The NtSetInformationFile system call hook feature in Adobe Reader and Acrobat 10.x prior to 10.1.12 and 11.x prior to 11.0.09 on Windows allows malicious users to bypass a sandbox protection mechanism, and consequently execute native code in a privileged context, via an NTFS junction attack.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
adobe acrobat_reader 11.0 |
||
adobe acrobat_reader 11.0.1 |
||
adobe acrobat_reader 11.0.8 |
||
adobe acrobat_reader 10.0 |
||
adobe acrobat_reader 10.1.4 |
||
adobe acrobat_reader 10.1.5 |
||
adobe acrobat_reader 11.0.6 |
||
adobe acrobat_reader 11.0.7 |
||
adobe acrobat_reader 10.1.1 |
||
adobe acrobat_reader 10.1.2 |
||
adobe acrobat_reader 10.1.3 |
||
adobe acrobat_reader 10.1.10 |
||
adobe acrobat_reader 10.1.11 |
||
adobe acrobat_reader 11.0.4 |
||
adobe acrobat_reader 11.0.5 |
||
adobe acrobat_reader 10.0.3 |
||
adobe acrobat_reader 10.1 |
||
adobe acrobat_reader 10.1.8 |
||
adobe acrobat_reader 10.1.9 |
||
adobe acrobat_reader 11.0.2 |
||
adobe acrobat_reader 11.0.3 |
||
adobe acrobat_reader 10.0.1 |
||
adobe acrobat_reader 10.0.2 |
||
adobe acrobat_reader 10.1.6 |
||
adobe acrobat_reader 10.1.7 |
||
adobe acrobat 10.0.2 |
||
adobe acrobat 10.0.3 |
||
adobe acrobat 10.0.1 |
||
adobe acrobat 10.1.5 |
||
adobe acrobat 10.1.6 |
||
adobe acrobat 11.0.1 |
||
adobe acrobat 11.0.2 |
||
adobe acrobat 10.0 |
||
adobe acrobat 10.1.2 |
||
adobe acrobat 10.1.3 |
||
adobe acrobat 10.1.4 |
||
adobe acrobat 10.1.11 |
||
adobe acrobat 11.0 |
||
adobe acrobat 11.0.7 |
||
adobe acrobat 11.0.8 |
||
adobe acrobat 10.1.7 |
||
adobe acrobat 10.1.8 |
||
adobe acrobat 11.0.3 |
||
adobe acrobat 11.0.4 |
||
adobe acrobat 10.1 |
||
adobe acrobat 10.1.1 |
||
adobe acrobat 10.1.9 |
||
adobe acrobat 10.1.10 |
||
adobe acrobat 11.0.5 |
||
adobe acrobat 11.0.6 |
Vulmon