Vulnerabilites related to adobe - reader
Vulnerability from fkie_nvd
Published
2016-05-11 10:59
Modified
2025-04-12 10:46
Severity ?
Summary
Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to bypass JavaScript API execution restrictions via unspecified vectors, a different vulnerability than CVE-2016-1038, CVE-2016-1039, CVE-2016-1041, CVE-2016-1042, CVE-2016-1044, CVE-2016-1062, and CVE-2016-1117.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | mac_os_x | * | |
| microsoft | windows | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3A70458C-0416-49BD-A371-1CFA85DC6A13",
"versionEndIncluding": "11.0.15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "E91D5928-1453-4359-9F35-46D9A3A9CD91",
"versionEndIncluding": "15.006.30121",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "504D35C5-04CB-4FBD-B9FD-4CBA71A5EC1A",
"versionEndIncluding": "15.010.20060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "A63411C3-E8AE-415D-B1B6-1EA6AA20494A",
"versionEndIncluding": "15.006.30121",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "B33BAE59-1F77-4F21-A5C0-B5D9D1D67F1E",
"versionEndIncluding": "15.010.20060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "15C60A67-A7DE-4B57-BC2B-28D9B546DA3B",
"versionEndIncluding": "11.0.15",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to bypass JavaScript API execution restrictions via unspecified vectors, a different vulnerability than CVE-2016-1038, CVE-2016-1039, CVE-2016-1041, CVE-2016-1042, CVE-2016-1044, CVE-2016-1062, and CVE-2016-1117."
},
{
"lang": "es",
"value": "Adobe Reader y Acrobat en versiones anteriores a 11.0.16, Acrobat y Acrobat Reader DC Classic en versiones anteriores a 15.006.30172 y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 15.016.20039 sobre Windows y OS X permiten a atacantes eludir restricciones de ejecuci\u00f3n de la API JavaScript a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-1038, CVE-2016-1039, CVE-2016-1041, CVE-2016-1042, CVE-2016-1044, CVE-2016-1062 y CVE-2016-1117."
}
],
"id": "CVE-2016-1040",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-05-11T10:59:04.003",
"references": [
{
"source": "psirt@adobe.com",
"url": "http://www.securityfocus.com/bid/90517"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/90517"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-284"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-05-11 10:59
Modified
2025-04-12 10:46
Severity ?
Summary
Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1045, CVE-2016-1046, CVE-2016-1047, CVE-2016-1049, CVE-2016-1050, CVE-2016-1051, CVE-2016-1052, CVE-2016-1053, CVE-2016-1054, CVE-2016-1055, CVE-2016-1056, CVE-2016-1057, CVE-2016-1058, CVE-2016-1059, CVE-2016-1060, CVE-2016-1061, CVE-2016-1065, CVE-2016-1066, CVE-2016-1067, CVE-2016-1068, CVE-2016-1069, CVE-2016-1070, CVE-2016-1075, CVE-2016-1094, CVE-2016-1121, CVE-2016-1122, CVE-2016-4102, and CVE-2016-4107.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | mac_os_x | * | |
| microsoft | windows | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3A70458C-0416-49BD-A371-1CFA85DC6A13",
"versionEndIncluding": "11.0.15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "E91D5928-1453-4359-9F35-46D9A3A9CD91",
"versionEndIncluding": "15.006.30121",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "504D35C5-04CB-4FBD-B9FD-4CBA71A5EC1A",
"versionEndIncluding": "15.010.20060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "A63411C3-E8AE-415D-B1B6-1EA6AA20494A",
"versionEndIncluding": "15.006.30121",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "B33BAE59-1F77-4F21-A5C0-B5D9D1D67F1E",
"versionEndIncluding": "15.010.20060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "15C60A67-A7DE-4B57-BC2B-28D9B546DA3B",
"versionEndIncluding": "11.0.15",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1045, CVE-2016-1046, CVE-2016-1047, CVE-2016-1049, CVE-2016-1050, CVE-2016-1051, CVE-2016-1052, CVE-2016-1053, CVE-2016-1054, CVE-2016-1055, CVE-2016-1056, CVE-2016-1057, CVE-2016-1058, CVE-2016-1059, CVE-2016-1060, CVE-2016-1061, CVE-2016-1065, CVE-2016-1066, CVE-2016-1067, CVE-2016-1068, CVE-2016-1069, CVE-2016-1070, CVE-2016-1075, CVE-2016-1094, CVE-2016-1121, CVE-2016-1122, CVE-2016-4102, and CVE-2016-4107."
},
{
"lang": "es",
"value": "Vulnerabilidad de uso despu\u00e9s de liberaci\u00f3n de memoria en Adobe Reader y Acrobat en versiones anteriores a 11.0.16, Acrobat y Acrobat Reader DC Classic en versiones anteriores a 15.006.30172 y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 15.016.20039 sobre Windows y OS X permite a atacantes ejecutar c\u00f3digo arbitrario a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-1045, CVE-2016-1046, CVE-2016-1047, CVE-2016-1049, CVE-2016-1050, CVE-2016-1051, CVE-2016-1052, CVE-2016-1053, CVE-2016-1054, CVE-2016-1055, CVE-2016-1056, CVE-2016-1057, CVE-2016-1058, CVE-2016-1059, CVE-2016-1060, CVE-2016-1061, CVE-2016-1065, CVE-2016-1066, CVE-2016-1067, CVE-2016-1068, CVE-2016-1069, CVE-2016-1070, CVE-2016-1075, CVE-2016-1094, CVE-2016-1121, CVE-2016-1122, CVE-2016-4102 y CVE-2016-4107."
}
],
"evaluatorComment": "\u003ca href=\"http://cwe.mitre.org/data/definitions/416.html\"\u003eCWE-416: Use After Free\u003c/a\u003e",
"id": "CVE-2016-1048",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-05-11T10:59:13.363",
"references": [
{
"source": "psirt@adobe.com",
"url": "http://www.securityfocus.com/bid/90512"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"source": "psirt@adobe.com",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-296"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/90512"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-296"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-08-11 19:29
Modified
2025-04-20 01:37
Severity ?
Summary
Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conversion engine when parsing an invalid Enhanced Metafile Format (EMF) record. Successful exploitation could lead to arbitrary code execution.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| psirt@adobe.com | http://www.securityfocus.com/bid/100184 | Third Party Advisory, VDB Entry | |
| psirt@adobe.com | http://www.securitytracker.com/id/1039098 | Third Party Advisory, VDB Entry | |
| psirt@adobe.com | https://helpx.adobe.com/security/products/acrobat/apsb17-24.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/100184 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1039098 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://helpx.adobe.com/security/products/acrobat/apsb17-24.html | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| adobe | acrobat | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * | |
| apple | mac_os_x | * | |
| microsoft | windows | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A30D9514-FE2E-4A9C-9500-16890F53E970",
"versionEndIncluding": "11.0.20",
"versionStartIncluding": "11.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7C9B6745-48B3-47D5-B624-3321E9058FB6",
"versionEndIncluding": "17.011.30066",
"versionStartIncluding": "17.011.00000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "99D08096-DEEA-4409-835A-68479002FF0F",
"versionEndIncluding": "15.006.30306",
"versionStartIncluding": "15.006.30060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "C7A7FA12-9250-4E26-87AE-D5413A1B7D83",
"versionEndIncluding": "17.009.20058",
"versionStartIncluding": "15.007.20033",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "11A0E83A-9D77-4A0B-90DE-386D21D54146",
"versionEndIncluding": "17.011.30066",
"versionStartIncluding": "17.011.00000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "0E4BAFB4-C5F3-4033-9876-AC3CF37206F8",
"versionEndIncluding": "15.006.30306",
"versionStartIncluding": "15.006.30060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "7C578153-11EF-4F8D-9137-4F7AB8024D7E",
"versionEndIncluding": "17.009.20058",
"versionStartIncluding": "15.007.20033",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1F87CC97-6ED7-4AF1-B7B7-F89EA09A68DB",
"versionEndIncluding": "11.0.20",
"versionStartIncluding": "11.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conversion engine when parsing an invalid Enhanced Metafile Format (EMF) record. Successful exploitation could lead to arbitrary code execution."
},
{
"lang": "es",
"value": "Adobe Acrobat Reader 2017.009.20058 y anteriores, 2017.008.30051 y anteriores, 2015.006.30306 y anteriores, y 11.0.20 y anteriores tiene una vulnerabilidad de corrupci\u00f3n de memoria en el motor de conversi\u00f3n de imagen cuando parsea un registro no v\u00e1lido de datos privados Enhanced Metafile Format (EMF). La explotaci\u00f3n con \u00e9xito de esta vulnerabilidad podr\u00eda permitir la ejecuci\u00f3n arbitraria de c\u00f3digo."
}
],
"id": "CVE-2017-11249",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-08-11T19:29:01.303",
"references": [
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/100184"
},
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039098"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/100184"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039098"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-10-13 19:59
Modified
2025-04-12 10:46
Severity ?
Summary
Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | mac_os_x | * | |
| microsoft | windows | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CE518B7B-656F-42F8-BF38-F74B8D9CF5DE",
"versionEndIncluding": "11.0.17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "56758CE4-B394-41C2-9EF9-A00022DA7257",
"versionEndIncluding": "15.006.30201",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "B3F34EB4-2203-4BA8-9729-C1EB2DEEC334",
"versionEndIncluding": "15.017.20053",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "08EAC1A2-56CE-4375-822A-9B8C43758654",
"versionEndIncluding": "15.006.30201",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "747D8222-B077-49A3-83EB-A210CAF0D094",
"versionEndIncluding": "15.017.20053",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0A07526D-9AD0-4778-B9DC-57815F9F450F",
"versionEndIncluding": "11.0.17",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019."
},
{
"lang": "es",
"value": "Adobe Reader Acrobat en versiones anteriores a 11.0.18, Acrobat Acrobat Reader DC Classic en versiones anteriores a 15.006.30243 y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 15.020.20039 en Windows y OS X permiten a atacantes ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018 y CVE-2016-7019."
}
],
"id": "CVE-2016-6943",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-10-13T19:59:12.100",
"references": [
{
"source": "psirt@adobe.com",
"url": "http://www.securityfocus.com/bid/93496"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/93496"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-10-13 20:00
Modified
2025-04-12 10:46
Severity ?
Summary
Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | mac_os_x | * | |
| microsoft | windows | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CE518B7B-656F-42F8-BF38-F74B8D9CF5DE",
"versionEndIncluding": "11.0.17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "56758CE4-B394-41C2-9EF9-A00022DA7257",
"versionEndIncluding": "15.006.30201",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "B3F34EB4-2203-4BA8-9729-C1EB2DEEC334",
"versionEndIncluding": "15.017.20053",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "08EAC1A2-56CE-4375-822A-9B8C43758654",
"versionEndIncluding": "15.006.30201",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "747D8222-B077-49A3-83EB-A210CAF0D094",
"versionEndIncluding": "15.017.20053",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0A07526D-9AD0-4778-B9DC-57815F9F450F",
"versionEndIncluding": "11.0.17",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019."
},
{
"lang": "es",
"value": "Adobe Reader y Acrobat en versiones anteriores a 11.0.18, Acrobat y Acrobat Reader DC Classic en versiones anteriores a 15.006.30243 y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 15.020.20039 en Windows y OS X permiten a atacantes ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7017, CVE-2016-7018 y CVE-2016-7019."
}
],
"id": "CVE-2016-7016",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-10-13T20:00:57.267",
"references": [
{
"source": "psirt@adobe.com",
"url": "http://www.securityfocus.com/bid/93496"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/93496"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-10-13 20:00
Modified
2025-04-12 10:46
Severity ?
Summary
Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | mac_os_x | * | |
| microsoft | windows | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CE518B7B-656F-42F8-BF38-F74B8D9CF5DE",
"versionEndIncluding": "11.0.17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "56758CE4-B394-41C2-9EF9-A00022DA7257",
"versionEndIncluding": "15.006.30201",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "B3F34EB4-2203-4BA8-9729-C1EB2DEEC334",
"versionEndIncluding": "15.017.20053",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "08EAC1A2-56CE-4375-822A-9B8C43758654",
"versionEndIncluding": "15.006.30201",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "747D8222-B077-49A3-83EB-A210CAF0D094",
"versionEndIncluding": "15.017.20053",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0A07526D-9AD0-4778-B9DC-57815F9F450F",
"versionEndIncluding": "11.0.17",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019."
},
{
"lang": "es",
"value": "Adobe Reader y Acrobat en versiones anteriores a 11.0.18, Acrobat y Acrobat Reader DC Classic en versiones anteriores a 15.006.30243 y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 15.020.20039 en Windows y OS X permiten a atacantes ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018 y CVE-2016-7019."
}
],
"id": "CVE-2016-7000",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-10-13T20:00:29.893",
"references": [
{
"source": "psirt@adobe.com",
"url": "http://www.securityfocus.com/bid/93496"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/93496"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-10-13 19:59
Modified
2025-04-12 10:46
Severity ?
Summary
Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1089, CVE-2016-1091, CVE-2016-6944, CVE-2016-6945, CVE-2016-6946, CVE-2016-6949, CVE-2016-6952, CVE-2016-6953, CVE-2016-6961, CVE-2016-6962, CVE-2016-6963, CVE-2016-6964, CVE-2016-6965, CVE-2016-6967, CVE-2016-6969, CVE-2016-6971, CVE-2016-6979, CVE-2016-6988, and CVE-2016-6993.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | mac_os_x | * | |
| microsoft | windows | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CE518B7B-656F-42F8-BF38-F74B8D9CF5DE",
"versionEndIncluding": "11.0.17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "56758CE4-B394-41C2-9EF9-A00022DA7257",
"versionEndIncluding": "15.006.30201",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "B3F34EB4-2203-4BA8-9729-C1EB2DEEC334",
"versionEndIncluding": "15.017.20053",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "08EAC1A2-56CE-4375-822A-9B8C43758654",
"versionEndIncluding": "15.006.30201",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "747D8222-B077-49A3-83EB-A210CAF0D094",
"versionEndIncluding": "15.017.20053",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0A07526D-9AD0-4778-B9DC-57815F9F450F",
"versionEndIncluding": "11.0.17",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1089, CVE-2016-1091, CVE-2016-6944, CVE-2016-6945, CVE-2016-6946, CVE-2016-6949, CVE-2016-6952, CVE-2016-6953, CVE-2016-6961, CVE-2016-6962, CVE-2016-6963, CVE-2016-6964, CVE-2016-6965, CVE-2016-6967, CVE-2016-6969, CVE-2016-6971, CVE-2016-6979, CVE-2016-6988, and CVE-2016-6993."
},
{
"lang": "es",
"value": "Vulnerabilidad de uso despu\u00e9s de liberaci\u00f3n de memoria en Adobe Reader y Acrobat en versiones anteriores a 11.0.18, Acrobat y Acrobat Reader DC Classic en versiones anteriores a 15.006.30243 y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 15.020.20039 en Windows y OS X permite a atacantes ejecutar c\u00f3digo arbitrario a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-1089, CVE-2016-1091, CVE-2016-6944, CVE-2016-6945, CVE-2016-6946, CVE-2016-6949, CVE-2016-6952, CVE-2016-6953, CVE-2016-6961, CVE-2016-6962, CVE-2016-6963, CVE-2016-6964, CVE-2016-6965, CVE-2016-6967, CVE-2016-6969, CVE-2016-6971, CVE-2016-6979, CVE-2016-6988 y CVE-2016-6993."
}
],
"id": "CVE-2016-6968",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-10-13T19:59:39.797",
"references": [
{
"source": "psirt@adobe.com",
"url": "http://www.securityfocus.com/bid/93491"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/93491"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-416"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-08-11 19:29
Modified
2025-04-20 01:37
Severity ?
Summary
Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable use after free vulnerability when generating content using XFA layout engine. Successful exploitation could lead to arbitrary code execution.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| psirt@adobe.com | http://www.securityfocus.com/bid/100182 | Third Party Advisory, VDB Entry | |
| psirt@adobe.com | http://www.securitytracker.com/id/1039098 | Third Party Advisory, VDB Entry | |
| psirt@adobe.com | https://helpx.adobe.com/security/products/acrobat/apsb17-24.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/100182 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1039098 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://helpx.adobe.com/security/products/acrobat/apsb17-24.html | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| adobe | acrobat | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * | |
| apple | mac_os_x | * | |
| microsoft | windows | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A30D9514-FE2E-4A9C-9500-16890F53E970",
"versionEndIncluding": "11.0.20",
"versionStartIncluding": "11.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7C9B6745-48B3-47D5-B624-3321E9058FB6",
"versionEndIncluding": "17.011.30066",
"versionStartIncluding": "17.011.00000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "99D08096-DEEA-4409-835A-68479002FF0F",
"versionEndIncluding": "15.006.30306",
"versionStartIncluding": "15.006.30060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "C7A7FA12-9250-4E26-87AE-D5413A1B7D83",
"versionEndIncluding": "17.009.20058",
"versionStartIncluding": "15.007.20033",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "11A0E83A-9D77-4A0B-90DE-386D21D54146",
"versionEndIncluding": "17.011.30066",
"versionStartIncluding": "17.011.00000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "0E4BAFB4-C5F3-4033-9876-AC3CF37206F8",
"versionEndIncluding": "15.006.30306",
"versionStartIncluding": "15.006.30060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "7C578153-11EF-4F8D-9137-4F7AB8024D7E",
"versionEndIncluding": "17.009.20058",
"versionStartIncluding": "15.007.20033",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1F87CC97-6ED7-4AF1-B7B7-F89EA09A68DB",
"versionEndIncluding": "11.0.20",
"versionStartIncluding": "11.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable use after free vulnerability when generating content using XFA layout engine. Successful exploitation could lead to arbitrary code execution."
},
{
"lang": "es",
"value": "Adobe Acrobat Reader 2017.009.20058 y anteriores, 2017.008.30051 y anteriores, 2015.006.30306 y anteriores, y 11.0.20 y anteriores tiene una vulnerabilidad de uso de memoria antes de liberaci\u00f3n (use after free) cuando genera contenido empleando el motor de dise\u00f1o XFA. La explotaci\u00f3n con \u00e9xito de esta vulnerabilidad podr\u00eda permitir la ejecuci\u00f3n arbitraria de c\u00f3digo."
}
],
"id": "CVE-2017-11256",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-08-11T19:29:01.493",
"references": [
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/100182"
},
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039098"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/100182"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039098"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-416"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-08-26 19:59
Modified
2025-04-12 10:46
Severity ?
Summary
Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | mac_os_x | * | |
| microsoft | windows | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "48F7FCE4-6C44-45DA-B1F0-7808F497AA93",
"versionEndIncluding": "11.0.16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "3F3C7F23-77F4-4698-8E74-72917F2A83E9",
"versionEndIncluding": "15.006.30174",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "2E46BF91-F475-46CB-8575-13FE3A57BD55",
"versionEndIncluding": "15.016.20045",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "6D455EA4-9459-471D-8B4E-D7D78C1772F3",
"versionEndIncluding": "15.006.30174",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "79074ABD-9720-4298-A680-0B636FFC6151",
"versionEndIncluding": "15.016.20045",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CD2EDEC-3767-4713-ACD7-D463DAE2D273",
"versionEndIncluding": "11.0.16",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105."
},
{
"lang": "es",
"value": "Adobe Reader y Acrobat en versiones anteriores a 11.0.16, Acrobat y Acrobat Reader DC Classic 15.006.30172 y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 15.016.20039 en Windows y OS X permiten a atacantes ejecutar un c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104 y CVE-2016-4105."
}
],
"id": "CVE-2016-4119",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-08-26T19:59:00.117",
"references": [
{
"source": "psirt@adobe.com",
"url": "https://blog.fortinet.com/2016/06/06/analysis-of-use-after-free-vulnerability-cve-2016-4119-in-adobe-acrobat-and-reader"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://blog.fortinet.com/2016/06/06/analysis-of-use-after-free-vulnerability-cve-2016-4119-in-adobe-acrobat-and-reader"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-03-31 16:59
Modified
2025-04-20 01:37
Severity ?
Summary
Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable memory corruption vulnerability in the rendering engine. Successful exploitation could lead to arbitrary code execution.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| psirt@adobe.com | http://www.securityfocus.com/bid/97306 | Third Party Advisory, VDB Entry | |
| psirt@adobe.com | https://helpx.adobe.com/security/products/acrobat/apsb17-01.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/97306 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://helpx.adobe.com/security/products/acrobat/apsb17-01.html | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * | |
| apple | macos | - | |
| microsoft | windows | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "79C92CAE-E238-4450-A9D1-6AD35F006BD1",
"versionEndIncluding": "11.0.18",
"versionStartIncluding": "11.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "A5543934-84E5-4927-850D-ADEFCE150E77",
"versionEndIncluding": "15.006.30244",
"versionStartIncluding": "15.000.0000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "7D2CC936-AACB-42DA-95F6-C2567E209DF2",
"versionEndIncluding": "15.020.20042",
"versionStartIncluding": "15.000.0000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "E23E66EF-B335-473B-8895-9F392B9FA1CE",
"versionEndIncluding": "15.006.30244",
"versionStartIncluding": "15.000.0000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "DCE94D04-159C-400F-B2E7-532BBFD1B1BB",
"versionEndIncluding": "15.020.20042",
"versionStartIncluding": "15.000.0000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0755CB59-C529-42FF-8CC3-0595D3B440EE",
"versionEndIncluding": "11.0.18",
"versionStartIncluding": "11.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*",
"matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable memory corruption vulnerability in the rendering engine. Successful exploitation could lead to arbitrary code execution."
},
{
"lang": "es",
"value": "Adobe Acrobat Reader versiones 15.020.20042 y en versiones anteriores, 15.006.30244 y en versiones anteriores a 11.0.18 y versiones anteriores tienen una vulnerabilidad de corrupci\u00f3n de memoria explotable en el motor de renderizado. Una explotaci\u00f3n exitosa podr\u00eda conducir a la ejecuci\u00f3n arbitraria de c\u00f3digo."
}
],
"id": "CVE-2017-3010",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-03-31T16:59:00.537",
"references": [
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/97306"
},
{
"source": "psirt@adobe.com",
"tags": [
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/97306"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-01-11 04:59
Modified
2025-04-20 01:37
Severity ?
Summary
Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable memory corruption vulnerability in the image conversion engine, related to handling of the color profile in a TIFF file. Successful exploitation could lead to arbitrary code execution.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * | |
| apple | mac_os_x | * | |
| microsoft | windows | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "591061D5-5A3B-4788-9219-E6A267C7F205",
"versionEndIncluding": "11.0.18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "2DA73DF1-D517-4D01-A901-11C6A410F3F7",
"versionEndIncluding": "15.006.30244",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "1044057B-3C1D-4920-B16E-11E8F43B416D",
"versionEndIncluding": "15.020.20042",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "65AE21B3-AF0D-480B-9D1A-4D64D2F749D2",
"versionEndIncluding": "15.006.30244",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "C032D3A4-80F5-4066-97DC-3AED72D6C15A",
"versionEndIncluding": "15.020.20042",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8D7F2E90-F6DF-41A3-A1DB-26058BEA2A02",
"versionEndIncluding": "11.0.18",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable memory corruption vulnerability in the image conversion engine, related to handling of the color profile in a TIFF file. Successful exploitation could lead to arbitrary code execution."
},
{
"lang": "es",
"value": "Las versiones de Adobe Acrobat Reader 15.020.20042 y anteriores, 15.006.30244 y anteriores, 11.0.18 y anteriores tienen una vulnerabilidad de corrupci\u00f3n de memoria explotable en el motor de conversi\u00f3n de im\u00e1genes, relacionado con el manejo del perfil de color en un archivo TIFF. Una explotaci\u00f3n satisfactoria podr\u00eda conducir a la ejecuci\u00f3n de c\u00f3digo arbitrario."
}
],
"id": "CVE-2017-2963",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-01-11T04:59:02.023",
"references": [
{
"source": "psirt@adobe.com",
"url": "http://www.securityfocus.com/bid/95345"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1037574"
},
{
"source": "psirt@adobe.com",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-17-027"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/95345"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1037574"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-17-027"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-05-11 10:59
Modified
2025-04-12 10:46
Severity ?
Summary
Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | mac_os_x | * | |
| microsoft | windows | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3A70458C-0416-49BD-A371-1CFA85DC6A13",
"versionEndIncluding": "11.0.15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "E91D5928-1453-4359-9F35-46D9A3A9CD91",
"versionEndIncluding": "15.006.30121",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "504D35C5-04CB-4FBD-B9FD-4CBA71A5EC1A",
"versionEndIncluding": "15.010.20060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "A63411C3-E8AE-415D-B1B6-1EA6AA20494A",
"versionEndIncluding": "15.006.30121",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "B33BAE59-1F77-4F21-A5C0-B5D9D1D67F1E",
"versionEndIncluding": "15.010.20060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "15C60A67-A7DE-4B57-BC2B-28D9B546DA3B",
"versionEndIncluding": "11.0.15",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105."
},
{
"lang": "es",
"value": "Adobe Reader y Acrobat en versiones anteriores a 11.0.16, Acrobat y Acrobat Reader DC Classic en versiones anteriores a 15.006.30172 y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 15.016.20039 sobre Windows y OS X permiten a atacantes ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104 y CVE-2016-4105."
}
],
"id": "CVE-2016-1074",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-05-11T10:59:43.207",
"references": [
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"source": "psirt@adobe.com",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-322"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-322"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-04-12 14:59
Modified
2025-04-20 01:37
Severity ?
