CVE-2015-6714

Name of the Vulnerable Software and Affected Versions Adobe Acrobat versions (affected versions not specified) Adobe Acrobat Document Cloud versions (affected versions not specified) Adobe Reader versions (affected versions not specified) Adobe Reader Document Cloud versions (affected versions not specified)

Description The issue is related to the implementation of the Function bind in Adobe PDF editing and viewing software, which is associated with insufficient access restrictions to certain features. This can allow a remote attacker to bypass JavaScript execution restrictions.

Recommendations For Adobe Acrobat, consider restricting access to the Function bind until a patch is available. For Adobe Acrobat Document Cloud, avoid using the JavaScript API in sensitive environments until the issue is resolved. For Adobe Reader, restrict the execution of JavaScript code from untrusted sources as a temporary mitigation measure. For Adobe Reader Document Cloud, limit the use of the JavaScript API to necessary operations only until a fix is provided. At the moment, there is no information about a newer version that contains a fix for this vulnerability.