Through sharp, technical and insightful analysis, the Payatu Team is constantly on the lookout for vulnerabilities and threats. This section exhibits a few of our findings.


CVE-2014-8446 – Adobe Acrobat/Reader – Memory Corruption


Memory corruption vulnerability that could lead to code execution.

Vulnerability Description

A vulnerability, which was classified as critical, was found in Adobe Acrobat and Reader up to 11.0.09. This affects an unknown function. The manipulation with an unknown input leads to memory corruption. This is going to have an impact on confidentiality, integrity, and availability.It is possible to initiate the attack remotely. No form of authentication is needed for exploitation.





Adobe Reader 11.0.09
Adobe Reader 10.1.3
Adobe Reader 10.1.2
Adobe Reader 10.1.1
Adobe Reader 10.1
Adobe Reader 10.0.3
Adobe Reader 10.0.2
Adobe Reader 10.0.1
Adobe Reader 10.0
Adobe Acrobat 10.1.3
Adobe Acrobat 10.1.2
Adobe Acrobat 10.1.1
Adobe Acrobat 10.1
Adobe Acrobat 10.0.3
Adobe Acrobat 10.0.2
Adobe Acrobat 10.0.1
Adobe Acrobat 10.0

Disclosure Timeline

  1. 15 May 2014 – Reported to Vendor
  2. 16 May 2014 – Response received from Vendor
  3. 22 Oct 2014– CVE assigned
  4. 09 Dec 2014 – Advisory & Patch released


  1. Ashfaq Ansari

Technical details