Summary
Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have a memory address leak vulnerability in the XSLT engine.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| psirt@adobe.com | http://www.securityfocus.com/bid/97554 | Third Party Advisory, VDB Entry | |
| psirt@adobe.com | http://www.securitytracker.com/id/1038228 | ||
| psirt@adobe.com | https://helpx.adobe.com/security/products/acrobat/apsb17-11.html | Vendor Advisory | |
| nvd@nist.gov | http://www.zerodayinitiative.com/advisories/ZDI-17-259/ | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/97554 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1038228 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://helpx.adobe.com/security/products/acrobat/apsb17-11.html | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * | |
| apple | mac_os_x | * | |
| microsoft | windows | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "920C2C98-5D86-4436-BEFF-54D9A41D43C8",
"versionEndIncluding": "11.0.19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "E065F497-3396-4F95-B19F-35628C8AA570",
"versionEndIncluding": "15.006.30280",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "FAC7EE17-469A-45D6-94B1-7C84E8727A06",
"versionEndIncluding": "15.023.20070",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "EF2B91EA-41D3-4054-958C-5F174D2ADDF0",
"versionEndIncluding": "15.006.30280",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "2E18E48C-BDDD-4A01-91F1-C233D53C0978",
"versionEndIncluding": "15.023.20070",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E65E415E-1C3C-472E-9750-3295B65CC6F0",
"versionEndIncluding": "11.0.19",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have a memory address leak vulnerability in the XSLT engine."
},
{
"lang": "es",
"value": "Las versiones de Adobe Acrobat Reader 11.0.19 y anteriores, 15.006.30280 y anteriores, 15.023.20070 y anteriores tienen una vulnerabilidad de fuga de direcciones de memoria en el motor XSLT."
}
],
"id": "CVE-2017-3031",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-04-12T14:59:02.203",
"references": [
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/97554"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1038228"
},
{
"source": "psirt@adobe.com",
"tags": [
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
},
{
"source": "nvd@nist.gov",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-17-259/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/97554"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1038228"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-05-11 10:59
Modified
2025-04-12 10:46
Severity ?
Summary
Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | mac_os_x | * | |
| microsoft | windows | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3A70458C-0416-49BD-A371-1CFA85DC6A13",
"versionEndIncluding": "11.0.15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "E91D5928-1453-4359-9F35-46D9A3A9CD91",
"versionEndIncluding": "15.006.30121",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "504D35C5-04CB-4FBD-B9FD-4CBA71A5EC1A",
"versionEndIncluding": "15.010.20060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "A63411C3-E8AE-415D-B1B6-1EA6AA20494A",
"versionEndIncluding": "15.006.30121",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "B33BAE59-1F77-4F21-A5C0-B5D9D1D67F1E",
"versionEndIncluding": "15.010.20060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "15C60A67-A7DE-4B57-BC2B-28D9B546DA3B",
"versionEndIncluding": "11.0.15",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105."
},
{
"lang": "es",
"value": "Adobe Reader y Acrobat en versiones anteriores a 11.0.16, Acrobat y Acrobat Reader DC Classic en versiones anteriores a 15.006.30172 y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 15.016.20039 sobre Windows y OS X permiten a atacantes ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104 y CVE-2016-4105."
}
],
"id": "CVE-2016-1081",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-05-11T10:59:51.143",
"references": [
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-05-11 11:00
Modified
2025-04-12 10:46
Severity ?
Summary
Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | mac_os_x | * | |
| microsoft | windows | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3A70458C-0416-49BD-A371-1CFA85DC6A13",
"versionEndIncluding": "11.0.15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "E91D5928-1453-4359-9F35-46D9A3A9CD91",
"versionEndIncluding": "15.006.30121",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "504D35C5-04CB-4FBD-B9FD-4CBA71A5EC1A",
"versionEndIncluding": "15.010.20060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "A63411C3-E8AE-415D-B1B6-1EA6AA20494A",
"versionEndIncluding": "15.006.30121",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "B33BAE59-1F77-4F21-A5C0-B5D9D1D67F1E",
"versionEndIncluding": "15.010.20060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "15C60A67-A7DE-4B57-BC2B-28D9B546DA3B",
"versionEndIncluding": "11.0.15",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105."
},
{
"lang": "es",
"value": "Adobe Reader y Acrobat en versiones anteriores a 11.0.16, Acrobat y Acrobat Reader DC Classic en versiones anteriores a 15.006.30172 y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 15.016.20039 sobre Windows y OS X permiten a atacantes ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104 y CVE-2016-4105."
}
],
"id": "CVE-2016-1095",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-05-11T11:00:05.780",
"references": [
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"source": "psirt@adobe.com",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-329"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-329"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-07-13 02:00
Modified
2025-04-12 10:46
Severity ?
Summary
Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4191, CVE-2016-4192, CVE-2016-4193, CVE-2016-4194, CVE-2016-4195, CVE-2016-4196, CVE-2016-4197, CVE-2016-4198, CVE-2016-4199, CVE-2016-4201, CVE-2016-4202, CVE-2016-4203, CVE-2016-4204, CVE-2016-4205, CVE-2016-4206, CVE-2016-4207, CVE-2016-4208, CVE-2016-4211, CVE-2016-4212, CVE-2016-4213, CVE-2016-4214, CVE-2016-4250, CVE-2016-4251, CVE-2016-4252, and CVE-2016-4254.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | mac_os_x | * | |
| microsoft | windows | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "48F7FCE4-6C44-45DA-B1F0-7808F497AA93",
"versionEndIncluding": "11.0.16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "3F3C7F23-77F4-4698-8E74-72917F2A83E9",
"versionEndIncluding": "15.006.30174",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "2E46BF91-F475-46CB-8575-13FE3A57BD55",
"versionEndIncluding": "15.016.20045",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "6D455EA4-9459-471D-8B4E-D7D78C1772F3",
"versionEndIncluding": "15.006.30174",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "79074ABD-9720-4298-A680-0B636FFC6151",
"versionEndIncluding": "15.016.20045",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CD2EDEC-3767-4713-ACD7-D463DAE2D273",
"versionEndIncluding": "11.0.16",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4191, CVE-2016-4192, CVE-2016-4193, CVE-2016-4194, CVE-2016-4195, CVE-2016-4196, CVE-2016-4197, CVE-2016-4198, CVE-2016-4199, CVE-2016-4201, CVE-2016-4202, CVE-2016-4203, CVE-2016-4204, CVE-2016-4205, CVE-2016-4206, CVE-2016-4207, CVE-2016-4208, CVE-2016-4211, CVE-2016-4212, CVE-2016-4213, CVE-2016-4214, CVE-2016-4250, CVE-2016-4251, CVE-2016-4252, and CVE-2016-4254."
},
{
"lang": "es",
"value": "Adobe Reader y Acrobat en versiones anteriores a 11.0.17, Acrobat y Acrobat Reader DC Classic en versiones anteriores a 15.006.30198 y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 15.017.20050 en Windows y OS X permiten a atacantes ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-4191, CVE-2016-4192, CVE-2016-4193, CVE-2016-4194, CVE-2016-4195, CVE-2016-4196, CVE-2016-4197, CVE-2016-4198, CVE-2016-4199, CVE-2016-4201, CVE-2016-4202, CVE-2016-4203, CVE-2016-4204, CVE-2016-4205, CVE-2016-4206, CVE-2016-4207, CVE-2016-4208, CVE-2016-4211, CVE-2016-4212, CVE-2016-4213, CVE-2016-4214, CVE-2016-4250, CVE-2016-4251, CVE-2016-4252 y CVE-2016-4254."
}
],
"id": "CVE-2016-4200",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-07-13T02:00:10.210",
"references": [
{
"source": "psirt@adobe.com",
"url": "http://www.securityfocus.com/bid/91716"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1036281"
},
{
"source": "psirt@adobe.com",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-419"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/91716"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1036281"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-419"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-10-13 20:01
Modified
2025-04-12 10:46
Severity ?
Summary
Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, and CVE-2016-7018.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | mac_os_x | * | |
| microsoft | windows | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CE518B7B-656F-42F8-BF38-F74B8D9CF5DE",
"versionEndIncluding": "11.0.17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "56758CE4-B394-41C2-9EF9-A00022DA7257",
"versionEndIncluding": "15.006.30201",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "B3F34EB4-2203-4BA8-9729-C1EB2DEEC334",
"versionEndIncluding": "15.017.20053",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "08EAC1A2-56CE-4375-822A-9B8C43758654",
"versionEndIncluding": "15.006.30201",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "747D8222-B077-49A3-83EB-A210CAF0D094",
"versionEndIncluding": "15.017.20053",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0A07526D-9AD0-4778-B9DC-57815F9F450F",
"versionEndIncluding": "11.0.17",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, and CVE-2016-7018."
},
{
"lang": "es",
"value": "Adobe Reader y Acrobat en versiones anteriores a 11.0.18, Acrobat y Acrobat Reader DC Classic en versiones anteriores a 15.006.30243 y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 15.020.20039 en Windows y OS X permiten a atacantes ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017 y CVE-2016-7018."
}
],
"id": "CVE-2016-7019",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-10-13T20:01:02.333",
"references": [
{
"source": "psirt@adobe.com",
"url": "http://www.securityfocus.com/bid/93496"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"source": "psirt@adobe.com",
"tags": [
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/93496"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-05-11 10:59
Modified
2025-04-12 10:46
Severity ?
Summary
Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | mac_os_x | * | |
| microsoft | windows | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3A70458C-0416-49BD-A371-1CFA85DC6A13",
"versionEndIncluding": "11.0.15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "E91D5928-1453-4359-9F35-46D9A3A9CD91",
"versionEndIncluding": "15.006.30121",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "504D35C5-04CB-4FBD-B9FD-4CBA71A5EC1A",
"versionEndIncluding": "15.010.20060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "A63411C3-E8AE-415D-B1B6-1EA6AA20494A",
"versionEndIncluding": "15.006.30121",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "B33BAE59-1F77-4F21-A5C0-B5D9D1D67F1E",
"versionEndIncluding": "15.010.20060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "15C60A67-A7DE-4B57-BC2B-28D9B546DA3B",
"versionEndIncluding": "11.0.15",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105."
},
{
"lang": "es",
"value": "Adobe Reader y Acrobat en versiones anteriores a 11.0.16, Acrobat y Acrobat Reader DC Classic en versiones anteriores a 15.006.30172 y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 15.016.20039 sobre Windows y OS X permiten a atacantes ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-1037, CVE-2016-1063, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104 y CVE-2016-4105."
}
],
"id": "CVE-2016-1064",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-05-11T10:59:31.173",
"references": [
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-10-13 19:59
Modified
2025-04-12 10:46
Severity ?
Summary
Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | mac_os_x | * | |
| microsoft | windows | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CE518B7B-656F-42F8-BF38-F74B8D9CF5DE",
"versionEndIncluding": "11.0.17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "56758CE4-B394-41C2-9EF9-A00022DA7257",
"versionEndIncluding": "15.006.30201",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "B3F34EB4-2203-4BA8-9729-C1EB2DEEC334",
"versionEndIncluding": "15.017.20053",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "08EAC1A2-56CE-4375-822A-9B8C43758654",
"versionEndIncluding": "15.006.30201",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "747D8222-B077-49A3-83EB-A210CAF0D094",
"versionEndIncluding": "15.017.20053",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0A07526D-9AD0-4778-B9DC-57815F9F450F",
"versionEndIncluding": "11.0.17",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019."
},
{
"lang": "es",
"value": "Adobe Reader y Acrobat en versiones anteriores a 11.0.18, Acrobat y Acrobat Reader DC Classic en versiones anteriores a 15.006.30243, y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 15.020.20039 en Windows y OS X permiten a atacantes ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018 y CVE-2016-7019."
}
],
"id": "CVE-2016-6974",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-10-13T19:59:46.500",
"references": [
{
"source": "psirt@adobe.com",
"url": "http://www.securityfocus.com/bid/93496"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/93496"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-10-13 19:59
Modified
2025-04-12 10:46
Severity ?
Summary
Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1089, CVE-2016-1091, CVE-2016-6944, CVE-2016-6945, CVE-2016-6946, CVE-2016-6949, CVE-2016-6952, CVE-2016-6953, CVE-2016-6961, CVE-2016-6962, CVE-2016-6963, CVE-2016-6964, CVE-2016-6965, CVE-2016-6968, CVE-2016-6969, CVE-2016-6971, CVE-2016-6979, CVE-2016-6988, and CVE-2016-6993.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | mac_os_x | * | |
| microsoft | windows | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CE518B7B-656F-42F8-BF38-F74B8D9CF5DE",
"versionEndIncluding": "11.0.17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "56758CE4-B394-41C2-9EF9-A00022DA7257",
"versionEndIncluding": "15.006.30201",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "B3F34EB4-2203-4BA8-9729-C1EB2DEEC334",
"versionEndIncluding": "15.017.20053",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "08EAC1A2-56CE-4375-822A-9B8C43758654",
"versionEndIncluding": "15.006.30201",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "747D8222-B077-49A3-83EB-A210CAF0D094",
"versionEndIncluding": "15.017.20053",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0A07526D-9AD0-4778-B9DC-57815F9F450F",
"versionEndIncluding": "11.0.17",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1089, CVE-2016-1091, CVE-2016-6944, CVE-2016-6945, CVE-2016-6946, CVE-2016-6949, CVE-2016-6952, CVE-2016-6953, CVE-2016-6961, CVE-2016-6962, CVE-2016-6963, CVE-2016-6964, CVE-2016-6965, CVE-2016-6968, CVE-2016-6969, CVE-2016-6971, CVE-2016-6979, CVE-2016-6988, and CVE-2016-6993."
},
{
"lang": "es",
"value": "Vulnerabilidad de uso despu\u00e9s de liberaci\u00f3n de memoria en Adobe Reader y Acrobat en versiones anteriores a 11.0.18, Acrobat y Acrobat Reader DC Classic en versiones anteriores a 15.006.30243 y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 15.020.20039 en Windows y OS X permite a atacantes ejecutar c\u00f3digo arbitrario a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-1089, CVE-2016-1091, CVE-2016-6944, CVE-2016-6945, CVE-2016-6946, CVE-2016-6949, CVE-2016-6952, CVE-2016-6953, CVE-2016-6961, CVE-2016-6962, CVE-2016-6963, CVE-2016-6964, CVE-2016-6965, CVE-2016-6968, CVE-2016-6969, CVE-2016-6971, CVE-2016-6979, CVE-2016-6988 y CVE-2016-6993."
}
],
"id": "CVE-2016-6967",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-10-13T19:59:38.747",
"references": [
{
"source": "psirt@adobe.com",
"url": "http://www.securityfocus.com/bid/93491"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/93491"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-416"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-04-12 14:59
Modified
2025-04-20 01:37
Severity ?
Summary
Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable use after free vulnerability when manipulating an internal data structure. Successful exploitation could lead to arbitrary code execution.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * | |
| apple | mac_os_x | * | |
| microsoft | windows | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "920C2C98-5D86-4436-BEFF-54D9A41D43C8",
"versionEndIncluding": "11.0.19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "E065F497-3396-4F95-B19F-35628C8AA570",
"versionEndIncluding": "15.006.30280",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "FAC7EE17-469A-45D6-94B1-7C84E8727A06",
"versionEndIncluding": "15.023.20070",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "EF2B91EA-41D3-4054-958C-5F174D2ADDF0",
"versionEndIncluding": "15.006.30280",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "2E18E48C-BDDD-4A01-91F1-C233D53C0978",
"versionEndIncluding": "15.023.20070",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E65E415E-1C3C-472E-9750-3295B65CC6F0",
"versionEndIncluding": "11.0.19",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable use after free vulnerability when manipulating an internal data structure. Successful exploitation could lead to arbitrary code execution."
},
{
"lang": "es",
"value": "Las versiones de Adobe Acrobat Reader 11.0.19 y anteriores, 15.006.30280 y anteriores, 15.023.20070 y anteriores tienen un uso explotable despu\u00e9s de la vulnerabilidad gratuita al manipular una estructura de datos interna. Una explotaci\u00f3n exitosa podr\u00eda conducir a la ejecuci\u00f3n arbitraria de c\u00f3digo."
}
],
"id": "CVE-2017-3026",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-04-12T14:59:02.047",
"references": [
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/97550"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1038228"
},
{
"source": "psirt@adobe.com",
"tags": [
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/97550"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1038228"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-416"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-05-11 10:59
Modified
2025-04-12 10:46
Severity ?
Summary
Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1045, CVE-2016-1046, CVE-2016-1047, CVE-2016-1048, CVE-2016-1049, CVE-2016-1050, CVE-2016-1051, CVE-2016-1052, CVE-2016-1053, CVE-2016-1054, CVE-2016-1055, CVE-2016-1056, CVE-2016-1058, CVE-2016-1059, CVE-2016-1060, CVE-2016-1061, CVE-2016-1065, CVE-2016-1066, CVE-2016-1067, CVE-2016-1068, CVE-2016-1069, CVE-2016-1070, CVE-2016-1075, CVE-2016-1094, CVE-2016-1121, CVE-2016-1122, CVE-2016-4102, and CVE-2016-4107.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | mac_os_x | * | |
| microsoft | windows | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3A70458C-0416-49BD-A371-1CFA85DC6A13",
"versionEndIncluding": "11.0.15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "E91D5928-1453-4359-9F35-46D9A3A9CD91",
"versionEndIncluding": "15.006.30121",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "504D35C5-04CB-4FBD-B9FD-4CBA71A5EC1A",
"versionEndIncluding": "15.010.20060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "A63411C3-E8AE-415D-B1B6-1EA6AA20494A",
"versionEndIncluding": "15.006.30121",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "B33BAE59-1F77-4F21-A5C0-B5D9D1D67F1E",
"versionEndIncluding": "15.010.20060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "15C60A67-A7DE-4B57-BC2B-28D9B546DA3B",
"versionEndIncluding": "11.0.15",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1045, CVE-2016-1046, CVE-2016-1047, CVE-2016-1048, CVE-2016-1049, CVE-2016-1050, CVE-2016-1051, CVE-2016-1052, CVE-2016-1053, CVE-2016-1054, CVE-2016-1055, CVE-2016-1056, CVE-2016-1058, CVE-2016-1059, CVE-2016-1060, CVE-2016-1061, CVE-2016-1065, CVE-2016-1066, CVE-2016-1067, CVE-2016-1068, CVE-2016-1069, CVE-2016-1070, CVE-2016-1075, CVE-2016-1094, CVE-2016-1121, CVE-2016-1122, CVE-2016-4102, and CVE-2016-4107."
},
{
"lang": "es",
"value": "Vulnerabilidad de uso despu\u00e9s de liberaci\u00f3n de memoria en Adobe Reader y Acrobat en versiones anteriores a 11.0.16, Acrobat y Acrobat Reader DC Classic en versiones anteriores a 15.006.30172 y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 15.016.20039 sobre Windows y OS X permite a atacantes ejecutar c\u00f3digo arbitrario a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-1045, CVE-2016-1046, CVE-2016-1047, CVE-2016-1048, CVE-2016-1049, CVE-2016-1050, CVE-2016-1051, CVE-2016-1052, CVE-2016-1053, CVE-2016-1054, CVE-2016-1055, CVE-2016-1056, CVE-2016-1058, CVE-2016-1059, CVE-2016-1060, CVE-2016-1061, CVE-2016-1065, CVE-2016-1066, CVE-2016-1067, CVE-2016-1068, CVE-2016-1069, CVE-2016-1070, CVE-2016-1075, CVE-2016-1094, CVE-2016-1121, CVE-2016-1122, CVE-2016-4102 y CVE-2016-4107."
}
],
"evaluatorComment": "\u003ca href=\"http://cwe.mitre.org/data/definitions/416.html\"\u003eCWE-416: Use After Free\u003c/a\u003e",
"id": "CVE-2016-1057",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-05-11T10:59:23.177",
"references": [
{
"source": "psirt@adobe.com",
"url": "http://www.securityfocus.com/bid/90512"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"source": "psirt@adobe.com",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-305"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/90512"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-305"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-10-13 20:00
Modified
2025-04-12 10:46
Severity ?
Summary
Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | mac_os_x | * | |
| microsoft | windows | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CE518B7B-656F-42F8-BF38-F74B8D9CF5DE",
"versionEndIncluding": "11.0.17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "56758CE4-B394-41C2-9EF9-A00022DA7257",
"versionEndIncluding": "15.006.30201",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "B3F34EB4-2203-4BA8-9729-C1EB2DEEC334",
"versionEndIncluding": "15.017.20053",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "08EAC1A2-56CE-4375-822A-9B8C43758654",
"versionEndIncluding": "15.006.30201",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "747D8222-B077-49A3-83EB-A210CAF0D094",
"versionEndIncluding": "15.017.20053",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0A07526D-9AD0-4778-B9DC-57815F9F450F",
"versionEndIncluding": "11.0.17",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019."
},
{
"lang": "es",
"value": "Adobe Reader y Acrobat en versiones anteriores a 11.0.18, Acrobat y Acrobat Reader DC Classic en versiones anteriores a 15.006.30243 y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 15.020.20039 en Windows y OS X permiten a atacantes ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018 y CVE-2016-7019."
}
],
"id": "CVE-2016-7011",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-10-13T20:00:50.027",
"references": [
{
"source": "psirt@adobe.com",
"url": "http://www.securityfocus.com/bid/93496"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/93496"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-10-21 17:59
Modified
2025-04-12 10:46
Severity ?
Summary
Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, CVE-2016-7019, CVE-2016-7852, and CVE-2016-7854.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | mac_os_x | * | |
| microsoft | windows | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CE518B7B-656F-42F8-BF38-F74B8D9CF5DE",
"versionEndIncluding": "11.0.17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "56758CE4-B394-41C2-9EF9-A00022DA7257",
"versionEndIncluding": "15.006.30201",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "B3F34EB4-2203-4BA8-9729-C1EB2DEEC334",
"versionEndIncluding": "15.017.20053",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "08EAC1A2-56CE-4375-822A-9B8C43758654",
"versionEndIncluding": "15.006.30201",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "747D8222-B077-49A3-83EB-A210CAF0D094",
"versionEndIncluding": "15.017.20053",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0A07526D-9AD0-4778-B9DC-57815F9F450F",
"versionEndIncluding": "11.0.17",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, CVE-2016-7019, CVE-2016-7852, and CVE-2016-7854."
},
{
"lang": "es",
"value": "Adobe Reader y Acrobat en versiones anteriores a 11.0.18, Acrobat y Acrobat Reader DC Classic en versiones anteriores a 15.006.30243 y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 15.020.20039 en Windows y OS X permiten a atacantes ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, CVE-2016-7019, CVE-2016-7852 y CVE-2016-7854."
}
],
"id": "CVE-2016-7853",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-10-21T17:59:03.230",
"references": [
{
"source": "psirt@adobe.com",
"url": "http://www.securityfocus.com/bid/93496"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/93496"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-04-12 14:59
Modified
2025-04-20 01:37
Severity ?
Summary
Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable use after free vulnerability in the JavaScript engine's annotation-related API. Successful exploitation could lead to arbitrary code execution.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| psirt@adobe.com | http://www.securityfocus.com/bid/97550 | Third Party Advisory, VDB Entry | |
| psirt@adobe.com | http://www.securitytracker.com/id/1038228 | ||
| psirt@adobe.com | https://helpx.adobe.com/security/products/acrobat/apsb17-11.html | Vendor Advisory | |
| nvd@nist.gov | http://www.zerodayinitiative.com/advisories/ZDI-17-271/ | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/97550 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1038228 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://helpx.adobe.com/security/products/acrobat/apsb17-11.html | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * | |
| apple | mac_os_x | * | |
| microsoft | windows | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "920C2C98-5D86-4436-BEFF-54D9A41D43C8",
"versionEndIncluding": "11.0.19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "E065F497-3396-4F95-B19F-35628C8AA570",
"versionEndIncluding": "15.006.30280",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "FAC7EE17-469A-45D6-94B1-7C84E8727A06",
"versionEndIncluding": "15.023.20070",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "EF2B91EA-41D3-4054-958C-5F174D2ADDF0",
"versionEndIncluding": "15.006.30280",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "2E18E48C-BDDD-4A01-91F1-C233D53C0978",
"versionEndIncluding": "15.023.20070",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E65E415E-1C3C-472E-9750-3295B65CC6F0",
"versionEndIncluding": "11.0.19",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable use after free vulnerability in the JavaScript engine\u0027s annotation-related API. Successful exploitation could lead to arbitrary code execution."
},
{
"lang": "es",
"value": "Las versiones de Adobe Acrobat Reader 11.0.19 y anteriores, 15.006.30280 y anteriores, 15.023.20070 y anteriores tienen un uso explotable despu\u00e9s de la vulnerabilidad gratuita en la API de anotaci\u00f3n del motor de JavaScript. Una explotaci\u00f3n exitosa podr\u00eda conducir a la ejecuci\u00f3n arbitraria de c\u00f3digo."
}
],
"id": "CVE-2017-3047",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-04-12T14:59:02.717",
"references": [
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/97550"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1038228"
},
{
"source": "psirt@adobe.com",
"tags": [
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
},
{
"source": "nvd@nist.gov",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-17-271/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/97550"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1038228"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-416"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-08-11 19:29
Modified
2025-04-20 01:37
Severity ?
Summary
Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conversion engine when processing Enhanced Metafile Format (EMF) data related to pixel block transfer. Successful exploitation could lead to arbitrary code execution.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| psirt@adobe.com | http://www.securityfocus.com/bid/100184 | Third Party Advisory, VDB Entry | |
| psirt@adobe.com | http://www.securitytracker.com/id/1039098 | Third Party Advisory, VDB Entry | |
| psirt@adobe.com | https://helpx.adobe.com/security/products/acrobat/apsb17-24.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/100184 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1039098 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://helpx.adobe.com/security/products/acrobat/apsb17-24.html | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| adobe | acrobat | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * | |
| apple | mac_os_x | * | |
| microsoft | windows | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A30D9514-FE2E-4A9C-9500-16890F53E970",
"versionEndIncluding": "11.0.20",
"versionStartIncluding": "11.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7C9B6745-48B3-47D5-B624-3321E9058FB6",
"versionEndIncluding": "17.011.30066",
"versionStartIncluding": "17.011.00000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "99D08096-DEEA-4409-835A-68479002FF0F",
"versionEndIncluding": "15.006.30306",
"versionStartIncluding": "15.006.30060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "C7A7FA12-9250-4E26-87AE-D5413A1B7D83",
"versionEndIncluding": "17.009.20058",
"versionStartIncluding": "15.007.20033",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "11A0E83A-9D77-4A0B-90DE-386D21D54146",
"versionEndIncluding": "17.011.30066",
"versionStartIncluding": "17.011.00000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "0E4BAFB4-C5F3-4033-9876-AC3CF37206F8",
"versionEndIncluding": "15.006.30306",
"versionStartIncluding": "15.006.30060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "7C578153-11EF-4F8D-9137-4F7AB8024D7E",
"versionEndIncluding": "17.009.20058",
"versionStartIncluding": "15.007.20033",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1F87CC97-6ED7-4AF1-B7B7-F89EA09A68DB",
"versionEndIncluding": "11.0.20",
"versionStartIncluding": "11.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conversion engine when processing Enhanced Metafile Format (EMF) data related to pixel block transfer. Successful exploitation could lead to arbitrary code execution."
