What is CVE-2014-0514?

CVE-2014-0514 is a vulnerability in Adobe Adobe_reader, classified under CWE-264. Published 2014-04-15.

Is CVE-2014-0514 known to be exploited?

3 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in Adobe Adobe_reader

CVE-2014-0514

The Adobe Reader Mobile application before 11.2 for Android does not properly restrict use of JavaScript, which allows remote attackers to execute arbitrary code via a crafted PDF document, a related issue to CVE-2012-6636.

EPSS: 0.903 (99.6th percentile) — read the EPSS interpretation.

Affected products

Adobe Adobe_reader — versions 11.1.0
N/a — versions n/a

Weakness classification (CWE)

CWE-264

Public proof-of-concept exploits

References

psirt@adobe.com (x_refsource_MISC)
66798 (vdb-entry, x_refsource_BID)
33791 (exploit, x_refsource_EXPLOIT-DB)
20140413 Adobe Reader for Android exposes insecure Javascript interfaces (mailing-list, x_refsource_BUGTRAQ)
105781 (x_refsource_OSVDB, vdb-entry)
psirt@adobe.com (x_refsource_CONFIRM, Patch, Vendor Advisory)
32884 (exploit, x_refsource_EXPLOIT-DB)
20140413 Adobe Reader for Android exposes insecure Javascript interfaces (mailing-list, Exploit, x_refsource_FULLDISC)
psirt@adobe.com (Exploit, x_refsource_MISC)

Frequently asked questions

What is CVE-2014-0514?: CVE-2014-0514 is a vulnerability in Adobe Adobe_reader, classified under CWE-264. Published 2014-04-15.
Is CVE-2014-0514 known to be exploited?: 3 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.