QwikSec

Security Database

CVE

CWE

Training

CVE-2014-0568

Published: Sep 17, 2014

Modified: Aug 6, 2024

PUBLISHED

Description

The NtSetInformationFile system call hook feature in Adobe Reader and Acrobat 10.x before 10.1.12 and 11.x before 11.0.09 on Windows allows attackers to bypass a sandbox protection mechanism, and consequently execute native code in a privileged context, via an NTFS junction attack.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

http://helpx.adobe.com/security/products/reader/apsb14-20.html

x_refsource_CONFIRM

vdb-entry

x_refsource_SECTRACK

vdb-entry

x_refsource_BID

https://code.google.com/p/google-security-research/issues/detail?id=94

x_refsource_MISC

adobe-reader-cve20140568-sec-bypass(96000)

vdb-entry

x_refsource_XF

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.