},
{
"lang": "es",
"value": "Adobe Acrobat Reader 2017.009.20058 y anteriores, 2017.008.30051 y anteriores, 2015.006.30306 y anteriores, y 11.0.20 y anteriores tiene una vulnerabilidad de corrupci\u00f3n de memoria en el motor de conversi\u00f3n de imagen cuando procesa datos Enhanced Metafile Format (EMF) relacionados con la transferencia de bloques de p\u00edxeles. La explotaci\u00f3n con \u00e9xito de esta vulnerabilidad podr\u00eda permitir la ejecuci\u00f3n arbitraria de c\u00f3digo."
}
],
"id": "CVE-2017-11248",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-08-11T19:29:01.273",
"references": [
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/100184"
},
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039098"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/100184"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039098"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-07-13 02:00
Modified
2025-04-12 10:46
Severity ?
Summary
Heap-based buffer overflow in Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | mac_os_x | * | |
| microsoft | windows | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "48F7FCE4-6C44-45DA-B1F0-7808F497AA93",
"versionEndIncluding": "11.0.16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "3F3C7F23-77F4-4698-8E74-72917F2A83E9",
"versionEndIncluding": "15.006.30174",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "2E46BF91-F475-46CB-8575-13FE3A57BD55",
"versionEndIncluding": "15.016.20045",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "6D455EA4-9459-471D-8B4E-D7D78C1772F3",
"versionEndIncluding": "15.006.30174",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "79074ABD-9720-4298-A680-0B636FFC6151",
"versionEndIncluding": "15.016.20045",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CD2EDEC-3767-4713-ACD7-D463DAE2D273",
"versionEndIncluding": "11.0.16",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors."
},
{
"lang": "es",
"value": "Desbordamiento de buffer basado en memoria din\u00e1mica en Adobe Reader y Acrobat en versiones anteriores a 11.0.17, Acrobat y Acrobat Reader DC Classic en versiones a 15.006.30198, y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 15.017.20050 en Windows y OS X permite a atacantes ejecutar c\u00f3digo arbitrario a trav\u00e9s de vectores no especificados."
}
],
"id": "CVE-2016-4209",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-07-13T02:00:18.527",
"references": [
{
"source": "psirt@adobe.com",
"url": "http://www.securityfocus.com/bid/91711"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1036281"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/91711"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1036281"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-10-13 20:00
Modified
2025-04-12 10:46
Severity ?
Summary
Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | mac_os_x | * | |
| microsoft | windows | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CE518B7B-656F-42F8-BF38-F74B8D9CF5DE",
"versionEndIncluding": "11.0.17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "56758CE4-B394-41C2-9EF9-A00022DA7257",
"versionEndIncluding": "15.006.30201",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "B3F34EB4-2203-4BA8-9729-C1EB2DEEC334",
"versionEndIncluding": "15.017.20053",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "08EAC1A2-56CE-4375-822A-9B8C43758654",
"versionEndIncluding": "15.006.30201",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "747D8222-B077-49A3-83EB-A210CAF0D094",
"versionEndIncluding": "15.017.20053",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0A07526D-9AD0-4778-B9DC-57815F9F450F",
"versionEndIncluding": "11.0.17",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019."
},
{
"lang": "es",
"value": "Adobe Reader y Acrobat en versiones anteriores a 11.0.18, Acrobat y Acrobat Reader DC Classic en versiones anteriores a 15.006.30243 y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 15.020.20039 en Windows y OS X permiten a atacantes ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018 y CVE-2016-7019."
}
],
"id": "CVE-2016-7006",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-10-13T20:00:42.230",
"references": [
{
"source": "psirt@adobe.com",
"url": "http://www.securityfocus.com/bid/93496"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/93496"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-04-12 14:59
Modified
2025-04-20 01:37
Severity ?
Summary
Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability related to internal object representation manipulation. Successful exploitation could lead to arbitrary code execution.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * | |
| apple | mac_os_x | * | |
| microsoft | windows | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "920C2C98-5D86-4436-BEFF-54D9A41D43C8",
"versionEndIncluding": "11.0.19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "E065F497-3396-4F95-B19F-35628C8AA570",
"versionEndIncluding": "15.006.30280",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "FAC7EE17-469A-45D6-94B1-7C84E8727A06",
"versionEndIncluding": "15.023.20070",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "EF2B91EA-41D3-4054-958C-5F174D2ADDF0",
"versionEndIncluding": "15.006.30280",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "2E18E48C-BDDD-4A01-91F1-C233D53C0978",
"versionEndIncluding": "15.023.20070",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E65E415E-1C3C-472E-9750-3295B65CC6F0",
"versionEndIncluding": "11.0.19",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability related to internal object representation manipulation. Successful exploitation could lead to arbitrary code execution."
},
{
"lang": "es",
"value": "Las versiones de Adobe Acrobat Reader 11.0.19 y anteriores, 15.006.30280 y anteriores, 15.023.20070 y anteriores tienen una vulnerabilidad de corrupci\u00f3n de memoria explotable relacionada con la manipulaci\u00f3n de representaci\u00f3n de objetos internos. Una explotaci\u00f3n exitosa podr\u00eda conducir a la ejecuci\u00f3n arbitraria de c\u00f3digo."
}
],
"id": "CVE-2017-3025",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-04-12T14:59:02.017",
"references": [
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/97556"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1038228"
},
{
"source": "psirt@adobe.com",
"tags": [
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/97556"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1038228"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-05-11 10:59
Modified
2025-04-12 10:46
Severity ?
Summary
Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1045, CVE-2016-1046, CVE-2016-1047, CVE-2016-1048, CVE-2016-1050, CVE-2016-1051, CVE-2016-1052, CVE-2016-1053, CVE-2016-1054, CVE-2016-1055, CVE-2016-1056, CVE-2016-1057, CVE-2016-1058, CVE-2016-1059, CVE-2016-1060, CVE-2016-1061, CVE-2016-1065, CVE-2016-1066, CVE-2016-1067, CVE-2016-1068, CVE-2016-1069, CVE-2016-1070, CVE-2016-1075, CVE-2016-1094, CVE-2016-1121, CVE-2016-1122, CVE-2016-4102, and CVE-2016-4107.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | mac_os_x | * | |
| microsoft | windows | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3A70458C-0416-49BD-A371-1CFA85DC6A13",
"versionEndIncluding": "11.0.15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "E91D5928-1453-4359-9F35-46D9A3A9CD91",
"versionEndIncluding": "15.006.30121",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "504D35C5-04CB-4FBD-B9FD-4CBA71A5EC1A",
"versionEndIncluding": "15.010.20060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "A63411C3-E8AE-415D-B1B6-1EA6AA20494A",
"versionEndIncluding": "15.006.30121",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "B33BAE59-1F77-4F21-A5C0-B5D9D1D67F1E",
"versionEndIncluding": "15.010.20060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "15C60A67-A7DE-4B57-BC2B-28D9B546DA3B",
"versionEndIncluding": "11.0.15",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1045, CVE-2016-1046, CVE-2016-1047, CVE-2016-1048, CVE-2016-1050, CVE-2016-1051, CVE-2016-1052, CVE-2016-1053, CVE-2016-1054, CVE-2016-1055, CVE-2016-1056, CVE-2016-1057, CVE-2016-1058, CVE-2016-1059, CVE-2016-1060, CVE-2016-1061, CVE-2016-1065, CVE-2016-1066, CVE-2016-1067, CVE-2016-1068, CVE-2016-1069, CVE-2016-1070, CVE-2016-1075, CVE-2016-1094, CVE-2016-1121, CVE-2016-1122, CVE-2016-4102, and CVE-2016-4107."
},
{
"lang": "es",
"value": "Vulnerabilidad de uso despu\u00e9s de liberaci\u00f3n de memoria en Adobe Reader y Acrobat en versiones anteriores a 11.0.16, Acrobat y Acrobat Reader DC Classic en versiones anteriores a 15.006.30172 y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 15.016.20039 sobre Windows y OS X permite a atacantes ejecutar c\u00f3digo arbitrario a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-1045, CVE-2016-1046, CVE-2016-1047, CVE-2016-1048, CVE-2016-1050, CVE-2016-1051, CVE-2016-1052, CVE-2016-1053, CVE-2016-1054, CVE-2016-1055, CVE-2016-1056, CVE-2016-1057, CVE-2016-1058, CVE-2016-1059, CVE-2016-1060, CVE-2016-1061, CVE-2016-1065, CVE-2016-1066, CVE-2016-1067, CVE-2016-1068, CVE-2016-1069, CVE-2016-1070, CVE-2016-1075, CVE-2016-1094, CVE-2016-1121, CVE-2016-1122, CVE-2016-4102 y CVE-2016-4107."
}
],
"evaluatorComment": "\u003ca href=\"http://cwe.mitre.org/data/definitions/416.html\"\u003eCWE-416: Use After Free\u003c/a\u003e",
"id": "CVE-2016-1049",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-05-11T10:59:14.567",
"references": [
{
"source": "psirt@adobe.com",
"url": "http://www.securityfocus.com/bid/90512"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"source": "psirt@adobe.com",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-297"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/90512"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-297"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-01-24 07:59
Modified
2025-04-20 01:37
Severity ?
Summary
Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable memory corruption vulnerability in the image conversion module related to JPEG parsing. Successful exploitation could lead to arbitrary code execution.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| psirt@adobe.com | http://www.securityfocus.com/bid/95690 | Third Party Advisory, VDB Entry | |
| psirt@adobe.com | https://helpx.adobe.com/security/products/acrobat/apsb17-01.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/95690 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://helpx.adobe.com/security/products/acrobat/apsb17-01.html | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * | |
| apple | mac_os_x | * | |
| microsoft | windows | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "591061D5-5A3B-4788-9219-E6A267C7F205",
"versionEndIncluding": "11.0.18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "2DA73DF1-D517-4D01-A901-11C6A410F3F7",
"versionEndIncluding": "15.006.30244",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "1044057B-3C1D-4920-B16E-11E8F43B416D",
"versionEndIncluding": "15.020.20042",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "65AE21B3-AF0D-480B-9D1A-4D64D2F749D2",
"versionEndIncluding": "15.006.30244",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "C032D3A4-80F5-4066-97DC-3AED72D6C15A",
"versionEndIncluding": "15.020.20042",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8D7F2E90-F6DF-41A3-A1DB-26058BEA2A02",
"versionEndIncluding": "11.0.18",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable memory corruption vulnerability in the image conversion module related to JPEG parsing. Successful exploitation could lead to arbitrary code execution."
},
{
"lang": "es",
"value": "Las versiones de Adobe Acrobat Reader 15.020.20042 y anteriores, 15.006.30244 y anteriores, 11.0.18 y anteriores tienen una vulnerabilidad explotable de corrupci\u00f3n de memoria en el m\u00f3dulo de conversaci\u00f3n de im\u00e1genes relacionado con el an\u00e1lisis JPEG. Una explotaci\u00f3n exitosa podr\u00eda conducir a la ejecuci\u00f3n de c\u00f3digo arbitrario."
}
],
"id": "CVE-2017-2972",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-01-24T07:59:00.257",
"references": [
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/95690"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/95690"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-05-11 10:59
Modified
2025-04-12 10:46
Severity ?
Summary
Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | mac_os_x | * | |
| microsoft | windows | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3A70458C-0416-49BD-A371-1CFA85DC6A13",
"versionEndIncluding": "11.0.15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "E91D5928-1453-4359-9F35-46D9A3A9CD91",
"versionEndIncluding": "15.006.30121",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "504D35C5-04CB-4FBD-B9FD-4CBA71A5EC1A",
"versionEndIncluding": "15.010.20060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "A63411C3-E8AE-415D-B1B6-1EA6AA20494A",
"versionEndIncluding": "15.006.30121",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "B33BAE59-1F77-4F21-A5C0-B5D9D1D67F1E",
"versionEndIncluding": "15.010.20060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "15C60A67-A7DE-4B57-BC2B-28D9B546DA3B",
"versionEndIncluding": "11.0.15",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105."
},
{
"lang": "es",
"value": "Adobe Reader y Acrobat en versiones anteriores a 11.0.16, Acrobat y Acrobat Reader DC Classic en versiones anteriores a 15.006.30172 y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 15.016.20039 sobre Windows y OS X permiten a atacantes ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104 y CVE-2016-4105."
}
],
"id": "CVE-2016-1082",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-05-11T10:59:52.547",
"references": [
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-04-12 14:59
Modified
2025-04-20 01:37
Severity ?
Summary
Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have a memory address leak vulnerability in the JPEG 2000 parser engine.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * | |
| apple | mac_os_x | * | |
| microsoft | windows | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "920C2C98-5D86-4436-BEFF-54D9A41D43C8",
"versionEndIncluding": "11.0.19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "E065F497-3396-4F95-B19F-35628C8AA570",
"versionEndIncluding": "15.006.30280",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "FAC7EE17-469A-45D6-94B1-7C84E8727A06",
"versionEndIncluding": "15.023.20070",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "EF2B91EA-41D3-4054-958C-5F174D2ADDF0",
"versionEndIncluding": "15.006.30280",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "2E18E48C-BDDD-4A01-91F1-C233D53C0978",
"versionEndIncluding": "15.023.20070",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E65E415E-1C3C-472E-9750-3295B65CC6F0",
"versionEndIncluding": "11.0.19",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have a memory address leak vulnerability in the JPEG 2000 parser engine."
},
{
"lang": "es",
"value": "Las versiones de Adobe Acrobat Reader 11.0.19 y anteriores, 15.006.30280 y anteriores, 15.023.20070 y anteriores tienen una vulnerabilidad de fuga de direcci\u00f3n de memoria en el motor del analizador JPEG 2000."
}
],
"id": "CVE-2017-3021",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-04-12T14:59:01.890",
"references": [
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/97554"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1038228"
},
{
"source": "psirt@adobe.com",
"tags": [
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/97554"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1038228"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-04-12 14:59
Modified
2025-04-20 01:37
Severity ?
Summary
Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have a memory address leak vulnerability when handling a JPEG 2000 code-stream.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| psirt@adobe.com | http://www.securityfocus.com/bid/97554 | Third Party Advisory, VDB Entry | |
| psirt@adobe.com | http://www.securitytracker.com/id/1038228 | ||
| psirt@adobe.com | https://helpx.adobe.com/security/products/acrobat/apsb17-11.html | Vendor Advisory | |
| nvd@nist.gov | http://www.zerodayinitiative.com/advisories/ZDI-17-255/ | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/97554 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1038228 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://helpx.adobe.com/security/products/acrobat/apsb17-11.html | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * | |
| apple | mac_os_x | * | |
| microsoft | windows | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "920C2C98-5D86-4436-BEFF-54D9A41D43C8",
"versionEndIncluding": "11.0.19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "E065F497-3396-4F95-B19F-35628C8AA570",
"versionEndIncluding": "15.006.30280",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "FAC7EE17-469A-45D6-94B1-7C84E8727A06",
"versionEndIncluding": "15.023.20070",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "EF2B91EA-41D3-4054-958C-5F174D2ADDF0",
"versionEndIncluding": "15.006.30280",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "2E18E48C-BDDD-4A01-91F1-C233D53C0978",
"versionEndIncluding": "15.023.20070",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E65E415E-1C3C-472E-9750-3295B65CC6F0",
"versionEndIncluding": "11.0.19",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have a memory address leak vulnerability when handling a JPEG 2000 code-stream."
},
{
"lang": "es",
"value": "Las versiones de Adobe Acrobat Reader 11.0.19 y anteriores, 15.006.30280 y anteriores, 15.023.20070 y anteriores tienen una vulnerabilidad de fuga de direcci\u00f3n de memoria al manejar un flujo de c\u00f3digo JPEG 2000."
}
],
"id": "CVE-2017-3029",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-04-12T14:59:02.157",
"references": [
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/97554"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1038228"
},
{
"source": "psirt@adobe.com",
"tags": [
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
},
{
"source": "nvd@nist.gov",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-17-255/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/97554"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1038228"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-08-11 19:29
Modified
2025-04-20 01:37
Severity ?
Summary
Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conversion engine when processing Enhanced Metafile Format (EMF) data related to drawing of Unicode text strings. Successful exploitation could lead to arbitrary code execution.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| psirt@adobe.com | http://www.securityfocus.com/bid/100184 | Third Party Advisory, VDB Entry | |
| psirt@adobe.com | http://www.securitytracker.com/id/1039098 | Third Party Advisory, VDB Entry | |
| psirt@adobe.com | https://helpx.adobe.com/security/products/acrobat/apsb17-24.html | Patch, Vendor Advisory | |
| nvd@nist.gov | http://www.zerodayinitiative.com/advisories/ZDI-17-586 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/100184 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1039098 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://helpx.adobe.com/security/products/acrobat/apsb17-24.html | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| adobe | acrobat | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * | |
| apple | mac_os_x | * | |
| microsoft | windows | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A30D9514-FE2E-4A9C-9500-16890F53E970",
"versionEndIncluding": "11.0.20",
"versionStartIncluding": "11.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7C9B6745-48B3-47D5-B624-3321E9058FB6",
"versionEndIncluding": "17.011.30066",
"versionStartIncluding": "17.011.00000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "99D08096-DEEA-4409-835A-68479002FF0F",
"versionEndIncluding": "15.006.30306",
"versionStartIncluding": "15.006.30060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "C7A7FA12-9250-4E26-87AE-D5413A1B7D83",
"versionEndIncluding": "17.009.20058",
"versionStartIncluding": "15.007.20033",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "11A0E83A-9D77-4A0B-90DE-386D21D54146",
"versionEndIncluding": "17.011.30066",
"versionStartIncluding": "17.011.00000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "0E4BAFB4-C5F3-4033-9876-AC3CF37206F8",
"versionEndIncluding": "15.006.30306",
"versionStartIncluding": "15.006.30060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "7C578153-11EF-4F8D-9137-4F7AB8024D7E",
"versionEndIncluding": "17.009.20058",
"versionStartIncluding": "15.007.20033",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1F87CC97-6ED7-4AF1-B7B7-F89EA09A68DB",
"versionEndIncluding": "11.0.20",
"versionStartIncluding": "11.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conversion engine when processing Enhanced Metafile Format (EMF) data related to drawing of Unicode text strings. Successful exploitation could lead to arbitrary code execution."
},
{
"lang": "es",
"value": "Adobe Acrobat Reader 2017.009.20058 y anteriores, 2017.008.30051 y anteriores, 2015.006.30306 y anteriores, y 11.0.20 y anteriores tiene una vulnerabilidad de corrupci\u00f3n de memoria en el motor de conversi\u00f3n de imagen cuando procesa datos Enhanced Metafile Format (EMF) relacionados con el dibujado de cadenas de texto Unicode. La explotaci\u00f3n con \u00e9xito de esta vulnerabilidad podr\u00eda permitir la ejecuci\u00f3n arbitraria de c\u00f3digo."
}
],
"id": "CVE-2017-11217",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-08-11T19:29:00.413",
"references": [
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/100184"
},
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039098"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"source": "nvd@nist.gov",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-17-586"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/100184"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039098"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-10-13 19:59
Modified
2025-04-12 10:46
Severity ?
Summary
Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | mac_os_x | * | |
| microsoft | windows | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CE518B7B-656F-42F8-BF38-F74B8D9CF5DE",
"versionEndIncluding": "11.0.17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "56758CE4-B394-41C2-9EF9-A00022DA7257",
"versionEndIncluding": "15.006.30201",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "B3F34EB4-2203-4BA8-9729-C1EB2DEEC334",
"versionEndIncluding": "15.017.20053",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "08EAC1A2-56CE-4375-822A-9B8C43758654",
"versionEndIncluding": "15.006.30201",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "747D8222-B077-49A3-83EB-A210CAF0D094",
"versionEndIncluding": "15.017.20053",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0A07526D-9AD0-4778-B9DC-57815F9F450F",
"versionEndIncluding": "11.0.17",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019."
},
{
"lang": "es",
"value": "Adobe Reader y Acrobat en versiones anteriores a 11.0.18, Acrobat y Acrobat Reader DC Classic en versiones anteriores a 15.006.30243 y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 15.020.20039 en Windows y OS X permiten a atacantes ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018 y CVE-2016-7019."
}
],
"id": "CVE-2016-6940",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-10-13T19:59:08.517",
"references": [
{
"source": "psirt@adobe.com",
"url": "http://www.securityfocus.com/bid/93496"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/93496"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-07-13 02:00
Modified
2025-04-12 10:46
Severity ?
Summary
Integer overflow in Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | mac_os_x | * | |
| microsoft | windows | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "48F7FCE4-6C44-45DA-B1F0-7808F497AA93",
"versionEndIncluding": "11.0.16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "3F3C7F23-77F4-4698-8E74-72917F2A83E9",
"versionEndIncluding": "15.006.30174",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "2E46BF91-F475-46CB-8575-13FE3A57BD55",
"versionEndIncluding": "15.016.20045",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "6D455EA4-9459-471D-8B4E-D7D78C1772F3",
"versionEndIncluding": "15.006.30174",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "79074ABD-9720-4298-A680-0B636FFC6151",
"versionEndIncluding": "15.016.20045",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CD2EDEC-3767-4713-ACD7-D463DAE2D273",
"versionEndIncluding": "11.0.16",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Integer overflow in Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors."
},
{
"lang": "es",
"value": "Desbordamiento de entero en Adobe Reader y Acrobat en versiones anteriores a 11.0.17, Acrobat y Acrobat Reader DC Classic en versiones anteriores a 15.006.30198 y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 15.017.20050 en Windows y OS X permite a atacantes ejecutar c\u00f3digo arbitrario a trav\u00e9s de vectores no especificados."
}
],
"id": "CVE-2016-4210",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-07-13T02:00:19.447",
"references": [
{
"source": "psirt@adobe.com",
"url": "http://www.securityfocus.com/bid/91710"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1036281"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/91710"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1036281"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-10-13 20:00
Modified
2025-04-12 10:46
Severity ?
Summary
Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | mac_os_x | * | |
| microsoft | windows | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CE518B7B-656F-42F8-BF38-F74B8D9CF5DE",
"versionEndIncluding": "11.0.17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "56758CE4-B394-41C2-9EF9-A00022DA7257",
"versionEndIncluding": "15.006.30201",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "B3F34EB4-2203-4BA8-9729-C1EB2DEEC334",
"versionEndIncluding": "15.017.20053",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "08EAC1A2-56CE-4375-822A-9B8C43758654",
"versionEndIncluding": "15.006.30201",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "747D8222-B077-49A3-83EB-A210CAF0D094",
"versionEndIncluding": "15.017.20053",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0A07526D-9AD0-4778-B9DC-57815F9F450F",
"versionEndIncluding": "11.0.17",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019."
},
{
"lang": "es",
"value": "Adobe Reader y Acrobat en versiones anteriores a 11.0.18, Acrobat y Acrobat Reader DC Classic en versiones anteriores a 15.006.30243 y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 15.020.20039 en Windows y OS X permiten a atacantes ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018 y CVE-2016-7019."
}
],
"id": "CVE-2016-7008",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-10-13T20:00:45.460",
"references": [
{
"source": "psirt@adobe.com",
"url": "http://www.securityfocus.com/bid/93496"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/93496"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-10-13 20:00
Modified
2025-04-12 10:46
Severity ?
Summary
Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | mac_os_x | * | |
| microsoft | windows | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CE518B7B-656F-42F8-BF38-F74B8D9CF5DE",
"versionEndIncluding": "11.0.17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "56758CE4-B394-41C2-9EF9-A00022DA7257",
"versionEndIncluding": "15.006.30201",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "B3F34EB4-2203-4BA8-9729-C1EB2DEEC334",
"versionEndIncluding": "15.017.20053",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "08EAC1A2-56CE-4375-822A-9B8C43758654",
"versionEndIncluding": "15.006.30201",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "747D8222-B077-49A3-83EB-A210CAF0D094",
"versionEndIncluding": "15.017.20053",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0A07526D-9AD0-4778-B9DC-57815F9F450F",
"versionEndIncluding": "11.0.17",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019."
},
{
"lang": "es",
"value": "Adobe Reader y Acrobat en versiones anteriores a 11.0.18, Acrobat y Acrobat Reader DC Classic en versiones anteriores a 15.006.30243 y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 15.020.20039 en Windows y OS X permiten a atacantes ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018 y CVE-2016-7019."
}
],
"id": "CVE-2016-7004",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-10-13T20:00:38.253",
"references": [
{
"source": "psirt@adobe.com",
"url": "http://www.securityfocus.com/bid/93496"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/93496"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-01-11 04:59
Modified
2025-04-20 01:37
Severity ?
Summary
Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable use after free vulnerability in the XFA engine, related to sub-form functionality. Successful exploitation could lead to arbitrary code execution.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * | |
| apple | mac_os_x | * | |
| microsoft | windows | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "591061D5-5A3B-4788-9219-E6A267C7F205",
"versionEndIncluding": "11.0.18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "2DA73DF1-D517-4D01-A901-11C6A410F3F7",
"versionEndIncluding": "15.006.30244",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "1044057B-3C1D-4920-B16E-11E8F43B416D",
"versionEndIncluding": "15.020.20042",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "65AE21B3-AF0D-480B-9D1A-4D64D2F749D2",
"versionEndIncluding": "15.006.30244",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "C032D3A4-80F5-4066-97DC-3AED72D6C15A",
"versionEndIncluding": "15.020.20042",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8D7F2E90-F6DF-41A3-A1DB-26058BEA2A02",
"versionEndIncluding": "11.0.18",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable use after free vulnerability in the XFA engine, related to sub-form functionality. Successful exploitation could lead to arbitrary code execution."
