JavaScript Privilege Escalation in Adobe Reader

CVE-2015-4451

    Type

  • JavaScript Privilege Escalation in Adobe Reader

    • Severity

  • Medium

    • Affected products

  • Adobe Reader

    • CVE Reference

  • CVE-2015-4451
Read more
Timeline
15/05/2015Reported to Adobe
03/07/2015Adobe confirms issue has been fixed
14/07/2015Patch released by Adobe
17/07/2015Advisory released

A vulnerability was discovered in Adobe Reader which allows the bypass of restrictions in the JavaScript API to allow the execution of privileged JavaScript commands from an unprivileged context.

Description

Adobe Acrobat Reader is the most commonly used PDF viewer available for Windows and Mac.

The Adobe Reader JavaScript API has a privilege system in which a user must give permission before execution of privileged functions can occur.

It was found that it is possible to bypass the restrictions on the JavaScript API which allows execution of privileged JavaScript functions.

Impact

A user who opened a PDF in which this vulnerability was used could be forced to automatically perform an undesired action, such as forcing the user to connect to a web site without notifying the user of this action.

Cause

It was possible to change the context of the doc.requestPermssion within the trusted ANSendApprovalToAuthorEnabled function to perform privileged JavaScript functions.

Interim Workaround

If it is not possible to update to the latest version of Adobe Reader, it is recommended that users disable the use of JavaScript in Adobe Reader. Further details can be found from the Adobe website: JavaScript Controls

Solution

It is recommended that users of Adobe Reader update to version 11.0.12