CVE ID: CVE-2015-7618 CVSS Score: 6.8, AV:N/AC:M/Au:N/C:P/I:P/A:P Affected Vendors: Adobe Affected Products: Acrobat Reader DC Vulnerability Details: - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Reader DC. - The specific flaw exists within the CBAutoConfigCommentRepository method. - User interaction is required to exploit this vulnerability. Additional Details: An update was issued by Adobe to correct the vulnerability. More details can be found at: https://helpx.adobe.com/security/products/acrobat/apsb15-24.html Disclosure Timeline: - 2015-07-27 - Vulnerability reported to vendor - 2015-10-13 - Coordinated public release of advisory Credit: Matt Molinyawe and Jasiel Spelman of HP Zero Day Initiative