},
{
"lang": "es",
"value": "Las versiones de Adobe Acrobat Reader 15.020.20042 y anteriores, 15.006.30244 y anteriores, 11.0.18 y anteriores tienen una vulnerabilidad de uso despu\u00e9s de liberaci\u00f3n de memoria explotable en el motor XFA, relacionado con la funcionalidad de subformulario. Una explotaci\u00f3n satisfactoria podr\u00eda conducir a la ejecuci\u00f3n de c\u00f3digo arbitrario."
}
],
"id": "CVE-2017-2951",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-01-11T04:59:01.397",
"references": [
{
"source": "psirt@adobe.com",
"url": "http://www.securityfocus.com/bid/95343"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1037574"
},
{
"source": "psirt@adobe.com",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-17-022"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/95343"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1037574"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-17-022"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-416"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-05-11 11:00
Modified
2025-04-12 10:46
Severity ?
Summary
Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | mac_os_x | * | |
| microsoft | windows | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3A70458C-0416-49BD-A371-1CFA85DC6A13",
"versionEndIncluding": "11.0.15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "E91D5928-1453-4359-9F35-46D9A3A9CD91",
"versionEndIncluding": "15.006.30121",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "504D35C5-04CB-4FBD-B9FD-4CBA71A5EC1A",
"versionEndIncluding": "15.010.20060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "A63411C3-E8AE-415D-B1B6-1EA6AA20494A",
"versionEndIncluding": "15.006.30121",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "B33BAE59-1F77-4F21-A5C0-B5D9D1D67F1E",
"versionEndIncluding": "15.010.20060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "15C60A67-A7DE-4B57-BC2B-28D9B546DA3B",
"versionEndIncluding": "11.0.15",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105."
},
{
"lang": "es",
"value": "Adobe Reader y Acrobat en versiones anteriores a 11.0.16, Acrobat y Acrobat Reader DC Classic en versiones anteriores a 15.006.30172 y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 15.016.20039 sobre Windows y OS X permiten a atacantes ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104 y CVE-2016-4105."
}
],
"id": "CVE-2016-1119",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-05-11T11:00:27.937",
"references": [
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-07-13 02:00
Modified
2025-04-12 10:46
Severity ?
Summary
Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4191, CVE-2016-4192, CVE-2016-4193, CVE-2016-4194, CVE-2016-4195, CVE-2016-4196, CVE-2016-4197, CVE-2016-4198, CVE-2016-4199, CVE-2016-4200, CVE-2016-4201, CVE-2016-4203, CVE-2016-4204, CVE-2016-4205, CVE-2016-4206, CVE-2016-4207, CVE-2016-4208, CVE-2016-4211, CVE-2016-4212, CVE-2016-4213, CVE-2016-4214, CVE-2016-4250, CVE-2016-4251, CVE-2016-4252, and CVE-2016-4254.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | mac_os_x | * | |
| microsoft | windows | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "48F7FCE4-6C44-45DA-B1F0-7808F497AA93",
"versionEndIncluding": "11.0.16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "3F3C7F23-77F4-4698-8E74-72917F2A83E9",
"versionEndIncluding": "15.006.30174",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "2E46BF91-F475-46CB-8575-13FE3A57BD55",
"versionEndIncluding": "15.016.20045",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "6D455EA4-9459-471D-8B4E-D7D78C1772F3",
"versionEndIncluding": "15.006.30174",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "79074ABD-9720-4298-A680-0B636FFC6151",
"versionEndIncluding": "15.016.20045",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CD2EDEC-3767-4713-ACD7-D463DAE2D273",
"versionEndIncluding": "11.0.16",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4191, CVE-2016-4192, CVE-2016-4193, CVE-2016-4194, CVE-2016-4195, CVE-2016-4196, CVE-2016-4197, CVE-2016-4198, CVE-2016-4199, CVE-2016-4200, CVE-2016-4201, CVE-2016-4203, CVE-2016-4204, CVE-2016-4205, CVE-2016-4206, CVE-2016-4207, CVE-2016-4208, CVE-2016-4211, CVE-2016-4212, CVE-2016-4213, CVE-2016-4214, CVE-2016-4250, CVE-2016-4251, CVE-2016-4252, and CVE-2016-4254."
},
{
"lang": "es",
"value": "Adobe Reader y Acrobat en versiones anteriores a 11.0.17, Acrobat y Acrobat Reader DC Classic en versiones anteriores a 15.006.30198 y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 15.017.20050 en Windows y OS X permiten a atacantes ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-4191, CVE-2016-4192, CVE-2016-4193, CVE-2016-4194, CVE-2016-4195, CVE-2016-4196, CVE-2016-4197, CVE-2016-4198, CVE-2016-4199, CVE-2016-4200, CVE-2016-4201, CVE-2016-4203, CVE-2016-4204, CVE-2016-4205, CVE-2016-4206, CVE-2016-4207, CVE-2016-4208, CVE-2016-4211, CVE-2016-4212, CVE-2016-4213, CVE-2016-4214, CVE-2016-4250, CVE-2016-4251, CVE-2016-4252 y CVE-2016-4254."
}
],
"id": "CVE-2016-4202",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-07-13T02:00:12.087",
"references": [
{
"source": "psirt@adobe.com",
"url": "http://www.securityfocus.com/bid/91716"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1036281"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/91716"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1036281"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-10-13 19:59
Modified
2025-04-12 10:46
Severity ?
Summary
Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1089, CVE-2016-1091, CVE-2016-6944, CVE-2016-6945, CVE-2016-6946, CVE-2016-6949, CVE-2016-6952, CVE-2016-6953, CVE-2016-6961, CVE-2016-6962, CVE-2016-6963, CVE-2016-6964, CVE-2016-6965, CVE-2016-6967, CVE-2016-6968, CVE-2016-6969, CVE-2016-6971, CVE-2016-6988, and CVE-2016-6993.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | mac_os_x | * | |
| microsoft | windows | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CE518B7B-656F-42F8-BF38-F74B8D9CF5DE",
"versionEndIncluding": "11.0.17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "56758CE4-B394-41C2-9EF9-A00022DA7257",
"versionEndIncluding": "15.006.30201",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "B3F34EB4-2203-4BA8-9729-C1EB2DEEC334",
"versionEndIncluding": "15.017.20053",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "08EAC1A2-56CE-4375-822A-9B8C43758654",
"versionEndIncluding": "15.006.30201",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "747D8222-B077-49A3-83EB-A210CAF0D094",
"versionEndIncluding": "15.017.20053",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0A07526D-9AD0-4778-B9DC-57815F9F450F",
"versionEndIncluding": "11.0.17",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1089, CVE-2016-1091, CVE-2016-6944, CVE-2016-6945, CVE-2016-6946, CVE-2016-6949, CVE-2016-6952, CVE-2016-6953, CVE-2016-6961, CVE-2016-6962, CVE-2016-6963, CVE-2016-6964, CVE-2016-6965, CVE-2016-6967, CVE-2016-6968, CVE-2016-6969, CVE-2016-6971, CVE-2016-6988, and CVE-2016-6993."
},
{
"lang": "es",
"value": "Vulnerabilidad de uso despu\u00e9s de liberaci\u00f3n de memoria en Adobe Reader y Acrobat en versiones anteriores a 11.0.18, Acrobat y Acrobat Reader DC Classic en versiones anteriores a 15.006.30243 y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 15.020.20039 en Windows y OS X permite a atacantes ejecutar c\u00f3digo arbitrario a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-1089, CVE-2016-1091, CVE-2016-6944, CVE-2016-6945, CVE-2016-6946, CVE-2016-6949, CVE-2016-6952, CVE-2016-6953, CVE-2016-6961, CVE-2016-6962, CVE-2016-6963, CVE-2016-6964, CVE-2016-6965, CVE-2016-6967, CVE-2016-6968, CVE-2016-6969, CVE-2016-6971, CVE-2016-6988 y CVE-2016-6993."
}
],
"id": "CVE-2016-6979",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-10-13T19:59:51.767",
"references": [
{
"source": "psirt@adobe.com",
"url": "http://www.securityfocus.com/bid/93491"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/93491"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-416"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-04-12 14:59
Modified
2025-04-20 01:37
Severity ?
Summary
Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable use after free vulnerability in XML Forms Architecture (XFA) related to reset form functionality. Successful exploitation could lead to arbitrary code execution.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * | |
| apple | mac_os_x | * | |
| microsoft | windows | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "920C2C98-5D86-4436-BEFF-54D9A41D43C8",
"versionEndIncluding": "11.0.19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "E065F497-3396-4F95-B19F-35628C8AA570",
"versionEndIncluding": "15.006.30280",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "FAC7EE17-469A-45D6-94B1-7C84E8727A06",
"versionEndIncluding": "15.023.20070",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "EF2B91EA-41D3-4054-958C-5F174D2ADDF0",
"versionEndIncluding": "15.006.30280",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "2E18E48C-BDDD-4A01-91F1-C233D53C0978",
"versionEndIncluding": "15.023.20070",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E65E415E-1C3C-472E-9750-3295B65CC6F0",
"versionEndIncluding": "11.0.19",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable use after free vulnerability in XML Forms Architecture (XFA) related to reset form functionality. Successful exploitation could lead to arbitrary code execution."
},
{
"lang": "es",
"value": "Las versiones de Adobe Acrobat Reader 11.0.19 y anteriores, 15.006.30280 y anteriores, 15.023.20070 y anteriores tienen un uso despu\u00e9s de liberaci\u00f3n explotable despu\u00e9s de la vulnerabilidad XML Forms Architecture (XFA) relacionada con la funcionalidad del formulario de restablecimiento. Una explotaci\u00f3n exitosa podr\u00eda conducir a la ejecuci\u00f3n arbitraria de c\u00f3digo."
}
],
"id": "CVE-2017-3014",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-04-12T14:59:01.703",
"references": [
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/97550"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1038228"
},
{
"source": "psirt@adobe.com",
"tags": [
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/97550"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1038228"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-416"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-05-11 11:00
Modified
2025-04-12 10:46
Severity ?
Summary
Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| psirt@adobe.com | http://www.securitytracker.com/id/1035828 | Third Party Advisory, VDB Entry | |
| psirt@adobe.com | https://helpx.adobe.com/security/products/acrobat/apsb16-14.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1035828 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://helpx.adobe.com/security/products/acrobat/apsb16-14.html | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | mac_os_x | * | |
| microsoft | windows | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3A70458C-0416-49BD-A371-1CFA85DC6A13",
"versionEndIncluding": "11.0.15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "E91D5928-1453-4359-9F35-46D9A3A9CD91",
"versionEndIncluding": "15.006.30121",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "504D35C5-04CB-4FBD-B9FD-4CBA71A5EC1A",
"versionEndIncluding": "15.010.20060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "A63411C3-E8AE-415D-B1B6-1EA6AA20494A",
"versionEndIncluding": "15.006.30121",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "B33BAE59-1F77-4F21-A5C0-B5D9D1D67F1E",
"versionEndIncluding": "15.010.20060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "15C60A67-A7DE-4B57-BC2B-28D9B546DA3B",
"versionEndIncluding": "11.0.15",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105."
},
{
"lang": "es",
"value": "Adobe Reader y Acrobat en versiones anteriores a 11.0.16, Acrobat y Acrobat Reader DC Classic en versiones anteriores a 15.006.30172 y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 15.016.20039 sobre Windows y OS X permiten a atacantes ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104 y CVE-2016-4105."
}
],
"id": "CVE-2016-4098",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-05-11T11:00:50.090",
"references": [
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1035828"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1035828"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-05-11 10:59
Modified
2025-04-12 10:46
Severity ?
Summary
Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1045, CVE-2016-1046, CVE-2016-1047, CVE-2016-1048, CVE-2016-1049, CVE-2016-1050, CVE-2016-1051, CVE-2016-1052, CVE-2016-1053, CVE-2016-1055, CVE-2016-1056, CVE-2016-1057, CVE-2016-1058, CVE-2016-1059, CVE-2016-1060, CVE-2016-1061, CVE-2016-1065, CVE-2016-1066, CVE-2016-1067, CVE-2016-1068, CVE-2016-1069, CVE-2016-1070, CVE-2016-1075, CVE-2016-1094, CVE-2016-1121, CVE-2016-1122, CVE-2016-4102, and CVE-2016-4107.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | mac_os_x | * | |
| microsoft | windows | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3A70458C-0416-49BD-A371-1CFA85DC6A13",
"versionEndIncluding": "11.0.15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "E91D5928-1453-4359-9F35-46D9A3A9CD91",
"versionEndIncluding": "15.006.30121",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "504D35C5-04CB-4FBD-B9FD-4CBA71A5EC1A",
"versionEndIncluding": "15.010.20060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "A63411C3-E8AE-415D-B1B6-1EA6AA20494A",
"versionEndIncluding": "15.006.30121",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "B33BAE59-1F77-4F21-A5C0-B5D9D1D67F1E",
"versionEndIncluding": "15.010.20060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "15C60A67-A7DE-4B57-BC2B-28D9B546DA3B",
"versionEndIncluding": "11.0.15",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1045, CVE-2016-1046, CVE-2016-1047, CVE-2016-1048, CVE-2016-1049, CVE-2016-1050, CVE-2016-1051, CVE-2016-1052, CVE-2016-1053, CVE-2016-1055, CVE-2016-1056, CVE-2016-1057, CVE-2016-1058, CVE-2016-1059, CVE-2016-1060, CVE-2016-1061, CVE-2016-1065, CVE-2016-1066, CVE-2016-1067, CVE-2016-1068, CVE-2016-1069, CVE-2016-1070, CVE-2016-1075, CVE-2016-1094, CVE-2016-1121, CVE-2016-1122, CVE-2016-4102, and CVE-2016-4107."
},
{
"lang": "es",
"value": "Vulnerabilidad de uso despu\u00e9s de liberaci\u00f3n de memoria en Adobe Reader y Acrobat en versiones anteriores a 11.0.16, Acrobat y Acrobat Reader DC Classic en versiones anteriores a 15.006.30172 y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 15.016.20039 sobre Windows y OS X permite a atacantes ejecutar c\u00f3digo arbitrario a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-1045, CVE-2016-1046, CVE-2016-1047, CVE-2016-1048, CVE-2016-1049, CVE-2016-1050, CVE-2016-1051, CVE-2016-1052, CVE-2016-1053, CVE-2016-1055, CVE-2016-1056, CVE-2016-1057, CVE-2016-1058, CVE-2016-1059, CVE-2016-1060, CVE-2016-1061, CVE-2016-1065, CVE-2016-1066, CVE-2016-1067, CVE-2016-1068, CVE-2016-1069, CVE-2016-1070, CVE-2016-1075, CVE-2016-1094, CVE-2016-1121, CVE-2016-1122, CVE-2016-4102 y CVE-2016-4107."
}
],
"evaluatorComment": "\u003ca href=\"http://cwe.mitre.org/data/definitions/416.html\"\u003eCWE-416: Use After Free\u003c/a\u003e",
"id": "CVE-2016-1054",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-05-11T10:59:20.143",
"references": [
{
"source": "psirt@adobe.com",
"url": "http://www.securityfocus.com/bid/90512"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"source": "psirt@adobe.com",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-302"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/90512"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-302"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-04-12 14:59
Modified
2025-04-20 01:37
Severity ?
Summary
Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable heap overflow vulnerability in image conversion, related to parsing offsets in TIFF files. Successful exploitation could lead to arbitrary code execution.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| psirt@adobe.com | http://www.securityfocus.com/bid/97549 | Third Party Advisory, VDB Entry | |
| psirt@adobe.com | http://www.securitytracker.com/id/1038228 | ||
| psirt@adobe.com | https://helpx.adobe.com/security/products/acrobat/apsb17-11.html | Vendor Advisory | |
| nvd@nist.gov | http://www.zerodayinitiative.com/advisories/ZDI-17-265/ | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/97549 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1038228 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://helpx.adobe.com/security/products/acrobat/apsb17-11.html | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * | |
| apple | mac_os_x | * | |
| microsoft | windows | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "920C2C98-5D86-4436-BEFF-54D9A41D43C8",
"versionEndIncluding": "11.0.19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "E065F497-3396-4F95-B19F-35628C8AA570",
"versionEndIncluding": "15.006.30280",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "FAC7EE17-469A-45D6-94B1-7C84E8727A06",
"versionEndIncluding": "15.023.20070",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "EF2B91EA-41D3-4054-958C-5F174D2ADDF0",
"versionEndIncluding": "15.006.30280",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "2E18E48C-BDDD-4A01-91F1-C233D53C0978",
"versionEndIncluding": "15.023.20070",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E65E415E-1C3C-472E-9750-3295B65CC6F0",
"versionEndIncluding": "11.0.19",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable heap overflow vulnerability in image conversion, related to parsing offsets in TIFF files. Successful exploitation could lead to arbitrary code execution."
},
{
"lang": "es",
"value": "Las versiones de Adobe Acrobat Reader 11.0.19 y anteriores, 15.006.30280 y anteriores, 15.023.20070 y anteriores tienen una vulnerabilidad explotable de desbordamiento de memoria din\u00e1mica en la conversi\u00f3n de im\u00e1genes, relacionada con el an\u00e1lisis de desplazamientos en archivos TIFF. Una explotaci\u00f3n exitosa podr\u00eda conducir a la ejecuci\u00f3n arbitraria de c\u00f3digo."
}
],
"id": "CVE-2017-3042",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-04-12T14:59:02.563",
"references": [
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/97549"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1038228"
},
{
"source": "psirt@adobe.com",
"tags": [
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
},
{
"source": "nvd@nist.gov",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-17-265/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/97549"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1038228"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-10-21 17:59
Modified
2025-04-12 10:46
Severity ?
Summary
Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, CVE-2016-7019, CVE-2016-7852, and CVE-2016-7853.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | mac_os_x | * | |
| microsoft | windows | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CE518B7B-656F-42F8-BF38-F74B8D9CF5DE",
"versionEndIncluding": "11.0.17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "56758CE4-B394-41C2-9EF9-A00022DA7257",
"versionEndIncluding": "15.006.30201",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "B3F34EB4-2203-4BA8-9729-C1EB2DEEC334",
"versionEndIncluding": "15.017.20053",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "08EAC1A2-56CE-4375-822A-9B8C43758654",
"versionEndIncluding": "15.006.30201",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "747D8222-B077-49A3-83EB-A210CAF0D094",
"versionEndIncluding": "15.017.20053",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0A07526D-9AD0-4778-B9DC-57815F9F450F",
"versionEndIncluding": "11.0.17",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, CVE-2016-7019, CVE-2016-7852, and CVE-2016-7853."
},
{
"lang": "es",
"value": "Adobe Reader y Acrobat en versiones anteriores a 11.0.18, Acrobat y Acrobat Reader DC Classic en versiones anteriores a 15.006.30243 y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 15.020.20039 en Windows y OS X permiten a atacantes ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, CVE-2016-7019, CVE-2016-7852 y CVE-2016-7853."
}
],
"id": "CVE-2016-7854",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-10-21T17:59:04.310",
"references": [
{
"source": "psirt@adobe.com",
"url": "http://www.securityfocus.com/bid/93496"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/93496"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-05-11 11:00
Modified
2025-04-12 10:46
Severity ?
Summary
Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to obtain sensitive information via unspecified vectors.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | mac_os_x | * | |
| microsoft | windows | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3A70458C-0416-49BD-A371-1CFA85DC6A13",
"versionEndIncluding": "11.0.15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "E91D5928-1453-4359-9F35-46D9A3A9CD91",
"versionEndIncluding": "15.006.30121",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "504D35C5-04CB-4FBD-B9FD-4CBA71A5EC1A",
"versionEndIncluding": "15.010.20060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "A63411C3-E8AE-415D-B1B6-1EA6AA20494A",
"versionEndIncluding": "15.006.30121",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "B33BAE59-1F77-4F21-A5C0-B5D9D1D67F1E",
"versionEndIncluding": "15.010.20060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "15C60A67-A7DE-4B57-BC2B-28D9B546DA3B",
"versionEndIncluding": "11.0.15",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to obtain sensitive information via unspecified vectors."
},
{
"lang": "es",
"value": "Adobe Reader y Acrobat en versiones anteriores a 11.0.16, Acrobat y Acrobat Reader DC Classic en versiones anteriores a 15.006.30172 y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 15.016.20039 sobre Windows y OS X permiten a atacantes obtener informaci\u00f3n sensible a trav\u00e9s de vectores no especificados."
}
],
"id": "CVE-2016-1112",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-05-11T11:00:23.343",
"references": [
{
"source": "psirt@adobe.com",
"url": "http://www.securityfocus.com/bid/90510"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/90510"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-04-12 14:59
Modified
2025-04-20 01:37
Severity ?
Summary
Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable integer overflow vulnerability in the XML Forms Architecture (XFA) engine, related to layout functionality. Successful exploitation could lead to arbitrary code execution.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| psirt@adobe.com | http://www.securityfocus.com/bid/97548 | Third Party Advisory, VDB Entry | |
| psirt@adobe.com | http://www.securitytracker.com/id/1038228 | ||
| psirt@adobe.com | https://helpx.adobe.com/security/products/acrobat/apsb17-11.html | Vendor Advisory | |
| nvd@nist.gov | http://www.zerodayinitiative.com/advisories/ZDI-17-260/ | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/97548 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1038228 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://helpx.adobe.com/security/products/acrobat/apsb17-11.html | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * | |
| apple | mac_os_x | * | |
| microsoft | windows | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "920C2C98-5D86-4436-BEFF-54D9A41D43C8",
"versionEndIncluding": "11.0.19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "E065F497-3396-4F95-B19F-35628C8AA570",
"versionEndIncluding": "15.006.30280",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "FAC7EE17-469A-45D6-94B1-7C84E8727A06",
"versionEndIncluding": "15.023.20070",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "EF2B91EA-41D3-4054-958C-5F174D2ADDF0",
"versionEndIncluding": "15.006.30280",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "2E18E48C-BDDD-4A01-91F1-C233D53C0978",
"versionEndIncluding": "15.023.20070",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E65E415E-1C3C-472E-9750-3295B65CC6F0",
"versionEndIncluding": "11.0.19",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable integer overflow vulnerability in the XML Forms Architecture (XFA) engine, related to layout functionality. Successful exploitation could lead to arbitrary code execution."
},
{
"lang": "es",
"value": "Las versiones de Adobe Acrobat Reader 11.0.19 y anteriores, 15.006.30280 y anteriores, 15.023.20070 y anteriores tienen una vulnerabilidad de desbordamiento de enteros explotable en el motor XFA (XML Forms Architecture), relacionado con la funcionalidad de dise\u00f1o. Una explotaci\u00f3n exitosa podr\u00eda conducir a la ejecuci\u00f3n arbitraria de c\u00f3digo."
}
],
"id": "CVE-2017-3034",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-04-12T14:59:02.327",
"references": [
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/97548"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1038228"
},
{
"source": "psirt@adobe.com",
"tags": [
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
},
{
"source": "nvd@nist.gov",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-17-260/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/97548"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1038228"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-191"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-08-26 19:59
Modified
2025-04-12 10:46
Severity ?
Summary
Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4191, CVE-2016-4192, CVE-2016-4193, CVE-2016-4194, CVE-2016-4195, CVE-2016-4196, CVE-2016-4197, CVE-2016-4198, CVE-2016-4199, CVE-2016-4200, CVE-2016-4201, CVE-2016-4202, CVE-2016-4203, CVE-2016-4204, CVE-2016-4205, CVE-2016-4206, CVE-2016-4207, CVE-2016-4208, CVE-2016-4211, CVE-2016-4212, CVE-2016-4213, CVE-2016-4214, CVE-2016-4250, CVE-2016-4251, CVE-2016-4252, CVE-2016-4254, CVE-2016-4265, CVE-2016-4266, CVE-2016-4267, CVE-2016-4268, and CVE-2016-4270.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | mac_os_x | * | |
| microsoft | windows | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * | |
| apple | mac_os_x | * | |
| microsoft | windows | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "48F7FCE4-6C44-45DA-B1F0-7808F497AA93",
"versionEndIncluding": "11.0.16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "3F3C7F23-77F4-4698-8E74-72917F2A83E9",
"versionEndIncluding": "15.006.30174",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "2E46BF91-F475-46CB-8575-13FE3A57BD55",
"versionEndIncluding": "15.016.20045",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "6D455EA4-9459-471D-8B4E-D7D78C1772F3",
"versionEndIncluding": "15.006.30174",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "79074ABD-9720-4298-A680-0B636FFC6151",
"versionEndIncluding": "15.016.20045",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CD2EDEC-3767-4713-ACD7-D463DAE2D273",
"versionEndIncluding": "11.0.16",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "48F7FCE4-6C44-45DA-B1F0-7808F497AA93",
"versionEndIncluding": "11.0.16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "3F3C7F23-77F4-4698-8E74-72917F2A83E9",
"versionEndIncluding": "15.006.30174",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "2E46BF91-F475-46CB-8575-13FE3A57BD55",
"versionEndIncluding": "15.016.20045",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "6D455EA4-9459-471D-8B4E-D7D78C1772F3",
"versionEndIncluding": "15.006.30174",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "79074ABD-9720-4298-A680-0B636FFC6151",
"versionEndIncluding": "15.016.20045",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CD2EDEC-3767-4713-ACD7-D463DAE2D273",
"versionEndIncluding": "11.0.16",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4191, CVE-2016-4192, CVE-2016-4193, CVE-2016-4194, CVE-2016-4195, CVE-2016-4196, CVE-2016-4197, CVE-2016-4198, CVE-2016-4199, CVE-2016-4200, CVE-2016-4201, CVE-2016-4202, CVE-2016-4203, CVE-2016-4204, CVE-2016-4205, CVE-2016-4206, CVE-2016-4207, CVE-2016-4208, CVE-2016-4211, CVE-2016-4212, CVE-2016-4213, CVE-2016-4214, CVE-2016-4250, CVE-2016-4251, CVE-2016-4252, CVE-2016-4254, CVE-2016-4265, CVE-2016-4266, CVE-2016-4267, CVE-2016-4268, and CVE-2016-4270."
