VYPR
Unrated severityNVD Advisory· Published Sep 17, 2014· Updated Jun 17, 2026

CVE-2014-0568

CVE-2014-0568

Description

The NtSetInformationFile system call hook feature in Adobe Reader and Acrobat 10.x before 10.1.12 and 11.x before 11.0.09 on Windows allows attackers to bypass a sandbox protection mechanism, and consequently execute native code in a privileged context, via an NTFS junction attack.

Affected products

54
  • Adobe Inc./Acrobat53 versions
    cpe:2.3:a:adobe:acrobat:10.0:*:*:*:*:*:*:*+ 52 more
    • cpe:2.3:a:adobe:acrobat:10.0:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:acrobat:10.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:acrobat:10.0.1:-:pro:*:*:*:*:*
    • cpe:2.3:a:adobe:acrobat:10.0.2:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:acrobat:10.0.3:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:acrobat:10.0:-:pro:*:*:*:*:*
    • cpe:2.3:a:adobe:acrobat:10.1:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:acrobat:10.1.1:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:acrobat:10.1.10:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:acrobat:10.1.11:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:acrobat:10.1.2:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:acrobat:10.1.3:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:acrobat:10.1.4:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:acrobat:10.1.5:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:acrobat:10.1.6:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:acrobat:10.1.7:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:acrobat:10.1.8:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:acrobat:10.1.9:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:acrobat:11.0:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:acrobat:11.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:acrobat:11.0.2:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:acrobat:11.0.3:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:acrobat:11.0.4:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:acrobat:11.0.5:-:*:*:*:windows:*:*
    • cpe:2.3:a:adobe:acrobat:11.0.6:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:acrobat:11.0.7:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:acrobat:11.0.8:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:acrobat_reader:10.0:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:acrobat_reader:10.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:acrobat_reader:10.0.2:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:acrobat_reader:10.0.3:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:acrobat_reader:10.1:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:acrobat_reader:10.1.1:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:acrobat_reader:10.1.10:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:acrobat_reader:10.1.11:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:acrobat_reader:10.1.2:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:acrobat_reader:10.1.3:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:acrobat_reader:10.1.4:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:acrobat_reader:10.1.5:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:acrobat_reader:10.1.6:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:acrobat_reader:10.1.7:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:acrobat_reader:10.1.8:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:acrobat_reader:10.1.9:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:acrobat_reader:11.0:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:acrobat_reader:11.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:acrobat_reader:11.0.2:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:acrobat_reader:11.0.3:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:acrobat_reader:11.0.4:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:acrobat_reader:11.0.5:-:*:*:*:windows:*:*
    • cpe:2.3:a:adobe:acrobat_reader:11.0.6:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:acrobat_reader:11.0.7:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:acrobat_reader:11.0.8:*:*:*:*:*:*:*
    • (no CPE)range: 10.x <10.1.12; 11.x <11.0.09
  • Range: 10.x <10.1.12; 11.x <11.0.09

Patches

Vulnerability mechanics

References

5

News mentions

0

No linked articles in our index yet.