploitation. For Adobe Reader, avoid using the ANRunSharedReviewEmailStep function in the affected API endpoint until the issue is resolved. For Adobe Reader Document Cloud, as a temporary workaround, consider disabling the execution of JavaScript code in PDF files until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.