},
{
"lang": "es",
"value": "Adobe Reader y Acrobat en versiones anteriores a 11.0.17, Acrobat y Acrobat Reader DC Classic en versiones anteriores a 15.006.30198 y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 15.017.20050 en Windows y OS X permiten a atacantes remotos ejecutar un c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-4191, CVE-2016-4192, CVE-2016-4193, CVE-2016-4194, CVE-2016-4195, CVE-2016-4196, CVE-2016-4197, CVE-2016-4198, CVE-2016-4199, CVE-2016-4200, CVE-2016-4201, CVE-2016-4202, CVE-2016-4203, CVE-2016-4204, CVE-2016-4205, CVE-2016-4206, CVE-2016-4207, CVE-2016-4208, CVE-2016-4211, CVE-2016-4212, CVE-2016-4213, CVE-2016-4214, CVE-2016-4250, CVE-2016-4251, CVE-2016-4252, CVE-2016-4254, CVE-2016-4265, CVE-2016-4266, CVE-2016-4267, CVE-2016-4268 y CVE-2016-4270."
}
],
"id": "CVE-2016-4269",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-08-26T19:59:05.837",
"references": [
{
"source": "psirt@adobe.com",
"url": "http://www.securityfocus.com/bid/92641"
},
{
"source": "psirt@adobe.com",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-491"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/92641"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-491"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-10-13 19:59
Modified
2025-04-12 10:46
Severity ?
Summary
Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1089, CVE-2016-1091, CVE-2016-6944, CVE-2016-6945, CVE-2016-6946, CVE-2016-6949, CVE-2016-6952, CVE-2016-6953, CVE-2016-6961, CVE-2016-6962, CVE-2016-6964, CVE-2016-6965, CVE-2016-6967, CVE-2016-6968, CVE-2016-6969, CVE-2016-6971, CVE-2016-6979, CVE-2016-6988, and CVE-2016-6993.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | mac_os_x | * | |
| microsoft | windows | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CE518B7B-656F-42F8-BF38-F74B8D9CF5DE",
"versionEndIncluding": "11.0.17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "56758CE4-B394-41C2-9EF9-A00022DA7257",
"versionEndIncluding": "15.006.30201",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "B3F34EB4-2203-4BA8-9729-C1EB2DEEC334",
"versionEndIncluding": "15.017.20053",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "08EAC1A2-56CE-4375-822A-9B8C43758654",
"versionEndIncluding": "15.006.30201",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "747D8222-B077-49A3-83EB-A210CAF0D094",
"versionEndIncluding": "15.017.20053",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0A07526D-9AD0-4778-B9DC-57815F9F450F",
"versionEndIncluding": "11.0.17",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1089, CVE-2016-1091, CVE-2016-6944, CVE-2016-6945, CVE-2016-6946, CVE-2016-6949, CVE-2016-6952, CVE-2016-6953, CVE-2016-6961, CVE-2016-6962, CVE-2016-6964, CVE-2016-6965, CVE-2016-6967, CVE-2016-6968, CVE-2016-6969, CVE-2016-6971, CVE-2016-6979, CVE-2016-6988, and CVE-2016-6993."
},
{
"lang": "es",
"value": "Vulnerabilidad de uso despu\u00e9s de liberaci\u00f3n de memoria en Adobe Reader y Acrobat en versiones anteriores a 11.0.18, Acrobat y Acrobat Reader DC Classic en versiones anteriores a 15.006.30243 y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 15.020.20039 en Windows y OS X permite a atacantes ejecutar c\u00f3digo arbitrario a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-1089, CVE-2016-1091, CVE-2016-6944, CVE-2016-6945, CVE-2016-6946, CVE-2016-6949, CVE-2016-6952, CVE-2016-6953, CVE-2016-6961, CVE-2016-6962, CVE-2016-6964, CVE-2016-6965, CVE-2016-6967, CVE-2016-6968, CVE-2016-6969, CVE-2016-6971, CVE-2016-6979, CVE-2016-6988 y CVE-2016-6993."
}
],
"id": "CVE-2016-6963",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-10-13T19:59:34.637",
"references": [
{
"source": "psirt@adobe.com",
"url": "http://www.securityfocus.com/bid/93491"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/93491"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-416"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-05-11 10:59
Modified
2025-04-12 10:46
Severity ?
Summary
Integer overflow in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | mac_os_x | * | |
| microsoft | windows | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3A70458C-0416-49BD-A371-1CFA85DC6A13",
"versionEndIncluding": "11.0.15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "E91D5928-1453-4359-9F35-46D9A3A9CD91",
"versionEndIncluding": "15.006.30121",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "504D35C5-04CB-4FBD-B9FD-4CBA71A5EC1A",
"versionEndIncluding": "15.010.20060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "A63411C3-E8AE-415D-B1B6-1EA6AA20494A",
"versionEndIncluding": "15.006.30121",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "B33BAE59-1F77-4F21-A5C0-B5D9D1D67F1E",
"versionEndIncluding": "15.010.20060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "15C60A67-A7DE-4B57-BC2B-28D9B546DA3B",
"versionEndIncluding": "11.0.15",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Integer overflow in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors."
},
{
"lang": "es",
"value": "Desbordamiento de entero en Adobe Reader y Acrobat en versiones anteriores a 11.0.16, Acrobat y Acrobat Reader DC Classic en versiones anteriores a 15.006.30172 y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 15.016.20039 sobre Windows y OS X permite a atacantes ejecutar c\u00f3digo arbitrario a trav\u00e9s de vectores no especificados."
}
],
"id": "CVE-2016-1043",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-05-11T10:59:07.537",
"references": [
{
"source": "psirt@adobe.com",
"url": "http://www.securityfocus.com/bid/90516"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"source": "psirt@adobe.com",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-286"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/90516"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-286"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-07-13 02:01
Modified
2025-04-12 10:46
Severity ?
Summary
Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | mac_os_x | * | |
| microsoft | windows | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "48F7FCE4-6C44-45DA-B1F0-7808F497AA93",
"versionEndIncluding": "11.0.16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "3F3C7F23-77F4-4698-8E74-72917F2A83E9",
"versionEndIncluding": "15.006.30174",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "2E46BF91-F475-46CB-8575-13FE3A57BD55",
"versionEndIncluding": "15.016.20045",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "6D455EA4-9459-471D-8B4E-D7D78C1772F3",
"versionEndIncluding": "15.006.30174",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "79074ABD-9720-4298-A680-0B636FFC6151",
"versionEndIncluding": "15.016.20045",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CD2EDEC-3767-4713-ACD7-D463DAE2D273",
"versionEndIncluding": "11.0.16",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors."
},
{
"lang": "es",
"value": "Vulnerabilidad de uso despu\u00e9s de liberaci\u00f3n de memoria en Adobe Reader y Acrobat en versiones anteriores a 11.0.17, Acrobat y Acrobat Reader DC Classic en versiones anteriores a 15.006.30198 y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 15.017.20050 en Windows y OS X permite a atacantes ejecutar c\u00f3digo arbitrario a trav\u00e9s de vectores no especificados."
}
],
"evaluatorComment": "\u003ca href=\"http://cwe.mitre.org/data/definitions/416.html\"\u003eCWE-416: Use After Free\u003c/a\u003e",
"id": "CVE-2016-4255",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-07-13T02:01:00.347",
"references": [
{
"source": "psirt@adobe.com",
"url": "http://www.securityfocus.com/bid/91714"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1036281"
},
{
"source": "psirt@adobe.com",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-420"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/91714"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1036281"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-420"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-07-13 02:00
Modified
2025-04-12 10:46
Severity ?
Summary
Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4191, CVE-2016-4192, CVE-2016-4193, CVE-2016-4194, CVE-2016-4195, CVE-2016-4196, CVE-2016-4197, CVE-2016-4198, CVE-2016-4199, CVE-2016-4200, CVE-2016-4201, CVE-2016-4202, CVE-2016-4203, CVE-2016-4204, CVE-2016-4205, CVE-2016-4206, CVE-2016-4207, CVE-2016-4211, CVE-2016-4212, CVE-2016-4213, CVE-2016-4214, CVE-2016-4250, CVE-2016-4251, CVE-2016-4252, and CVE-2016-4254.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | mac_os_x | * | |
| microsoft | windows | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "48F7FCE4-6C44-45DA-B1F0-7808F497AA93",
"versionEndIncluding": "11.0.16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "3F3C7F23-77F4-4698-8E74-72917F2A83E9",
"versionEndIncluding": "15.006.30174",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "2E46BF91-F475-46CB-8575-13FE3A57BD55",
"versionEndIncluding": "15.016.20045",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "6D455EA4-9459-471D-8B4E-D7D78C1772F3",
"versionEndIncluding": "15.006.30174",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "79074ABD-9720-4298-A680-0B636FFC6151",
"versionEndIncluding": "15.016.20045",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CD2EDEC-3767-4713-ACD7-D463DAE2D273",
"versionEndIncluding": "11.0.16",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4191, CVE-2016-4192, CVE-2016-4193, CVE-2016-4194, CVE-2016-4195, CVE-2016-4196, CVE-2016-4197, CVE-2016-4198, CVE-2016-4199, CVE-2016-4200, CVE-2016-4201, CVE-2016-4202, CVE-2016-4203, CVE-2016-4204, CVE-2016-4205, CVE-2016-4206, CVE-2016-4207, CVE-2016-4211, CVE-2016-4212, CVE-2016-4213, CVE-2016-4214, CVE-2016-4250, CVE-2016-4251, CVE-2016-4252, and CVE-2016-4254."
},
{
"lang": "es",
"value": "Adobe Reader y Acrobat en versiones anteriores a 11.0.17, Acrobat y Acrobat Reader DC Classic en versiones anteriores a 15.006.30198 y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 15.017.20050 en Windows y OS X permiten a atacantes ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-4191, CVE-2016-4192, CVE-2016-4193, CVE-2016-4194, CVE-2016-4195, CVE-2016-4196, CVE-2016-4197, CVE-2016-4198, CVE-2016-4199, CVE-2016-4200, CVE-2016-4201, CVE-2016-4202, CVE-2016-4203, CVE-2016-4204, CVE-2016-4205, CVE-2016-4206, CVE-2016-4207, CVE-2016-4211, CVE-2016-4212, CVE-2016-4213, CVE-2016-4214, CVE-2016-4250, CVE-2016-4251, CVE-2016-4252 y CVE-2016-4254."
}
],
"id": "CVE-2016-4208",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-07-13T02:00:17.650",
"references": [
{
"source": "psirt@adobe.com",
"url": "http://www.securityfocus.com/bid/91716"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1036281"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html"
},
{
"source": "psirt@adobe.com",
"url": "https://www.exploit-db.com/exploits/40098/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/91716"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1036281"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.exploit-db.com/exploits/40098/"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-10-13 19:59
Modified
2025-04-12 10:46
Severity ?
Summary
Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | mac_os_x | * | |
| microsoft | windows | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CE518B7B-656F-42F8-BF38-F74B8D9CF5DE",
"versionEndIncluding": "11.0.17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "56758CE4-B394-41C2-9EF9-A00022DA7257",
"versionEndIncluding": "15.006.30201",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "B3F34EB4-2203-4BA8-9729-C1EB2DEEC334",
"versionEndIncluding": "15.017.20053",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "08EAC1A2-56CE-4375-822A-9B8C43758654",
"versionEndIncluding": "15.006.30201",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "747D8222-B077-49A3-83EB-A210CAF0D094",
"versionEndIncluding": "15.017.20053",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0A07526D-9AD0-4778-B9DC-57815F9F450F",
"versionEndIncluding": "11.0.17",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019."
},
{
"lang": "es",
"value": "Adobe Reader y Acrobat en versiones anteriores a 11.0.18, Acrobat y Acrobat Reader DC Classic en versiones anteriores a 15.006.30243, y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 15.020.20039 en Windows y OS X permiten a atacantes ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018 y CVE-2016-7019."
}
],
"id": "CVE-2016-6972",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-10-13T19:59:44.247",
"references": [
{
"source": "psirt@adobe.com",
"url": "http://www.securityfocus.com/bid/93496"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/93496"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-08-11 19:29
Modified
2025-04-20 01:37
Severity ?
Summary
Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conversion engine when processing Enhanced Metafile Format (EMF) data related to rendering a path. Successful exploitation could lead to arbitrary code execution.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| psirt@adobe.com | http://www.securityfocus.com/bid/100179 | Third Party Advisory, VDB Entry | |
| psirt@adobe.com | http://www.securitytracker.com/id/1039098 | Third Party Advisory, VDB Entry | |
| psirt@adobe.com | https://helpx.adobe.com/security/products/acrobat/apsb17-24.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/100179 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1039098 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://helpx.adobe.com/security/products/acrobat/apsb17-24.html | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| adobe | acrobat | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * | |
| apple | mac_os_x | * | |
| microsoft | windows | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A30D9514-FE2E-4A9C-9500-16890F53E970",
"versionEndIncluding": "11.0.20",
"versionStartIncluding": "11.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7C9B6745-48B3-47D5-B624-3321E9058FB6",
"versionEndIncluding": "17.011.30066",
"versionStartIncluding": "17.011.00000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "99D08096-DEEA-4409-835A-68479002FF0F",
"versionEndIncluding": "15.006.30306",
"versionStartIncluding": "15.006.30060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "C7A7FA12-9250-4E26-87AE-D5413A1B7D83",
"versionEndIncluding": "17.009.20058",
"versionStartIncluding": "15.007.20033",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "11A0E83A-9D77-4A0B-90DE-386D21D54146",
"versionEndIncluding": "17.011.30066",
"versionStartIncluding": "17.011.00000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "0E4BAFB4-C5F3-4033-9876-AC3CF37206F8",
"versionEndIncluding": "15.006.30306",
"versionStartIncluding": "15.006.30060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "7C578153-11EF-4F8D-9137-4F7AB8024D7E",
"versionEndIncluding": "17.009.20058",
"versionStartIncluding": "15.007.20033",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1F87CC97-6ED7-4AF1-B7B7-F89EA09A68DB",
"versionEndIncluding": "11.0.20",
"versionStartIncluding": "11.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conversion engine when processing Enhanced Metafile Format (EMF) data related to rendering a path. Successful exploitation could lead to arbitrary code execution."
},
{
"lang": "es",
"value": "Adobe Acrobat Reader 2017.009.20058 y anteriores, 2017.008.30051 y anteriores, 2015.006.30306 y anteriores, y 11.0.20 y anteriores tiene una vulnerabilidad de corrupci\u00f3n de memoria en el motor de conversi\u00f3n de imagen cuando procesa datos Enhanced Metafile Format (EMF) relacionados con el renderizado de una ruta. La explotaci\u00f3n con \u00e9xito de esta vulnerabilidad podr\u00eda permitir la ejecuci\u00f3n arbitraria de c\u00f3digo."
}
],
"id": "CVE-2017-11214",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-08-11T19:29:00.350",
"references": [
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/100179"
},
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039098"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/100179"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039098"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-01-11 04:59
Modified
2025-04-20 01:37
Severity ?
Summary
Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable heap overflow vulnerability in the image conversion engine, related to parsing of color profile metadata. Successful exploitation could lead to arbitrary code execution.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * | |
| apple | mac_os_x | * | |
| microsoft | windows | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "591061D5-5A3B-4788-9219-E6A267C7F205",
"versionEndIncluding": "11.0.18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "2DA73DF1-D517-4D01-A901-11C6A410F3F7",
"versionEndIncluding": "15.006.30244",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "1044057B-3C1D-4920-B16E-11E8F43B416D",
"versionEndIncluding": "15.020.20042",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "65AE21B3-AF0D-480B-9D1A-4D64D2F749D2",
"versionEndIncluding": "15.006.30244",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "C032D3A4-80F5-4066-97DC-3AED72D6C15A",
"versionEndIncluding": "15.020.20042",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8D7F2E90-F6DF-41A3-A1DB-26058BEA2A02",
"versionEndIncluding": "11.0.18",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable heap overflow vulnerability in the image conversion engine, related to parsing of color profile metadata. Successful exploitation could lead to arbitrary code execution."
},
{
"lang": "es",
"value": "Las versiones de Adobe Acrobat Reader 15.020.20042 y anteriores, 15.006.30244 y anteriores, 11.0.18 y anteriores tienen una vulnerabilidad de desbordamiento de memoria din\u00e1mica explotable en el motor de conversi\u00f3n de im\u00e1genes, relacionado con el an\u00e1lisis de los metadatos de perfil de color. Una explotaci\u00f3n satisfactoria podr\u00eda conducir a la ejecuci\u00f3n de c\u00f3digo arbitrario."
}
],
"id": "CVE-2017-2959",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-01-11T04:59:01.820",
"references": [
{
"source": "psirt@adobe.com",
"url": "http://www.securityfocus.com/bid/95344"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1037574"
},
{
"source": "psirt@adobe.com",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-17-023"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/95344"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1037574"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-17-023"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-10-13 19:59
Modified
2025-04-12 10:46
Severity ?
Summary
Heap-based buffer overflow in Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-6994.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | mac_os_x | * | |
| microsoft | windows | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CE518B7B-656F-42F8-BF38-F74B8D9CF5DE",
"versionEndIncluding": "11.0.17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "56758CE4-B394-41C2-9EF9-A00022DA7257",
"versionEndIncluding": "15.006.30201",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "B3F34EB4-2203-4BA8-9729-C1EB2DEEC334",
"versionEndIncluding": "15.017.20053",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "08EAC1A2-56CE-4375-822A-9B8C43758654",
"versionEndIncluding": "15.006.30201",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "747D8222-B077-49A3-83EB-A210CAF0D094",
"versionEndIncluding": "15.017.20053",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0A07526D-9AD0-4778-B9DC-57815F9F450F",
"versionEndIncluding": "11.0.17",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-6994."
},
{
"lang": "es",
"value": "Desbordamiento de buf\u00e9r basado en memoria din\u00e1mica en Adobe Reader y Acrobat en versiones anteriores a 11.0.18, Acrobat y Acrobat Reader DC Classic en versiones anteriores a 15.006.30243 y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 15.020.20039 en Windows y OS X permite a atacantes ejecutar c\u00f3digo arbitrario a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-6994."
}
],
"id": "CVE-2016-6939",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-10-13T19:59:07.467",
"references": [
{
"source": "psirt@adobe.com",
"url": "http://www.securityfocus.com/bid/93487"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"source": "psirt@adobe.com",
"tags": [
"Mitigation",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/93487"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mitigation",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-08-11 19:29
Modified
2025-04-20 01:37
Severity ?
Summary
Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable use after free vulnerability in the core of the XFA engine. Successful exploitation could lead to arbitrary code execution.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| psirt@adobe.com | http://www.securityfocus.com/bid/100182 | Third Party Advisory, VDB Entry | |
| psirt@adobe.com | http://www.securitytracker.com/id/1039098 | Third Party Advisory, VDB Entry | |
| psirt@adobe.com | https://helpx.adobe.com/security/products/acrobat/apsb17-24.html | Patch, Vendor Advisory | |
| nvd@nist.gov | http://www.zerodayinitiative.com/advisories/ZDI-17-588/ | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/100182 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1039098 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://helpx.adobe.com/security/products/acrobat/apsb17-24.html | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| adobe | acrobat | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * | |
| apple | mac_os_x | * | |
| microsoft | windows | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A30D9514-FE2E-4A9C-9500-16890F53E970",
"versionEndIncluding": "11.0.20",
"versionStartIncluding": "11.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7C9B6745-48B3-47D5-B624-3321E9058FB6",
"versionEndIncluding": "17.011.30066",
"versionStartIncluding": "17.011.00000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "99D08096-DEEA-4409-835A-68479002FF0F",
"versionEndIncluding": "15.006.30306",
"versionStartIncluding": "15.006.30060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "C7A7FA12-9250-4E26-87AE-D5413A1B7D83",
"versionEndIncluding": "17.009.20058",
"versionStartIncluding": "15.007.20033",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "11A0E83A-9D77-4A0B-90DE-386D21D54146",
"versionEndIncluding": "17.011.30066",
"versionStartIncluding": "17.011.00000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "0E4BAFB4-C5F3-4033-9876-AC3CF37206F8",
"versionEndIncluding": "15.006.30306",
"versionStartIncluding": "15.006.30060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "7C578153-11EF-4F8D-9137-4F7AB8024D7E",
"versionEndIncluding": "17.009.20058",
"versionStartIncluding": "15.007.20033",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1F87CC97-6ED7-4AF1-B7B7-F89EA09A68DB",
"versionEndIncluding": "11.0.20",
"versionStartIncluding": "11.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable use after free vulnerability in the core of the XFA engine. Successful exploitation could lead to arbitrary code execution."
},
{
"lang": "es",
"value": "Adobe Acrobat Reader 2017.009.20058 y anteriores, 2017.008.30051 y anteriores, 2015.006.30306 y anteriores, y 11.0.20 y anteriores tiene una vulnerabilidad de uso de memoria antes de liberaci\u00f3n (use after free) en el n\u00facleo del motor XFA. La explotaci\u00f3n con \u00e9xito de esta vulnerabilidad podr\u00eda permitir la ejecuci\u00f3n arbitraria de c\u00f3digo."
}
],
"id": "CVE-2017-11223",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-08-11T19:29:00.587",
"references": [
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/100182"
},
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039098"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"source": "nvd@nist.gov",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-17-588/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/100182"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039098"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-416"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-01-24 07:59
Modified
2025-04-20 01:37
Severity ?
Summary
Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable heap overflow vulnerability in the XSLT engine related to template manipulation. Successful exploitation could lead to arbitrary code execution.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| psirt@adobe.com | http://www.securityfocus.com/bid/95690 | Third Party Advisory, VDB Entry | |
| psirt@adobe.com | https://helpx.adobe.com/security/products/acrobat/apsb17-01.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/95690 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://helpx.adobe.com/security/products/acrobat/apsb17-01.html | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * | |
| apple | mac_os_x | * | |
| microsoft | windows | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "591061D5-5A3B-4788-9219-E6A267C7F205",
"versionEndIncluding": "11.0.18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "2DA73DF1-D517-4D01-A901-11C6A410F3F7",
"versionEndIncluding": "15.006.30244",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "1044057B-3C1D-4920-B16E-11E8F43B416D",
"versionEndIncluding": "15.020.20042",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "65AE21B3-AF0D-480B-9D1A-4D64D2F749D2",
"versionEndIncluding": "15.006.30244",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "C032D3A4-80F5-4066-97DC-3AED72D6C15A",
"versionEndIncluding": "15.020.20042",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8D7F2E90-F6DF-41A3-A1DB-26058BEA2A02",
"versionEndIncluding": "11.0.18",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable heap overflow vulnerability in the XSLT engine related to template manipulation. Successful exploitation could lead to arbitrary code execution."
},
{
"lang": "es",
"value": "Las versiones de Adobe Acrobat Reader 15.020.20042 y anteriores, 15.006.30244 y anteriores, 11.0.18 y anteriores tienen una vulnerabilidad explotable de desbordamiento de pila en el motor XSLT relacionada con la manipulaci\u00f3n de plantilla. Una explotaci\u00f3n exitosa podr\u00eda conducir a la ejecuci\u00f3n de c\u00f3digo arbitrario."
}
],
"id": "CVE-2017-2970",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-01-24T07:59:00.177",
"references": [
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/95690"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/95690"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-08-11 19:29
Modified
2025-04-20 01:37
Severity ?
Summary
Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability that occurs when reading a JPEG file embedded within XML Paper Specification (XPS) file. Successful exploitation could lead to arbitrary code execution.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| psirt@adobe.com | http://www.securityfocus.com/bid/100184 | Third Party Advisory, VDB Entry | |
| psirt@adobe.com | http://www.securitytracker.com/id/1039098 | Third Party Advisory, VDB Entry | |
| psirt@adobe.com | https://helpx.adobe.com/security/products/acrobat/apsb17-24.html | Patch, Vendor Advisory | |
| nvd@nist.gov | http://www.zerodayinitiative.com/advisories/ZDI-17-577/ | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/100184 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1039098 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://helpx.adobe.com/security/products/acrobat/apsb17-24.html | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| adobe | acrobat | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * | |
| apple | mac_os_x | * | |
| microsoft | windows | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A30D9514-FE2E-4A9C-9500-16890F53E970",
"versionEndIncluding": "11.0.20",
"versionStartIncluding": "11.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7C9B6745-48B3-47D5-B624-3321E9058FB6",
"versionEndIncluding": "17.011.30066",
"versionStartIncluding": "17.011.00000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "99D08096-DEEA-4409-835A-68479002FF0F",
"versionEndIncluding": "15.006.30306",
"versionStartIncluding": "15.006.30060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "C7A7FA12-9250-4E26-87AE-D5413A1B7D83",
"versionEndIncluding": "17.009.20058",
"versionStartIncluding": "15.007.20033",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "11A0E83A-9D77-4A0B-90DE-386D21D54146",
"versionEndIncluding": "17.011.30066",
"versionStartIncluding": "17.011.00000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "0E4BAFB4-C5F3-4033-9876-AC3CF37206F8",
"versionEndIncluding": "15.006.30306",
"versionStartIncluding": "15.006.30060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "7C578153-11EF-4F8D-9137-4F7AB8024D7E",
"versionEndIncluding": "17.009.20058",
"versionStartIncluding": "15.007.20033",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1F87CC97-6ED7-4AF1-B7B7-F89EA09A68DB",
"versionEndIncluding": "11.0.20",
"versionStartIncluding": "11.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability that occurs when reading a JPEG file embedded within XML Paper Specification (XPS) file. Successful exploitation could lead to arbitrary code execution."
