Race condition vulnerability in Adobe Reader and Acrobat 11.x before 11.0.09 on Windows allows sandbox bypass and arbitrary file write via MoveFileEx call hook feature.
CVE-2014-9150 · MEDIUM Severity
AV:N/AC:L/AU:N/C:N/I:P/A:P
Race condition in the MoveFileEx call hook feature in Adobe Reader and Acrobat 11.x before 11.0.09 on Windows allows attackers to bypass a sandbox protection mechanism, and consequently write to files in arbitrary locations, via an NTFS junction attack, a similar issue to CVE-2014-0568.
Learn more about our Web Application Penetration Testing UK.