N/A
CVE-2014-9150
Race condition in the MoveFileEx call hook feature in Adobe Reader and Acrobat 11.x before 11.0.09 on Windows allows attackers to bypass a sandbox protection mechanism, and consequently write to files in arbitrary locations, via an NTFS junction attack, a similar issue to CVE-2014-0568.
EPSS
1.8%
percentile 83.0%
Affected tracked apps
Vulnerable CPE configurations
| Vendor | Product | Platform | Versions | CPE 2.3 URI |
|---|---|---|---|---|
| adobe | acrobat_reader | Windows | — | cpe:2.3:a:adobe:acrobat_reader:11.0.5:-:*:*:*:windows:*:* |