},
{
"lang": "es",
"value": "Adobe Acrobat Reader 2017.009.20058 y anteriores, 2017.008.30051 y anteriores, 2015.006.30306 y anteriores, y 11.0.20 y anteriores tiene una vulnerabilidad de corrupci\u00f3n de memoria que ocurre cuando se lee un archivo JPEG embebido en un archivo XML Paper Specification (XPS). La explotaci\u00f3n con \u00e9xito de esta vulnerabilidad podr\u00eda permitir la ejecuci\u00f3n arbitraria de c\u00f3digo."
}
],
"id": "CVE-2017-11209",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-08-11T19:29:00.227",
"references": [
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/100184"
},
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039098"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"source": "nvd@nist.gov",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-17-577/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/100184"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039098"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2010-04-22 14:30
Modified
2025-04-11 00:51
Severity ?
Summary
Buffer overflow in the Atlcom.get_atlcom ActiveX control in gp.ocx in Adobe Download Manager, as used in Adobe Reader and Acrobat 8.x before 8.2 and 9.x before 9.3, allows remote attackers to execute arbitrary code via unspecified parameters.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| adobe | reader | 8.0.0 | |
| adobe | reader | 8.1.1 | |
| adobe | reader | 8.1.2 | |
| adobe | reader | 8.1.4 | |
| adobe | reader | 8.1.5 | |
| adobe | reader | 8.1.6 | |
| adobe | reader | 8.1.7 | |
| adobe | reader | 9.0 | |
| adobe | reader | 9.1 | |
| adobe | reader | 9.1.1 | |
| adobe | reader | 9.1.2 | |
| adobe | reader | 9.1.3 | |
| adobe | reader | 9.2 | |
| adobe | acrobat | 8.0 | |
| adobe | acrobat | 8.1 | |
| adobe | acrobat | 8.1.1 | |
| adobe | acrobat | 8.1.2 | |
| adobe | acrobat | 8.1.3 | |
| adobe | acrobat | 8.1.4 | |
| adobe | acrobat | 8.1.5 | |
| adobe | acrobat | 8.1.6 | |
| adobe | acrobat | 8.1.7 | |
| adobe | acrobat | 9.0 | |
| adobe | acrobat | 9.1 | |
| adobe | acrobat | 9.1.1 | |
| adobe | acrobat | 9.1.2 | |
| adobe | acrobat | 9.1.3 | |
| adobe | acrobat | 9.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:reader:8.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B749478C-54F5-43EA-A97E-9444E5A06130",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:8.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "98BCBFB5-72DF-4B8A-8F4C-E958B4FAFB37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:8.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "71EB6E18-5764-4916-9ECA-F4E880672217",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:8.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "61151189-E24C-4AB6-BC60-B9AF720E3D4B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:8.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "97EFCA72-99DC-4CF0-9E01-D635F0E70D48",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:8.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "1B65F7E5-05A4-45FC-BDC2-670166535721",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:8.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "274E5B77-769B-4B84-8C84-5C9D3C46F638",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "026B1CF8-28A2-415D-A240-C9DF774BF9DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FBE16943-CCD8-4A39-832F-F6ED3CF2936B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:9.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9F9C8041-A6AC-4B4B-840E-8FC62AD5974D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:9.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "42A1A800-D0CC-4593-A31A-EE308E63B454",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:9.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "51D39658-8C3F-4B05-AEDF-228C4047F8AC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "68371B9C-FC9D-41C8-BFF6-3F579A46ABC4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "26AE76F7-D7F6-4AF2-A5C6-708B5642C288",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "749FFB51-65D4-4A4B-95F3-742440276897",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:8.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C8665E53-EC1E-4B95-9064-2565BC12113E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:8.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "24218FDA-F9DA-465A-B5D5-76A55C7EE04E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:8.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "E2C5F1C5-85CD-47B9-897F-E51D6902AF72",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:8.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "E0E190FF-3EBC-44AB-8072-4D964E843E8A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:8.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "6A624D44-C135-4ED3-9BA4-F4F8A044850B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:8.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B95C0A99-42E4-40A9-BF61-507E4E4DC052",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:8.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "3B9F55CC-3681-4A67-99D1-3F40447392D5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5AA53564-9ACD-4CFB-9AAC-A77440026A57",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C7EC46E3-77B7-4455-B3E0-A45C6B69B3DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:9.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4F475858-DCE2-4C93-A51A-04718DF17593",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:9.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "88687272-4CD0-42A2-B727-C322ABDE3549",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:9.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "1E5C4FA4-3786-47AF-BD7D-8E75927EB3AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B35CC915-EEE3-4E86-9E09-1893C725E07B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the Atlcom.get_atlcom ActiveX control in gp.ocx in Adobe Download Manager, as used in Adobe Reader and Acrobat 8.x before 8.2 and 9.x before 9.3, allows remote attackers to execute arbitrary code via unspecified parameters."
},
{
"lang": "es",
"value": "Desbordamiento de b\u00fafer en el control ActiveX Atlcom.get_atlcom de gp.ocx de Adobe Download Manager, como el que se utiliza en Adobe Reader y Acrobat v8.x anterior a 8.2 y v9.x anterior a 9.3, permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n mediante par\u00e1metros no especificados."
}
],
"id": "CVE-2010-1278",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2010-04-22T14:30:00.980",
"references": [
{
"source": "psirt@adobe.com",
"tags": [
"Patch"
],
"url": "http://www.adobe.com/support/security/bulletins/apsb10-02.html"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securityfocus.com/archive/1/510868/100/0/threaded"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id?1023908"
},
{
"source": "psirt@adobe.com",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-10-077/"
},
{
"source": "psirt@adobe.com",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7500"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.adobe.com/support/security/bulletins/apsb10-02.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/510868/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1023908"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-10-077/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7500"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-08-11 19:29
Modified
2025-04-20 01:37
Severity ?
Summary
Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable use after free vulnerability in the image conversion engine when decompressing JPEG data. Successful exploitation could lead to arbitrary code execution.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| psirt@adobe.com | http://www.securityfocus.com/bid/100182 | Third Party Advisory, VDB Entry | |
| psirt@adobe.com | http://www.securitytracker.com/id/1039098 | Third Party Advisory, VDB Entry | |
| psirt@adobe.com | https://helpx.adobe.com/security/products/acrobat/apsb17-24.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/100182 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1039098 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://helpx.adobe.com/security/products/acrobat/apsb17-24.html | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| adobe | acrobat | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * | |
| apple | mac_os_x | * | |
| microsoft | windows | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A30D9514-FE2E-4A9C-9500-16890F53E970",
"versionEndIncluding": "11.0.20",
"versionStartIncluding": "11.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7C9B6745-48B3-47D5-B624-3321E9058FB6",
"versionEndIncluding": "17.011.30066",
"versionStartIncluding": "17.011.00000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "99D08096-DEEA-4409-835A-68479002FF0F",
"versionEndIncluding": "15.006.30306",
"versionStartIncluding": "15.006.30060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "C7A7FA12-9250-4E26-87AE-D5413A1B7D83",
"versionEndIncluding": "17.009.20058",
"versionStartIncluding": "15.007.20033",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "11A0E83A-9D77-4A0B-90DE-386D21D54146",
"versionEndIncluding": "17.011.30066",
"versionStartIncluding": "17.011.00000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "0E4BAFB4-C5F3-4033-9876-AC3CF37206F8",
"versionEndIncluding": "15.006.30306",
"versionStartIncluding": "15.006.30060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "7C578153-11EF-4F8D-9137-4F7AB8024D7E",
"versionEndIncluding": "17.009.20058",
"versionStartIncluding": "15.007.20033",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1F87CC97-6ED7-4AF1-B7B7-F89EA09A68DB",
"versionEndIncluding": "11.0.20",
"versionStartIncluding": "11.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable use after free vulnerability in the image conversion engine when decompressing JPEG data. Successful exploitation could lead to arbitrary code execution."
},
{
"lang": "es",
"value": "Adobe Acrobat Reader 2017.009.20058 y anteriores, 2017.008.30051 y anteriores, 2015.006.30306 y anteriores, y 11.0.20 y anteriores tiene una vulnerabilidad de uso de memoria antes de liberaci\u00f3n (use after free) en el motor de conversi\u00f3n de im\u00e1genes cuando descomprimen datos JPEG. La explotaci\u00f3n con \u00e9xito de esta vulnerabilidad podr\u00eda permitir la ejecuci\u00f3n arbitraria de c\u00f3digo."
}
],
"id": "CVE-2017-11235",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-08-11T19:29:00.947",
"references": [
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/100182"
},
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039098"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/100182"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039098"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-416"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-05-11 11:00
Modified
2025-04-12 10:46
Severity ?
Summary
Untrusted search path vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allows local users to gain privileges via a Trojan horse resource in an unspecified directory, a different vulnerability than CVE-2016-1087 and CVE-2016-1090.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| psirt@adobe.com | http://www.securityfocus.com/bid/90513 | Third Party Advisory, VDB Entry | |
| psirt@adobe.com | http://www.securitytracker.com/id/1035828 | Third Party Advisory, VDB Entry | |
| psirt@adobe.com | https://helpx.adobe.com/security/products/acrobat/apsb16-14.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/90513 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1035828 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://helpx.adobe.com/security/products/acrobat/apsb16-14.html | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | mac_os_x | * | |
| microsoft | windows | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3A70458C-0416-49BD-A371-1CFA85DC6A13",
"versionEndIncluding": "11.0.15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "E91D5928-1453-4359-9F35-46D9A3A9CD91",
"versionEndIncluding": "15.006.30121",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "504D35C5-04CB-4FBD-B9FD-4CBA71A5EC1A",
"versionEndIncluding": "15.010.20060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "A63411C3-E8AE-415D-B1B6-1EA6AA20494A",
"versionEndIncluding": "15.006.30121",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "B33BAE59-1F77-4F21-A5C0-B5D9D1D67F1E",
"versionEndIncluding": "15.010.20060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "15C60A67-A7DE-4B57-BC2B-28D9B546DA3B",
"versionEndIncluding": "11.0.15",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Untrusted search path vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allows local users to gain privileges via a Trojan horse resource in an unspecified directory, a different vulnerability than CVE-2016-1087 and CVE-2016-1090."
},
{
"lang": "es",
"value": "Vulnerabilidad de b\u00fasqueda de ruta no confiable en Adobe Reader y Acrobat en versiones anteriores a 11.0.16, Acrobat y Acrobat Reader DC Classic en versiones anteriores a 15.006.30172 y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 15.016.20039 sobre Windows y OS X permite a usuarios locales obtener privilegios a trav\u00e9s de un recurso troyano en un directorio no especificado, una vulnerabilidad diferente a CVE-2016-1087 y CVE-2016-1090."
}
],
"evaluatorComment": "\u003ca href=\"http://cwe.mitre.org/data/definitions/426.html\"\u003eCWE-426: Untrusted Search Path\u003c/a\u003e",
"id": "CVE-2016-4106",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-05-11T11:00:59.387",
"references": [
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/90513"
},
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1035828"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/90513"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1035828"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-10-13 19:59
Modified
2025-04-12 10:46
Severity ?
Summary
Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | mac_os_x | * | |
| microsoft | windows | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CE518B7B-656F-42F8-BF38-F74B8D9CF5DE",
"versionEndIncluding": "11.0.17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "56758CE4-B394-41C2-9EF9-A00022DA7257",
"versionEndIncluding": "15.006.30201",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "B3F34EB4-2203-4BA8-9729-C1EB2DEEC334",
"versionEndIncluding": "15.017.20053",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "08EAC1A2-56CE-4375-822A-9B8C43758654",
"versionEndIncluding": "15.006.30201",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "747D8222-B077-49A3-83EB-A210CAF0D094",
"versionEndIncluding": "15.017.20053",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0A07526D-9AD0-4778-B9DC-57815F9F450F",
"versionEndIncluding": "11.0.17",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019."
},
{
"lang": "es",
"value": "Adobe Reader y Acrobat en versiones anteriores a 11.0.18, Acrobat y Acrobat Reader DC Classic en versiones anteriores a 15.006.30243, y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 15.020.20039 en Windows y OS X permiten a atacantes ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018 y CVE-2016-7019."
}
],
"id": "CVE-2016-6977",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-10-13T19:59:49.810",
"references": [
{
"source": "psirt@adobe.com",
"url": "http://www.securityfocus.com/bid/93496"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/93496"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-11-10 16:59
Modified
2025-04-12 10:46
Severity ?
Summary
Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * | |
| apple | mac_os_x | * | |
| microsoft | windows | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CE518B7B-656F-42F8-BF38-F74B8D9CF5DE",
"versionEndIncluding": "11.0.17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "56758CE4-B394-41C2-9EF9-A00022DA7257",
"versionEndIncluding": "15.006.30201",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "B3F34EB4-2203-4BA8-9729-C1EB2DEEC334",
"versionEndIncluding": "15.017.20053",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "08EAC1A2-56CE-4375-822A-9B8C43758654",
"versionEndIncluding": "15.006.30201",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "747D8222-B077-49A3-83EB-A210CAF0D094",
"versionEndIncluding": "15.017.20053",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0A07526D-9AD0-4778-B9DC-57815F9F450F",
"versionEndIncluding": "11.0.17",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors."
},
{
"lang": "es",
"value": "Adobe Reader y Acrobat en versiones anteriores a 11.0.18, Acrobat y Acrobat Reader DC Classic en versiones anteriores a 15.006.30243 y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 15.020.20039 en Windows y OS X permite a atacantes ejecutar un c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados."
}
],
"id": "CVE-2016-4095",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-11-10T16:59:00.160",
"references": [
{
"source": "psirt@adobe.com",
"url": "http://www.securityfocus.com/bid/94253"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/94253"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-10-13 19:59
Modified
2025-04-12 10:46
Severity ?
Summary
Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1089, CVE-2016-1091, CVE-2016-6944, CVE-2016-6945, CVE-2016-6946, CVE-2016-6949, CVE-2016-6952, CVE-2016-6953, CVE-2016-6961, CVE-2016-6963, CVE-2016-6964, CVE-2016-6965, CVE-2016-6967, CVE-2016-6968, CVE-2016-6969, CVE-2016-6971, CVE-2016-6979, CVE-2016-6988, and CVE-2016-6993.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | mac_os_x | * | |
| microsoft | windows | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CE518B7B-656F-42F8-BF38-F74B8D9CF5DE",
"versionEndIncluding": "11.0.17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "56758CE4-B394-41C2-9EF9-A00022DA7257",
"versionEndIncluding": "15.006.30201",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "B3F34EB4-2203-4BA8-9729-C1EB2DEEC334",
"versionEndIncluding": "15.017.20053",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "08EAC1A2-56CE-4375-822A-9B8C43758654",
"versionEndIncluding": "15.006.30201",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "747D8222-B077-49A3-83EB-A210CAF0D094",
"versionEndIncluding": "15.017.20053",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0A07526D-9AD0-4778-B9DC-57815F9F450F",
"versionEndIncluding": "11.0.17",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1089, CVE-2016-1091, CVE-2016-6944, CVE-2016-6945, CVE-2016-6946, CVE-2016-6949, CVE-2016-6952, CVE-2016-6953, CVE-2016-6961, CVE-2016-6963, CVE-2016-6964, CVE-2016-6965, CVE-2016-6967, CVE-2016-6968, CVE-2016-6969, CVE-2016-6971, CVE-2016-6979, CVE-2016-6988, and CVE-2016-6993."
},
{
"lang": "es",
"value": "Vulnerabilidad de uso despu\u00e9s de liberaci\u00f3n de memoria en Adobe Reader y Acrobat en versiones anteriores a 11.0.18, Acrobat y Acrobat Reader DC Classic en versiones anteriores a 15.006.30243 y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 15.020.20039 en Windows y OS X permite a atacantes ejecutar c\u00f3digo arbitrario a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-1089, CVE-2016-1091, CVE-2016-6944, CVE-2016-6945, CVE-2016-6946, CVE-2016-6949, CVE-2016-6952, CVE-2016-6953, CVE-2016-6961, CVE-2016-6963, CVE-2016-6964, CVE-2016-6965, CVE-2016-6967, CVE-2016-6968, CVE-2016-6969, CVE-2016-6971, CVE-2016-6979, CVE-2016-6988 y CVE-2016-6993."
}
],
"id": "CVE-2016-6962",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-10-13T19:59:33.650",
"references": [
{
"source": "psirt@adobe.com",
"url": "http://www.securityfocus.com/bid/93491"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/93491"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-416"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-08-11 19:29
Modified
2025-04-20 01:37
Severity ?
Summary
Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the font parsing, where the font is embedded in the XML Paper Specification (XPS) file. Successful exploitation could lead to arbitrary code execution.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| psirt@adobe.com | http://www.securityfocus.com/bid/100184 | Third Party Advisory, VDB Entry | |
| psirt@adobe.com | http://www.securitytracker.com/id/1039098 | Third Party Advisory, VDB Entry | |
| psirt@adobe.com | https://helpx.adobe.com/security/products/acrobat/apsb17-24.html | Patch, Vendor Advisory | |
| nvd@nist.gov | http://www.zerodayinitiative.com/advisories/ZDI-17-578/ | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/100184 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1039098 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://helpx.adobe.com/security/products/acrobat/apsb17-24.html | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| adobe | acrobat | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * | |
| apple | mac_os_x | * | |
| microsoft | windows | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A30D9514-FE2E-4A9C-9500-16890F53E970",
"versionEndIncluding": "11.0.20",
"versionStartIncluding": "11.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7C9B6745-48B3-47D5-B624-3321E9058FB6",
"versionEndIncluding": "17.011.30066",
"versionStartIncluding": "17.011.00000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "99D08096-DEEA-4409-835A-68479002FF0F",
"versionEndIncluding": "15.006.30306",
"versionStartIncluding": "15.006.30060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "C7A7FA12-9250-4E26-87AE-D5413A1B7D83",
"versionEndIncluding": "17.009.20058",
"versionStartIncluding": "15.007.20033",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "11A0E83A-9D77-4A0B-90DE-386D21D54146",
"versionEndIncluding": "17.011.30066",
"versionStartIncluding": "17.011.00000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "0E4BAFB4-C5F3-4033-9876-AC3CF37206F8",
"versionEndIncluding": "15.006.30306",
"versionStartIncluding": "15.006.30060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "7C578153-11EF-4F8D-9137-4F7AB8024D7E",
"versionEndIncluding": "17.009.20058",
"versionStartIncluding": "15.007.20033",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1F87CC97-6ED7-4AF1-B7B7-F89EA09A68DB",
"versionEndIncluding": "11.0.20",
"versionStartIncluding": "11.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the font parsing, where the font is embedded in the XML Paper Specification (XPS) file. Successful exploitation could lead to arbitrary code execution."
},
{
"lang": "es",
"value": "Adobe Acrobat Reader 2017.009.20058 y anteriores, 2017.008.30051 y anteriores, 2015.006.30306 y anteriores, y 11.0.20 y anteriores tiene una vulnerabilidad explotable de corrupci\u00f3n de memoria en el parseo de fuentes, en la que la fuente est\u00e1 embebida en un archivo XML Paper Specification (XPS). La explotaci\u00f3n con \u00e9xito de esta vulnerabilidad podr\u00eda permitir la ejecuci\u00f3n arbitraria de c\u00f3digo."
}
],
"id": "CVE-2017-11210",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-08-11T19:29:00.257",
"references": [
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/100184"
},
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039098"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"source": "nvd@nist.gov",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-17-578/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/100184"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039098"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-08-11 19:29
Modified
2025-04-20 01:37
Severity ?
Summary
Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conversion engine when processing Enhanced Metafile Format (EMF) data related to transfer of pixel blocks. Successful exploitation could lead to arbitrary code execution.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| psirt@adobe.com | http://www.securityfocus.com/bid/100179 | Third Party Advisory, VDB Entry | |
| psirt@adobe.com | http://www.securitytracker.com/id/1039098 | Third Party Advisory, VDB Entry | |
| psirt@adobe.com | https://helpx.adobe.com/security/products/acrobat/apsb17-24.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/100179 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1039098 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://helpx.adobe.com/security/products/acrobat/apsb17-24.html | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| adobe | acrobat | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * | |
| apple | mac_os_x | * | |
| microsoft | windows | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A30D9514-FE2E-4A9C-9500-16890F53E970",
"versionEndIncluding": "11.0.20",
"versionStartIncluding": "11.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7C9B6745-48B3-47D5-B624-3321E9058FB6",
"versionEndIncluding": "17.011.30066",
"versionStartIncluding": "17.011.00000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "99D08096-DEEA-4409-835A-68479002FF0F",
"versionEndIncluding": "15.006.30306",
"versionStartIncluding": "15.006.30060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "C7A7FA12-9250-4E26-87AE-D5413A1B7D83",
"versionEndIncluding": "17.009.20058",
"versionStartIncluding": "15.007.20033",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "11A0E83A-9D77-4A0B-90DE-386D21D54146",
"versionEndIncluding": "17.011.30066",
"versionStartIncluding": "17.011.00000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "0E4BAFB4-C5F3-4033-9876-AC3CF37206F8",
"versionEndIncluding": "15.006.30306",
"versionStartIncluding": "15.006.30060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "7C578153-11EF-4F8D-9137-4F7AB8024D7E",
"versionEndIncluding": "17.009.20058",
"versionStartIncluding": "15.007.20033",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1F87CC97-6ED7-4AF1-B7B7-F89EA09A68DB",
"versionEndIncluding": "11.0.20",
"versionStartIncluding": "11.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conversion engine when processing Enhanced Metafile Format (EMF) data related to transfer of pixel blocks. Successful exploitation could lead to arbitrary code execution."
},
{
"lang": "es",
"value": "Adobe Acrobat Reader 2017.009.20058 y anteriores, 2017.008.30051 y anteriores, 2015.006.30306 y anteriores, y 11.0.20 y anteriores tiene una vulnerabilidad de corrupci\u00f3n de memoria en el motor de conversi\u00f3n de imagen cuando procesa datos Enhanced Metafile Format (EMF) relacionados con la transferencia de bloques de p\u00edxeles. La explotaci\u00f3n con \u00e9xito de esta vulnerabilidad podr\u00eda permitir la ejecuci\u00f3n arbitraria de c\u00f3digo."
}
],
"id": "CVE-2017-11271",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-08-11T19:29:01.897",
"references": [
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/100179"
},
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039098"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/100179"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039098"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-08-11 19:29
Modified
2025-04-20 01:37
Severity ?
Summary
Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the picture exchange (PCX) file format parsing module. Successful exploitation could lead to arbitrary code execution.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| psirt@adobe.com | http://www.securityfocus.com/bid/100179 | Third Party Advisory, VDB Entry | |
| psirt@adobe.com | http://www.securitytracker.com/id/1039098 | Third Party Advisory, VDB Entry | |
| psirt@adobe.com | https://helpx.adobe.com/security/products/acrobat/apsb17-24.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/100179 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1039098 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://helpx.adobe.com/security/products/acrobat/apsb17-24.html | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * | |
| apple | mac_os_x | * | |
| microsoft | windows | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "841C1E2E-489F-452C-9512-C4976F7951ED",
"versionEndExcluding": "11.0.21",
"versionStartIncluding": "11.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "DD7E48BF-3FFF-4584-A3EF-4C3B671FF3E4",
"versionEndExcluding": "15.006.30355",
"versionStartIncluding": "15.000.0000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "AEAD8344-7386-4468-BD13-F3220B6EBA48",
"versionEndIncluding": "17.011.30066",
"versionStartIncluding": "17.000.0000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "4A939794-0D67-400D-AF40-5B09A747DA3B",
"versionEndExcluding": "17.012.20098",
"versionStartIncluding": "17.000.0000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "84C9A908-2F15-4B64-9627-32029DC93DCD",
"versionEndExcluding": "15.006.30355",
"versionStartIncluding": "15.000.0000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "28BC5560-D81A-4B5F-B38A-5BA6000E2586",
"versionEndExcluding": "17.011.30066",
"versionStartIncluding": "17.000.0000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "ADB953D4-4A78-4D43-BAD9-72BC7F3DF8D8",
"versionEndExcluding": "17.012.20098",
"versionStartIncluding": "17.000.0000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F6E71815-C6E4-465F-B484-C8C87543DEDC",
"versionEndExcluding": "11.0.21",
"versionStartIncluding": "11.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the picture exchange (PCX) file format parsing module. Successful exploitation could lead to arbitrary code execution."
},
{
"lang": "es",
"value": "Adobe Acrobat Reader 2017.009.20058 y anteriores, 2017.008.30051 y anteriores, 2015.006.30306 y anteriores, y 11.0.20 y anteriores tiene una vulnerabilidad de corrupci\u00f3n de memoria en el m\u00f3dulo de parseo de formato de archivo picture exchange (PCX). La explotaci\u00f3n con \u00e9xito de esta vulnerabilidad podr\u00eda permitir la ejecuci\u00f3n arbitraria de c\u00f3digo."
}
],
"id": "CVE-2017-3124",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-08-11T19:29:02.913",
"references": [
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/100179"
},
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039098"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/100179"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039098"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-05-11 11:00
Modified
2025-04-12 10:46
Severity ?
Summary
Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | mac_os_x | * | |
| microsoft | windows | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3A70458C-0416-49BD-A371-1CFA85DC6A13",
"versionEndIncluding": "11.0.15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "E91D5928-1453-4359-9F35-46D9A3A9CD91",
"versionEndIncluding": "15.006.30121",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "504D35C5-04CB-4FBD-B9FD-4CBA71A5EC1A",
"versionEndIncluding": "15.010.20060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "A63411C3-E8AE-415D-B1B6-1EA6AA20494A",
"versionEndIncluding": "15.006.30121",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "B33BAE59-1F77-4F21-A5C0-B5D9D1D67F1E",
"versionEndIncluding": "15.010.20060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "15C60A67-A7DE-4B57-BC2B-28D9B546DA3B",
"versionEndIncluding": "11.0.15",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105."
},
{
"lang": "es",
"value": "Adobe Reader y Acrobat en versiones anteriores a 11.0.16, Acrobat y Acrobat Reader DC Classic en versiones anteriores a 15.006.30172 y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 15.016.20039 sobre Windows y OS X permiten a atacantes ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104 y CVE-2016-4105."
}
],
"id": "CVE-2016-1127",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-05-11T11:00:36.373",
"references": [
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-05-11 11:00
Modified
2025-04-12 10:46
Severity ?
Summary
Untrusted search path vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allows local users to gain privileges via a Trojan horse resource in an unspecified directory, a different vulnerability than CVE-2016-1087 and CVE-2016-4106.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | mac_os_x | * | |
| microsoft | windows | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3A70458C-0416-49BD-A371-1CFA85DC6A13",
"versionEndIncluding": "11.0.15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "E91D5928-1453-4359-9F35-46D9A3A9CD91",
"versionEndIncluding": "15.006.30121",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "504D35C5-04CB-4FBD-B9FD-4CBA71A5EC1A",
"versionEndIncluding": "15.010.20060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "A63411C3-E8AE-415D-B1B6-1EA6AA20494A",
"versionEndIncluding": "15.006.30121",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "B33BAE59-1F77-4F21-A5C0-B5D9D1D67F1E",
"versionEndIncluding": "15.010.20060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "15C60A67-A7DE-4B57-BC2B-28D9B546DA3B",
"versionEndIncluding": "11.0.15",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Untrusted search path vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allows local users to gain privileges via a Trojan horse resource in an unspecified directory, a different vulnerability than CVE-2016-1087 and CVE-2016-4106."
},
{
"lang": "es",
"value": "Vulnerabilidad de b\u00fasqueda de ruta no confiable en Adobe Reader y Acrobat en versiones anteriores a 11.0.16, Acrobat y Acrobat Reader DC Classic en versiones anteriores a 15.006.30172 y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 15.016.20039 sobre Windows y OS X permite a usuarios locales obtener privilegios a trav\u00e9s de un recurso troyano en un directorio no especificado, una vulnerabilidad diferente a CVE-2016-1087 y CVE-2016-4106."
}
],
"evaluatorComment": "\u003ca href=\"http://cwe.mitre.org/data/definitions/426.html\"\u003eCWE-426: Untrusted Search Path\u003c/a\u003e",
"id": "CVE-2016-1090",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-05-11T11:00:00.593",
"references": [
{
"source": "psirt@adobe.com",
"url": "http://www.securityfocus.com/bid/90513"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/90513"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-05-11 10:59
Modified
2025-04-12 10:46
Severity ?
Summary
Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to bypass JavaScript API execution restrictions via unspecified vectors, a different vulnerability than CVE-2016-1038, CVE-2016-1040, CVE-2016-1041, CVE-2016-1042, CVE-2016-1044, CVE-2016-1062, and CVE-2016-1117.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | mac_os_x | * | |
| microsoft | windows | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3A70458C-0416-49BD-A371-1CFA85DC6A13",
"versionEndIncluding": "11.0.15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "E91D5928-1453-4359-9F35-46D9A3A9CD91",
"versionEndIncluding": "15.006.30121",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "504D35C5-04CB-4FBD-B9FD-4CBA71A5EC1A",
"versionEndIncluding": "15.010.20060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "A63411C3-E8AE-415D-B1B6-1EA6AA20494A",
"versionEndIncluding": "15.006.30121",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "B33BAE59-1F77-4F21-A5C0-B5D9D1D67F1E",
"versionEndIncluding": "15.010.20060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "15C60A67-A7DE-4B57-BC2B-28D9B546DA3B",
"versionEndIncluding": "11.0.15",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to bypass JavaScript API execution restrictions via unspecified vectors, a different vulnerability than CVE-2016-1038, CVE-2016-1040, CVE-2016-1041, CVE-2016-1042, CVE-2016-1044, CVE-2016-1062, and CVE-2016-1117."
},
{
"lang": "es",
"value": "Adobe Reader y Acrobat en versiones anteriores a 11.0.16, Acrobat y Acrobat Reader DC Classic en versiones anteriores a 15.006.30172 y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 15.016.20039 sobre Windows y OS X permiten a atacantes eludir restricciones de ejecuci\u00f3n de la API JavaScript a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-1038, CVE-2016-1040, CVE-2016-1041, CVE-2016-1042, CVE-2016-1044, CVE-2016-1062 y CVE-2016-1117."
}
],
"id": "CVE-2016-1039",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-05-11T10:59:02.647",
"references": [
{
"source": "psirt@adobe.com",
"url": "http://www.securityfocus.com/bid/90517"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"source": "psirt@adobe.com",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-290"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/90517"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-290"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-284"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-05-11 10:59
Modified
2025-04-12 10:46
Severity ?
Summary
Untrusted search path vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allows local users to gain privileges via a Trojan horse resource in an unspecified directory, a different vulnerability than CVE-2016-1090 and CVE-2016-4106.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | mac_os_x | * | |
| microsoft | windows | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3A70458C-0416-49BD-A371-1CFA85DC6A13",
"versionEndIncluding": "11.0.15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "E91D5928-1453-4359-9F35-46D9A3A9CD91",
"versionEndIncluding": "15.006.30121",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "504D35C5-04CB-4FBD-B9FD-4CBA71A5EC1A",
"versionEndIncluding": "15.010.20060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "A63411C3-E8AE-415D-B1B6-1EA6AA20494A",
"versionEndIncluding": "15.006.30121",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "B33BAE59-1F77-4F21-A5C0-B5D9D1D67F1E",
"versionEndIncluding": "15.010.20060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "15C60A67-A7DE-4B57-BC2B-28D9B546DA3B",
"versionEndIncluding": "11.0.15",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Untrusted search path vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allows local users to gain privileges via a Trojan horse resource in an unspecified directory, a different vulnerability than CVE-2016-1090 and CVE-2016-4106."
},
{
"lang": "es",
"value": "Vulnerabilidad de b\u00fasqueda de ruta no confiable en Adobe Reader y Acrobat en versiones anteriores a 11.0.16, Acrobat y Acrobat Reader DC Classic en versiones anteriores a 15.006.30172 y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 15.016.20039 sobre Windows y OS X permite a usuarios locales obtener privilegios a trav\u00e9s de un recurso troyano en un directorio no especificado, una vulnerabilidad diferente a CVE-2016-1090 y CVE-2016-4106."
}
],
"evaluatorComment": "\u003ca href=\"http://cwe.mitre.org/data/definitions/426.html\"\u003eCWE-426: Untrusted Search Path\u003c/a\u003e",
"id": "CVE-2016-1087",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-05-11T10:59:58.343",
"references": [
{
"source": "psirt@adobe.com",
"url": "http://www.securityfocus.com/bid/90513"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/90513"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-05-11 11:00
Modified
2025-04-12 10:46
Severity ?
Summary
Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| psirt@adobe.com | http://www.securitytracker.com/id/1035828 | Third Party Advisory, VDB Entry | |
| psirt@adobe.com | https://helpx.adobe.com/security/products/acrobat/apsb16-14.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1035828 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://helpx.adobe.com/security/products/acrobat/apsb16-14.html | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | mac_os_x | * | |
| microsoft | windows | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3A70458C-0416-49BD-A371-1CFA85DC6A13",
"versionEndIncluding": "11.0.15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "E91D5928-1453-4359-9F35-46D9A3A9CD91",
"versionEndIncluding": "15.006.30121",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "504D35C5-04CB-4FBD-B9FD-4CBA71A5EC1A",
"versionEndIncluding": "15.010.20060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "A63411C3-E8AE-415D-B1B6-1EA6AA20494A",
"versionEndIncluding": "15.006.30121",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "B33BAE59-1F77-4F21-A5C0-B5D9D1D67F1E",
"versionEndIncluding": "15.010.20060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "15C60A67-A7DE-4B57-BC2B-28D9B546DA3B",
"versionEndIncluding": "11.0.15",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105."
},
{
"lang": "es",
"value": "Adobe Reader y Acrobat en versiones anteriores a 11.0.16, Acrobat y Acrobat Reader DC Classic en versiones anteriores a 15.006.30172 y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 15.016.20039 sobre Windows y OS X permiten a atacantes ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4103, CVE-2016-4104 y CVE-2016-4105."
}
],
"id": "CVE-2016-4101",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-05-11T11:00:53.357",
"references": [
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1035828"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1035828"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-08-11 19:29
Modified
2025-04-20 01:37
Severity ?
Summary
Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conversion engine when processing Enhanced Metafile Format (EMF) data related to bitmap transformations. Successful exploitation could lead to arbitrary code execution.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| psirt@adobe.com | http://www.securityfocus.com/bid/100179 | Third Party Advisory, VDB Entry | |
| psirt@adobe.com | http://www.securitytracker.com/id/1039098 | Third Party Advisory, VDB Entry | |
| psirt@adobe.com | https://helpx.adobe.com/security/products/acrobat/apsb17-24.html | Patch, Vendor Advisory | |
| nvd@nist.gov | http://www.zerodayinitiative.com/advisories/ZDI-17-584 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/100179 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1039098 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://helpx.adobe.com/security/products/acrobat/apsb17-24.html | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| adobe | acrobat | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * | |
| apple | mac_os_x | * | |
| microsoft | windows | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A30D9514-FE2E-4A9C-9500-16890F53E970",
"versionEndIncluding": "11.0.20",
"versionStartIncluding": "11.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7C9B6745-48B3-47D5-B624-3321E9058FB6",
"versionEndIncluding": "17.011.30066",
"versionStartIncluding": "17.011.00000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "99D08096-DEEA-4409-835A-68479002FF0F",
"versionEndIncluding": "15.006.30306",
"versionStartIncluding": "15.006.30060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "C7A7FA12-9250-4E26-87AE-D5413A1B7D83",
"versionEndIncluding": "17.009.20058",
"versionStartIncluding": "15.007.20033",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "11A0E83A-9D77-4A0B-90DE-386D21D54146",
"versionEndIncluding": "17.011.30066",
"versionStartIncluding": "17.011.00000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "0E4BAFB4-C5F3-4033-9876-AC3CF37206F8",
"versionEndIncluding": "15.006.30306",
"versionStartIncluding": "15.006.30060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "7C578153-11EF-4F8D-9137-4F7AB8024D7E",
"versionEndIncluding": "17.009.20058",
"versionStartIncluding": "15.007.20033",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1F87CC97-6ED7-4AF1-B7B7-F89EA09A68DB",
"versionEndIncluding": "11.0.20",
"versionStartIncluding": "11.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conversion engine when processing Enhanced Metafile Format (EMF) data related to bitmap transformations. Successful exploitation could lead to arbitrary code execution."
},
{
"lang": "es",
"value": "Adobe Acrobat Reader 2017.009.20058 y anteriores, 2017.008.30051 y anteriores, 2015.006.30306 y anteriores, y 11.0.20 y anteriores tiene una vulnerabilidad de corrupci\u00f3n de memoria en el motor de conversi\u00f3n de imagen cuando procesa datos Enhanced Metafile Format (EMF) relacionados con transformaciones bitmap. La explotaci\u00f3n con \u00e9xito de esta vulnerabilidad podr\u00eda permitir la ejecuci\u00f3n arbitraria de c\u00f3digo."
}
],
"id": "CVE-2017-11216",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-08-11T19:29:00.383",
"references": [
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/100179"
},
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039098"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"source": "nvd@nist.gov",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-17-584"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/100179"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039098"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-05-11 11:00
Modified
2025-04-12 10:46
Severity ?
Summary
Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| psirt@adobe.com | http://www.securitytracker.com/id/1035828 | Third Party Advisory, VDB Entry | |
| psirt@adobe.com | https://helpx.adobe.com/security/products/acrobat/apsb16-14.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1035828 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://helpx.adobe.com/security/products/acrobat/apsb16-14.html | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | mac_os_x | * | |
| microsoft | windows | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3A70458C-0416-49BD-A371-1CFA85DC6A13",
"versionEndIncluding": "11.0.15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "E91D5928-1453-4359-9F35-46D9A3A9CD91",
"versionEndIncluding": "15.006.30121",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "504D35C5-04CB-4FBD-B9FD-4CBA71A5EC1A",
"versionEndIncluding": "15.010.20060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "A63411C3-E8AE-415D-B1B6-1EA6AA20494A",
"versionEndIncluding": "15.006.30121",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "B33BAE59-1F77-4F21-A5C0-B5D9D1D67F1E",
"versionEndIncluding": "15.010.20060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "15C60A67-A7DE-4B57-BC2B-28D9B546DA3B",
"versionEndIncluding": "11.0.15",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105."
},
{
"lang": "es",
"value": "Adobe Reader y Acrobat en versiones anteriores a 11.0.16, Acrobat y Acrobat Reader DC Classic en versiones anteriores a 15.006.30172 y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 15.016.20039 sobre Windows y OS X permiten a atacantes ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104 y CVE-2016-4105."
}
],
"id": "CVE-2016-4088",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-05-11T11:00:40.200",
"references": [
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1035828"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1035828"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-10-13 20:00
Modified
2025-04-12 10:46
Severity ?
Summary
Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | mac_os_x | * | |
| microsoft | windows | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CE518B7B-656F-42F8-BF38-F74B8D9CF5DE",
"versionEndIncluding": "11.0.17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "56758CE4-B394-41C2-9EF9-A00022DA7257",
"versionEndIncluding": "15.006.30201",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "B3F34EB4-2203-4BA8-9729-C1EB2DEEC334",
"versionEndIncluding": "15.017.20053",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "08EAC1A2-56CE-4375-822A-9B8C43758654",
"versionEndIncluding": "15.006.30201",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "747D8222-B077-49A3-83EB-A210CAF0D094",
"versionEndIncluding": "15.017.20053",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0A07526D-9AD0-4778-B9DC-57815F9F450F",
"versionEndIncluding": "11.0.17",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019."
},
{
"lang": "es",
"value": "Adobe Reader y Acrobat en versiones anteriores a 11.0.18, Acrobat y Acrobat Reader DC Classic en versiones anteriores a 15.006.30243 y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 15.020.20039 en Windows y OS X permiten a atacantes ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018 y CVE-2016-7019."
}
],
"id": "CVE-2016-7003",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-10-13T20:00:36.497",
"references": [
{
"source": "psirt@adobe.com",
"url": "http://www.securityfocus.com/bid/93496"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/93496"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-05-11 11:00
Modified
2025-04-12 10:46
Severity ?
Summary
Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| psirt@adobe.com | http://www.securitytracker.com/id/1035828 | Third Party Advisory, VDB Entry | |
| psirt@adobe.com | https://helpx.adobe.com/security/products/acrobat/apsb16-14.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1035828 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://helpx.adobe.com/security/products/acrobat/apsb16-14.html | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | mac_os_x | * | |
| microsoft | windows | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3A70458C-0416-49BD-A371-1CFA85DC6A13",
"versionEndIncluding": "11.0.15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "E91D5928-1453-4359-9F35-46D9A3A9CD91",
"versionEndIncluding": "15.006.30121",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "504D35C5-04CB-4FBD-B9FD-4CBA71A5EC1A",
"versionEndIncluding": "15.010.20060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "A63411C3-E8AE-415D-B1B6-1EA6AA20494A",
"versionEndIncluding": "15.006.30121",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "B33BAE59-1F77-4F21-A5C0-B5D9D1D67F1E",
"versionEndIncluding": "15.010.20060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "15C60A67-A7DE-4B57-BC2B-28D9B546DA3B",
"versionEndIncluding": "11.0.15",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105."
},
{
"lang": "es",
"value": "Adobe Reader y Acrobat en versiones anteriores a 11.0.16, Acrobat y Acrobat Reader DC Classic en versiones anteriores a 15.006.30172 y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 15.016.20039 sobre Windows y OS X permiten a atacantes ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104 y CVE-2016-4105."
}
],
"id": "CVE-2016-4096",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-05-11T11:00:47.653",
"references": [
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1035828"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1035828"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-04-12 14:59
Modified
2025-04-20 01:37
Severity ?
Summary
Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable heap overflow vulnerability in JPEG 2000 parsing of the fragment list tag. Successful exploitation could lead to arbitrary code execution.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| psirt@adobe.com | http://www.securityfocus.com/bid/97549 | Third Party Advisory, VDB Entry | |
| psirt@adobe.com | http://www.securitytracker.com/id/1038228 | ||
| psirt@adobe.com | https://helpx.adobe.com/security/products/acrobat/apsb17-11.html | Vendor Advisory | |
| nvd@nist.gov | http://www.zerodayinitiative.com/advisories/ZDI-17-280/ | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/97549 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1038228 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://helpx.adobe.com/security/products/acrobat/apsb17-11.html | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * | |
| apple | mac_os_x | * | |
| microsoft | windows | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "920C2C98-5D86-4436-BEFF-54D9A41D43C8",
"versionEndIncluding": "11.0.19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "E065F497-3396-4F95-B19F-35628C8AA570",
"versionEndIncluding": "15.006.30280",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "FAC7EE17-469A-45D6-94B1-7C84E8727A06",
"versionEndIncluding": "15.023.20070",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "EF2B91EA-41D3-4054-958C-5F174D2ADDF0",
"versionEndIncluding": "15.006.30280",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "2E18E48C-BDDD-4A01-91F1-C233D53C0978",
"versionEndIncluding": "15.023.20070",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E65E415E-1C3C-472E-9750-3295B65CC6F0",
"versionEndIncluding": "11.0.19",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable heap overflow vulnerability in JPEG 2000 parsing of the fragment list tag. Successful exploitation could lead to arbitrary code execution."
},
{
"lang": "es",
"value": "Las versiones de Adobe Acrobat Reader 11.0.19 y anteriores, 15.006.30280 y anteriores, 15.023.20070 y anteriores tienen una vulnerabilidad explotable de desbordamiento de memoria din\u00e1mica en JPEG 2000 que analiza la etiqueta de lista de fragmentos. Una explotaci\u00f3n exitosa podr\u00eda conducir a la ejecuci\u00f3n arbitraria de c\u00f3digo."
}
],
"id": "CVE-2017-3055",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-04-12T14:59:02.953",
"references": [
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/97549"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1038228"
},
{
"source": "psirt@adobe.com",
"tags": [
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
},
{
"source": "nvd@nist.gov",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-17-280/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/97549"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1038228"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-01-11 04:59
Modified
2025-04-20 01:37
Severity ?
Summary
Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable heap overflow vulnerability in the XSLT engine. Successful exploitation could lead to arbitrary code execution.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * | |
| apple | mac_os_x | * | |
| microsoft | windows | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "591061D5-5A3B-4788-9219-E6A267C7F205",
"versionEndIncluding": "11.0.18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "2DA73DF1-D517-4D01-A901-11C6A410F3F7",
"versionEndIncluding": "15.006.30244",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "1044057B-3C1D-4920-B16E-11E8F43B416D",
"versionEndIncluding": "15.020.20042",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "65AE21B3-AF0D-480B-9D1A-4D64D2F749D2",
"versionEndIncluding": "15.006.30244",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "C032D3A4-80F5-4066-97DC-3AED72D6C15A",
"versionEndIncluding": "15.020.20042",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8D7F2E90-F6DF-41A3-A1DB-26058BEA2A02",
"versionEndIncluding": "11.0.18",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable heap overflow vulnerability in the XSLT engine. Successful exploitation could lead to arbitrary code execution."
},
{
"lang": "es",
"value": "Las versiones de Adobe Acrobat Reader 15.020.20042 y anteriores, 15.006.30244 y anteriores, 11.0.18 y anteriores tienen una vulnerabilidad de desbordamiento de memoria din\u00e1mica explotable en el motor XSLT. Una explotaci\u00f3n satisfactoria podr\u00eda conducir a la ejecuci\u00f3n de c\u00f3digo arbitrario."
}
],
"id": "CVE-2017-2949",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-01-11T04:59:01.273",
"references": [
{
"source": "psirt@adobe.com",
"url": "http://www.securityfocus.com/bid/95344"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1037574"
},
{
"source": "psirt@adobe.com",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-17-005"
},
{
"source": "psirt@adobe.com",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-17-006"
},
{
"source": "psirt@adobe.com",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-17-007"
},
{
"source": "psirt@adobe.com",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-17-008"
},
{
"source": "psirt@adobe.com",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-17-009"
},
{
"source": "psirt@adobe.com",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-17-011"
},
{
"source": "psirt@adobe.com",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-17-012"
},
{
"source": "psirt@adobe.com",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-17-013"
},
{
"source": "psirt@adobe.com",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-17-015"
},
{
"source": "psirt@adobe.com",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-17-016"
},
{
"source": "psirt@adobe.com",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-17-017"
},
{
"source": "psirt@adobe.com",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-17-018"
},
{
"source": "psirt@adobe.com",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-17-019"
},
{
"source": "psirt@adobe.com",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-17-020"
},
{
"source": "psirt@adobe.com",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-17-028"
},
{
"source": "psirt@adobe.com",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-17-029"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/95344"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1037574"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-17-005"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-17-006"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-17-007"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-17-008"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-17-009"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-17-011"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-17-012"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-17-013"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-17-015"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-17-016"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-17-017"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-17-018"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-17-019"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-17-020"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-17-028"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-17-029"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-08-11 19:29
Modified
2025-04-20 01:37
Severity ?
Summary
Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conversion engine when processing Enhanced Metafile Format (EMF) data related to Bezier curves. Successful exploitation could lead to arbitrary code execution.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| psirt@adobe.com | http://www.securityfocus.com/bid/100184 | Third Party Advisory, VDB Entry | |
| psirt@adobe.com | http://www.securitytracker.com/id/1039098 | Third Party Advisory, VDB Entry | |
| psirt@adobe.com | https://helpx.adobe.com/security/products/acrobat/apsb17-24.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/100184 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1039098 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://helpx.adobe.com/security/products/acrobat/apsb17-24.html | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * | |
| apple | mac_os_x | * | |
| microsoft | windows | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "841C1E2E-489F-452C-9512-C4976F7951ED",
"versionEndExcluding": "11.0.21",
"versionStartIncluding": "11.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "DD7E48BF-3FFF-4584-A3EF-4C3B671FF3E4",
"versionEndExcluding": "15.006.30355",
"versionStartIncluding": "15.000.0000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "AEAD8344-7386-4468-BD13-F3220B6EBA48",
"versionEndIncluding": "17.011.30066",
"versionStartIncluding": "17.000.0000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "4A939794-0D67-400D-AF40-5B09A747DA3B",
"versionEndExcluding": "17.012.20098",
"versionStartIncluding": "17.000.0000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "84C9A908-2F15-4B64-9627-32029DC93DCD",
"versionEndExcluding": "15.006.30355",
"versionStartIncluding": "15.000.0000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "28BC5560-D81A-4B5F-B38A-5BA6000E2586",
"versionEndExcluding": "17.011.30066",
"versionStartIncluding": "17.000.0000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "ADB953D4-4A78-4D43-BAD9-72BC7F3DF8D8",
"versionEndExcluding": "17.012.20098",
"versionStartIncluding": "17.000.0000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F6E71815-C6E4-465F-B484-C8C87543DEDC",
"versionEndExcluding": "11.0.21",
"versionStartIncluding": "11.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conversion engine when processing Enhanced Metafile Format (EMF) data related to Bezier curves. Successful exploitation could lead to arbitrary code execution."
},
{
"lang": "es",
"value": "Adobe Acrobat Reader 2017.009.20058 y anteriores, 2017.008.30051 y anteriores, 2015.006.30306 y anteriores, y 11.0.20 y anteriores tiene una vulnerabilidad de corrupci\u00f3n de memoria en el motor de conversi\u00f3n de imagen cuando procesa datos Enhanced Metafile Format (EMF) relacionados con las curvas Bezier. La explotaci\u00f3n con \u00e9xito de esta vulnerabilidad podr\u00eda permitir la ejecuci\u00f3n arbitraria de c\u00f3digo."
}
],
"id": "CVE-2017-3122",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-08-11T19:29:02.850",
"references": [
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/100184"
},
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039098"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/100184"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039098"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-08-11 19:29
Modified
2025-04-20 01:37
Severity ?
Summary
Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conversion engine when processing Enhanced Metafile Format (EMF) data related to transformation of blocks of pixels. Successful exploitation could lead to arbitrary code execution.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| psirt@adobe.com | http://www.securityfocus.com/bid/100184 | Third Party Advisory, VDB Entry | |
| psirt@adobe.com | http://www.securitytracker.com/id/1039098 | Third Party Advisory, VDB Entry | |
| psirt@adobe.com | https://helpx.adobe.com/security/products/acrobat/apsb17-24.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/100184 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1039098 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://helpx.adobe.com/security/products/acrobat/apsb17-24.html | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| adobe | acrobat | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * | |
| apple | mac_os_x | * | |
| microsoft | windows | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A30D9514-FE2E-4A9C-9500-16890F53E970",
"versionEndIncluding": "11.0.20",
"versionStartIncluding": "11.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7C9B6745-48B3-47D5-B624-3321E9058FB6",
"versionEndIncluding": "17.011.30066",
"versionStartIncluding": "17.011.00000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "99D08096-DEEA-4409-835A-68479002FF0F",
"versionEndIncluding": "15.006.30306",
"versionStartIncluding": "15.006.30060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "C7A7FA12-9250-4E26-87AE-D5413A1B7D83",
"versionEndIncluding": "17.009.20058",
"versionStartIncluding": "15.007.20033",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "11A0E83A-9D77-4A0B-90DE-386D21D54146",
"versionEndIncluding": "17.011.30066",
"versionStartIncluding": "17.011.00000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "0E4BAFB4-C5F3-4033-9876-AC3CF37206F8",
"versionEndIncluding": "15.006.30306",
"versionStartIncluding": "15.006.30060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "7C578153-11EF-4F8D-9137-4F7AB8024D7E",
"versionEndIncluding": "17.009.20058",
"versionStartIncluding": "15.007.20033",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1F87CC97-6ED7-4AF1-B7B7-F89EA09A68DB",
"versionEndIncluding": "11.0.20",
"versionStartIncluding": "11.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conversion engine when processing Enhanced Metafile Format (EMF) data related to transformation of blocks of pixels. Successful exploitation could lead to arbitrary code execution."
},
{
"lang": "es",
"value": "Adobe Acrobat Reader 2017.009.20058 y anteriores, 2017.008.30051 y anteriores, 2015.006.30306 y anteriores, y 11.0.20 y anteriores tiene una vulnerabilidad de corrupci\u00f3n de memoria en el motor de conversi\u00f3n de imagen cuando procesa datos Enhanced Metafile Format (EMF) relacionados con la transformaci\u00f3n de bloques de p\u00edxeles. La explotaci\u00f3n con \u00e9xito de esta vulnerabilidad podr\u00eda permitir la ejecuci\u00f3n arbitraria de c\u00f3digo."
}
],
"id": "CVE-2017-11244",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-08-11T19:29:01.180",
"references": [
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/100184"
},
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039098"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/100184"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039098"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-08-11 19:29
Modified
2025-04-20 01:37
Severity ?
Summary
Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable use after free vulnerability in the XFA layout engine. Successful exploitation could lead to arbitrary code execution.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| psirt@adobe.com | http://www.securityfocus.com/bid/100182 | Third Party Advisory, VDB Entry | |
| psirt@adobe.com | http://www.securitytracker.com/id/1039098 | Third Party Advisory, VDB Entry | |
| psirt@adobe.com | https://helpx.adobe.com/security/products/acrobat/apsb17-24.html | Patch, Vendor Advisory | |
| nvd@nist.gov | http://www.zerodayinitiative.com/advisories/ZDI-17-587/ | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/100182 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1039098 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://helpx.adobe.com/security/products/acrobat/apsb17-24.html | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| adobe | acrobat | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * | |
| apple | mac_os_x | * | |
| microsoft | windows | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A30D9514-FE2E-4A9C-9500-16890F53E970",
"versionEndIncluding": "11.0.20",
"versionStartIncluding": "11.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7C9B6745-48B3-47D5-B624-3321E9058FB6",
"versionEndIncluding": "17.011.30066",
"versionStartIncluding": "17.011.00000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "99D08096-DEEA-4409-835A-68479002FF0F",
"versionEndIncluding": "15.006.30306",
"versionStartIncluding": "15.006.30060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "C7A7FA12-9250-4E26-87AE-D5413A1B7D83",
"versionEndIncluding": "17.009.20058",
"versionStartIncluding": "15.007.20033",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "11A0E83A-9D77-4A0B-90DE-386D21D54146",
"versionEndIncluding": "17.011.30066",
"versionStartIncluding": "17.011.00000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "0E4BAFB4-C5F3-4033-9876-AC3CF37206F8",
"versionEndIncluding": "15.006.30306",
"versionStartIncluding": "15.006.30060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "7C578153-11EF-4F8D-9137-4F7AB8024D7E",
"versionEndIncluding": "17.009.20058",
"versionStartIncluding": "15.007.20033",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1F87CC97-6ED7-4AF1-B7B7-F89EA09A68DB",
"versionEndIncluding": "11.0.20",
"versionStartIncluding": "11.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable use after free vulnerability in the XFA layout engine. Successful exploitation could lead to arbitrary code execution."
},
{
"lang": "es",
"value": "Adobe Acrobat Reader 2017.009.20058 y anteriores, 2017.008.30051 y anteriores, 2015.006.30306 y anteriores, y 11.0.20 y anteriores tiene una vulnerabilidad de uso de memoria antes de liberaci\u00f3n (use after free) en el motor de dise\u00f1o XFA. La explotaci\u00f3n con \u00e9xito de esta vulnerabilidad podr\u00eda permitir la ejecuci\u00f3n arbitraria de c\u00f3digo."
}
],
"id": "CVE-2017-11224",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-08-11T19:29:00.617",
"references": [
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/100182"
},
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039098"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"source": "nvd@nist.gov",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-17-587/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/100182"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039098"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-416"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-10-13 19:59
Modified
2025-04-12 10:46
Severity ?
Summary
Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | mac_os_x | * | |
| microsoft | windows | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CE518B7B-656F-42F8-BF38-F74B8D9CF5DE",
"versionEndIncluding": "11.0.17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "56758CE4-B394-41C2-9EF9-A00022DA7257",
"versionEndIncluding": "15.006.30201",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "B3F34EB4-2203-4BA8-9729-C1EB2DEEC334",
"versionEndIncluding": "15.017.20053",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "08EAC1A2-56CE-4375-822A-9B8C43758654",
"versionEndIncluding": "15.006.30201",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "747D8222-B077-49A3-83EB-A210CAF0D094",
"versionEndIncluding": "15.017.20053",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0A07526D-9AD0-4778-B9DC-57815F9F450F",
"versionEndIncluding": "11.0.17",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019."
},
{
"lang": "es",
"value": "Adobe Reader y Acrobat en versiones anteriores a 11.0.18, Acrobat y Acrobat Reader DC Classic en versiones anteriores a 15.006.30243, y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 15.020.20039 en Windows y OS X permiten a atacantes ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018 y CVE-2016-7019."
}
],
"id": "CVE-2016-6976",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-10-13T19:59:48.783",
"references": [
{
"source": "psirt@adobe.com",
"url": "http://www.securityfocus.com/bid/93496"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/93496"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-05-11 10:59
Modified
2025-04-12 10:46
Severity ?
Summary
Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to bypass JavaScript API execution restrictions via unspecified vectors, a different vulnerability than CVE-2016-1038, CVE-2016-1039, CVE-2016-1040, CVE-2016-1041, CVE-2016-1042, CVE-2016-1062, and CVE-2016-1117.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | mac_os_x | * | |
| microsoft | windows | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3A70458C-0416-49BD-A371-1CFA85DC6A13",
"versionEndIncluding": "11.0.15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "E91D5928-1453-4359-9F35-46D9A3A9CD91",
"versionEndIncluding": "15.006.30121",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "504D35C5-04CB-4FBD-B9FD-4CBA71A5EC1A",
"versionEndIncluding": "15.010.20060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "A63411C3-E8AE-415D-B1B6-1EA6AA20494A",
"versionEndIncluding": "15.006.30121",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "B33BAE59-1F77-4F21-A5C0-B5D9D1D67F1E",
"versionEndIncluding": "15.010.20060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "15C60A67-A7DE-4B57-BC2B-28D9B546DA3B",
"versionEndIncluding": "11.0.15",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to bypass JavaScript API execution restrictions via unspecified vectors, a different vulnerability than CVE-2016-1038, CVE-2016-1039, CVE-2016-1040, CVE-2016-1041, CVE-2016-1042, CVE-2016-1062, and CVE-2016-1117."
},
{
"lang": "es",
"value": "Adobe Reader y Acrobat en versiones anteriores a 11.0.16, Acrobat y Acrobat Reader DC Classic en versiones anteriores a 15.006.30172 y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 15.016.20039 sobre Windows y OS X permiten a atacantes eludir restricciones de ejecuci\u00f3n de la API JavaScript a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-1038, CVE-2016-1039, CVE-2016-1040, CVE-2016-1041, CVE-2016-1042, CVE-2016-1062 y CVE-2016-1117."
}
],
"id": "CVE-2016-1044",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 10.0,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.0,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-05-11T10:59:08.630",
"references": [
{
"source": "psirt@adobe.com",
"url": "http://www.securityfocus.com/bid/90517"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"source": "psirt@adobe.com",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-291"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/90517"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-291"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-284"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-08-11 19:29
Modified
2025-04-20 01:37
Severity ?
Summary
Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conversion engine when processing Enhanced Metafile Format (EMF) private JPEG data. Successful exploitation could lead to arbitrary code execution.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| psirt@adobe.com | http://www.securityfocus.com/bid/100179 | Third Party Advisory, VDB Entry | |
| psirt@adobe.com | http://www.securitytracker.com/id/1039098 | Third Party Advisory, VDB Entry | |
| psirt@adobe.com | https://helpx.adobe.com/security/products/acrobat/apsb17-24.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/100179 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1039098 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://helpx.adobe.com/security/products/acrobat/apsb17-24.html | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| adobe | acrobat | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * | |
| apple | mac_os_x | * | |
| microsoft | windows | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A30D9514-FE2E-4A9C-9500-16890F53E970",
"versionEndIncluding": "11.0.20",
"versionStartIncluding": "11.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7C9B6745-48B3-47D5-B624-3321E9058FB6",
"versionEndIncluding": "17.011.30066",
"versionStartIncluding": "17.011.00000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "99D08096-DEEA-4409-835A-68479002FF0F",
"versionEndIncluding": "15.006.30306",
"versionStartIncluding": "15.006.30060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "E40A408B-E6BB-44C4-85D4-DB2055B2441F",
"versionEndIncluding": "17.009.20058",
"versionStartIncluding": "17.009.20044",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "11A0E83A-9D77-4A0B-90DE-386D21D54146",
"versionEndIncluding": "17.011.30066",
"versionStartIncluding": "17.011.00000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "0E4BAFB4-C5F3-4033-9876-AC3CF37206F8",
"versionEndIncluding": "15.006.30306",
"versionStartIncluding": "15.006.30060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "19009758-09C7-479F-B43B-72C748934C5A",
"versionEndIncluding": "17.009.20058",
"versionStartIncluding": "17.009.20044",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1F87CC97-6ED7-4AF1-B7B7-F89EA09A68DB",
"versionEndIncluding": "11.0.20",
"versionStartIncluding": "11.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conversion engine when processing Enhanced Metafile Format (EMF) private JPEG data. Successful exploitation could lead to arbitrary code execution."
},
{
"lang": "es",
"value": "Adobe Acrobat Reader 2017.009.20058 y anteriores, 2017.008.30051 y anteriores, 2015.006.30306 y anteriores, y 11.0.20 y anteriores tiene una vulnerabilidad de corrupci\u00f3n de memoria en el motor de conversi\u00f3n de imagen cuando procesa datos privados JPEG Enhanced Metafile Format (EMF). La explotaci\u00f3n con \u00e9xito de esta vulnerabilidad podr\u00eda permitir la ejecuci\u00f3n arbitraria de c\u00f3digo."
}
],
"id": "CVE-2017-11268",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-08-11T19:29:01.803",
"references": [
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/100179"
},
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039098"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/100179"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039098"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-08-11 19:29
Modified
2025-04-20 01:37
Severity ?
Summary
Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the JPEG 2000 parsing module. Successful exploitation could lead to arbitrary code execution.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| psirt@adobe.com | http://www.securityfocus.com/bid/100179 | Third Party Advisory, VDB Entry | |
| psirt@adobe.com | http://www.securitytracker.com/id/1039098 | Third Party Advisory, VDB Entry | |
| psirt@adobe.com | https://helpx.adobe.com/security/products/acrobat/apsb17-24.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/100179 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1039098 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://helpx.adobe.com/security/products/acrobat/apsb17-24.html | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| adobe | acrobat | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * | |
| apple | mac_os_x | * | |
| microsoft | windows | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A30D9514-FE2E-4A9C-9500-16890F53E970",
"versionEndIncluding": "11.0.20",
"versionStartIncluding": "11.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7C9B6745-48B3-47D5-B624-3321E9058FB6",
"versionEndIncluding": "17.011.30066",
"versionStartIncluding": "17.011.00000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "99D08096-DEEA-4409-835A-68479002FF0F",
"versionEndIncluding": "15.006.30306",
"versionStartIncluding": "15.006.30060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "C7A7FA12-9250-4E26-87AE-D5413A1B7D83",
"versionEndIncluding": "17.009.20058",
"versionStartIncluding": "15.007.20033",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "11A0E83A-9D77-4A0B-90DE-386D21D54146",
"versionEndIncluding": "17.011.30066",
"versionStartIncluding": "17.011.00000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "0E4BAFB4-C5F3-4033-9876-AC3CF37206F8",
"versionEndIncluding": "15.006.30306",
"versionStartIncluding": "15.006.30060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "7C578153-11EF-4F8D-9137-4F7AB8024D7E",
"versionEndIncluding": "17.009.20058",
"versionStartIncluding": "15.007.20033",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1F87CC97-6ED7-4AF1-B7B7-F89EA09A68DB",
"versionEndIncluding": "11.0.20",
"versionStartIncluding": "11.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the JPEG 2000 parsing module. Successful exploitation could lead to arbitrary code execution."
},
{
"lang": "es",
"value": "Adobe Acrobat Reader 2017.009.20058 y anteriores, 2017.008.30051 y anteriores, 2015.006.30306 y anteriores, y 11.0.20 y anteriores tiene una vulnerabilidad de corrupci\u00f3n de memoria en el m\u00f3dulo de parseo JPEG 2000. La explotaci\u00f3n con \u00e9xito de esta vulnerabilidad podr\u00eda permitir la ejecuci\u00f3n arbitraria de c\u00f3digo."
}
],
"id": "CVE-2017-11251",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-08-11T19:29:01.367",
"references": [
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/100179"
},
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039098"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/100179"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039098"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-07-13 02:00
Modified
2025-04-12 10:46
Severity ?
Summary
Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4191, CVE-2016-4192, CVE-2016-4193, CVE-2016-4194, CVE-2016-4195, CVE-2016-4196, CVE-2016-4197, CVE-2016-4198, CVE-2016-4199, CVE-2016-4200, CVE-2016-4201, CVE-2016-4202, CVE-2016-4203, CVE-2016-4204, CVE-2016-4205, CVE-2016-4206, CVE-2016-4207, CVE-2016-4208, CVE-2016-4211, CVE-2016-4212, CVE-2016-4213, CVE-2016-4214, CVE-2016-4250, CVE-2016-4251, and CVE-2016-4252.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | mac_os_x | * | |
| microsoft | windows | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "48F7FCE4-6C44-45DA-B1F0-7808F497AA93",
"versionEndIncluding": "11.0.16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "3F3C7F23-77F4-4698-8E74-72917F2A83E9",
"versionEndIncluding": "15.006.30174",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "2E46BF91-F475-46CB-8575-13FE3A57BD55",
"versionEndIncluding": "15.016.20045",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "6D455EA4-9459-471D-8B4E-D7D78C1772F3",
"versionEndIncluding": "15.006.30174",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "79074ABD-9720-4298-A680-0B636FFC6151",
"versionEndIncluding": "15.016.20045",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CD2EDEC-3767-4713-ACD7-D463DAE2D273",
"versionEndIncluding": "11.0.16",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4191, CVE-2016-4192, CVE-2016-4193, CVE-2016-4194, CVE-2016-4195, CVE-2016-4196, CVE-2016-4197, CVE-2016-4198, CVE-2016-4199, CVE-2016-4200, CVE-2016-4201, CVE-2016-4202, CVE-2016-4203, CVE-2016-4204, CVE-2016-4205, CVE-2016-4206, CVE-2016-4207, CVE-2016-4208, CVE-2016-4211, CVE-2016-4212, CVE-2016-4213, CVE-2016-4214, CVE-2016-4250, CVE-2016-4251, and CVE-2016-4252."
},
{
"lang": "es",
"value": "Adobe Reader y Acrobat en versiones anteriores a 11.0.17, Acrobat y Acrobat Reader DC Classic en versiones anteriores a 15.006.30198 y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 15.017.20050 en Windows y OS X permiten a atacantes ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-4191, CVE-2016-4192, CVE-2016-4193, CVE-2016-4194, CVE-2016-4195, CVE-2016-4196, CVE-2016-4197, CVE-2016-4198, CVE-2016-4199, CVE-2016-4200, CVE-2016-4201, CVE-2016-4202, CVE-2016-4203, CVE-2016-4204, CVE-2016-4205, CVE-2016-4206, CVE-2016-4207, CVE-2016-4208, CVE-2016-4211, CVE-2016-4212, CVE-2016-4213, CVE-2016-4214, CVE-2016-4250, CVE-2016-4251 y CVE-2016-4252."
}
],
"id": "CVE-2016-4254",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-07-13T02:00:59.423",
"references": [
{
"source": "psirt@adobe.com",
"url": "http://www.securityfocus.com/bid/91716"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1036281"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/91716"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1036281"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-10-13 19:59
Modified
2025-04-12 10:46
Severity ?
Summary
Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1089, CVE-2016-1091, CVE-2016-6944, CVE-2016-6945, CVE-2016-6946, CVE-2016-6949, CVE-2016-6952, CVE-2016-6953, CVE-2016-6961, CVE-2016-6962, CVE-2016-6963, CVE-2016-6964, CVE-2016-6965, CVE-2016-6967, CVE-2016-6968, CVE-2016-6969, CVE-2016-6979, CVE-2016-6988, and CVE-2016-6993.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | mac_os_x | * | |
| microsoft | windows | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CE518B7B-656F-42F8-BF38-F74B8D9CF5DE",
"versionEndIncluding": "11.0.17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "56758CE4-B394-41C2-9EF9-A00022DA7257",
"versionEndIncluding": "15.006.30201",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "B3F34EB4-2203-4BA8-9729-C1EB2DEEC334",
"versionEndIncluding": "15.017.20053",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "08EAC1A2-56CE-4375-822A-9B8C43758654",
"versionEndIncluding": "15.006.30201",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "747D8222-B077-49A3-83EB-A210CAF0D094",
"versionEndIncluding": "15.017.20053",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0A07526D-9AD0-4778-B9DC-57815F9F450F",
"versionEndIncluding": "11.0.17",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1089, CVE-2016-1091, CVE-2016-6944, CVE-2016-6945, CVE-2016-6946, CVE-2016-6949, CVE-2016-6952, CVE-2016-6953, CVE-2016-6961, CVE-2016-6962, CVE-2016-6963, CVE-2016-6964, CVE-2016-6965, CVE-2016-6967, CVE-2016-6968, CVE-2016-6969, CVE-2016-6979, CVE-2016-6988, and CVE-2016-6993."
},
{
"lang": "es",
"value": "Vulnerabilidad de uso despu\u00e9s de liberaci\u00f3n de memoria en Adobe Reader y Acrobat en versiones anteriores a 11.0.18, Acrobat y Acrobat Reader DC Classic en versiones anteriores a 15.006.30243, y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 15.020.20039 en Windows y OS X permite a atacantes ejecutar c\u00f3digo arbitrario a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-1089, CVE-2016-1091, CVE-2016-6944, CVE-2016-6945, CVE-2016-6946, CVE-2016-6949, CVE-2016-6952, CVE-2016-6953, CVE-2016-6961, CVE-2016-6962, CVE-2016-6963, CVE-2016-6964, CVE-2016-6965, CVE-2016-6967, CVE-2016-6968, CVE-2016-6969, CVE-2016-6979, CVE-2016-6988 y CVE-2016-6993."
}
],
"id": "CVE-2016-6971",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-10-13T19:59:43.253",
"references": [
{
"source": "psirt@adobe.com",
"url": "http://www.securityfocus.com/bid/93491"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/93491"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-416"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-10-13 20:00
Modified
2025-04-12 10:46
Severity ?
Summary
Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | mac_os_x | * | |
| microsoft | windows | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CE518B7B-656F-42F8-BF38-F74B8D9CF5DE",
"versionEndIncluding": "11.0.17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "56758CE4-B394-41C2-9EF9-A00022DA7257",
"versionEndIncluding": "15.006.30201",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "B3F34EB4-2203-4BA8-9729-C1EB2DEEC334",
"versionEndIncluding": "15.017.20053",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "08EAC1A2-56CE-4375-822A-9B8C43758654",
"versionEndIncluding": "15.006.30201",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "747D8222-B077-49A3-83EB-A210CAF0D094",
"versionEndIncluding": "15.017.20053",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0A07526D-9AD0-4778-B9DC-57815F9F450F",
"versionEndIncluding": "11.0.17",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019."
},
{
"lang": "es",
"value": "Adobe Reader y Acrobat en versiones anteriores a 11.0.18, Acrobat y Acrobat Reader DC Classic en versiones anteriores a 15.006.30243 y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 15.020.20039 en Windows y OS X permiten a atacantes ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018 y CVE-2016-7019."
}
],
"id": "CVE-2016-7015",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-10-13T20:00:55.933",
"references": [
{
"source": "psirt@adobe.com",
"url": "http://www.securityfocus.com/bid/93496"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/93496"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-08-11 19:29
Modified
2025-04-20 01:37
Severity ?
Summary
Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the Enhanced Metafile Format (EMF) parser. Successful exploitation could lead to arbitrary code execution.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| psirt@adobe.com | http://www.securityfocus.com/bid/100180 | Third Party Advisory, VDB Entry | |
| psirt@adobe.com | http://www.securitytracker.com/id/1039098 | Third Party Advisory, VDB Entry | |
| psirt@adobe.com | https://helpx.adobe.com/security/products/acrobat/apsb17-24.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/100180 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1039098 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://helpx.adobe.com/security/products/acrobat/apsb17-24.html | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * | |
| apple | mac_os_x | * | |
| microsoft | windows | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "841C1E2E-489F-452C-9512-C4976F7951ED",
"versionEndExcluding": "11.0.21",
"versionStartIncluding": "11.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "DD7E48BF-3FFF-4584-A3EF-4C3B671FF3E4",
"versionEndExcluding": "15.006.30355",
"versionStartIncluding": "15.000.0000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "AEAD8344-7386-4468-BD13-F3220B6EBA48",
"versionEndIncluding": "17.011.30066",
"versionStartIncluding": "17.000.0000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "4A939794-0D67-400D-AF40-5B09A747DA3B",
"versionEndExcluding": "17.012.20098",
"versionStartIncluding": "17.000.0000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "84C9A908-2F15-4B64-9627-32029DC93DCD",
"versionEndExcluding": "15.006.30355",
"versionStartIncluding": "15.000.0000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "28BC5560-D81A-4B5F-B38A-5BA6000E2586",
"versionEndExcluding": "17.011.30066",
"versionStartIncluding": "17.000.0000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "ADB953D4-4A78-4D43-BAD9-72BC7F3DF8D8",
"versionEndExcluding": "17.012.20098",
"versionStartIncluding": "17.000.0000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F6E71815-C6E4-465F-B484-C8C87543DEDC",
"versionEndExcluding": "11.0.21",
"versionStartIncluding": "11.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the Enhanced Metafile Format (EMF) parser. Successful exploitation could lead to arbitrary code execution."
},
{
"lang": "es",
"value": "Adobe Acrobat Reader 2017.009.20058 y anteriores, 2017.008.30051 y anteriores, 2015.006.30306 y anteriores, y 11.0.20 y anteriores tiene una vulnerabilidad de corrupci\u00f3n de memoria en el parser Enhanced Metafile Format (EMF). La explotaci\u00f3n con \u00e9xito de esta vulnerabilidad podr\u00eda permitir la ejecuci\u00f3n arbitraria de c\u00f3digo."
}
],
"id": "CVE-2017-3121",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-08-11T19:29:02.820",
"references": [
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/100180"
},
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039098"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/100180"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039098"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-08-11 19:29
Modified
2025-04-20 01:37
Severity ?
Summary
Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an information disclosure vulnerability when handling links in a PDF document.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| psirt@adobe.com | http://www.securityfocus.com/bid/100187 | Third Party Advisory, VDB Entry | |
| psirt@adobe.com | http://www.securitytracker.com/id/1039098 | Third Party Advisory, VDB Entry | |
| psirt@adobe.com | https://helpx.adobe.com/security/products/acrobat/apsb17-24.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/100187 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1039098 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://helpx.adobe.com/security/products/acrobat/apsb17-24.html | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * | |
| apple | mac_os_x | * | |
| microsoft | windows | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "841C1E2E-489F-452C-9512-C4976F7951ED",
"versionEndExcluding": "11.0.21",
"versionStartIncluding": "11.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "DD7E48BF-3FFF-4584-A3EF-4C3B671FF3E4",
"versionEndExcluding": "15.006.30355",
"versionStartIncluding": "15.000.0000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "AEAD8344-7386-4468-BD13-F3220B6EBA48",
"versionEndIncluding": "17.011.30066",
"versionStartIncluding": "17.000.0000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "4A939794-0D67-400D-AF40-5B09A747DA3B",
"versionEndExcluding": "17.012.20098",
"versionStartIncluding": "17.000.0000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "84C9A908-2F15-4B64-9627-32029DC93DCD",
"versionEndExcluding": "15.006.30355",
"versionStartIncluding": "15.000.0000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "28BC5560-D81A-4B5F-B38A-5BA6000E2586",
"versionEndExcluding": "17.011.30066",
"versionStartIncluding": "17.000.0000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "ADB953D4-4A78-4D43-BAD9-72BC7F3DF8D8",
"versionEndExcluding": "17.012.20098",
"versionStartIncluding": "17.000.0000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F6E71815-C6E4-465F-B484-C8C87543DEDC",
"versionEndExcluding": "11.0.21",
"versionStartIncluding": "11.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an information disclosure vulnerability when handling links in a PDF document."
},
{
"lang": "es",
"value": "Adobe Acrobat Reader 2017.009.20058 y anteriores, 2017.008.30051 y anteriores, 2015.006.30306 y anteriores, y 11.0.20 y anteriores tiene una vulnerabilidad de revelaci\u00f3n de informaci\u00f3n cuando gestiona enlaces en un documento PDF."
}
],
"id": "CVE-2017-3115",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-08-11T19:29:02.540",
"references": [
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/100187"
},
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039098"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/100187"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039098"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2012-01-10 21:55
Modified
2025-04-11 00:51
Severity ?
Summary
Adobe Reader and Acrobat before 9.5, and 10.x before 10.1.2, on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-4370 and CVE-2011-4372.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| psirt@adobe.com | http://www.adobe.com/support/security/bulletins/apsb12-01.html | Patch, Vendor Advisory | |
| psirt@adobe.com | http://www.securityfocus.com/bid/51350 | Broken Link, VDB Entry | |
| psirt@adobe.com | http://www.securitytracker.com/id?1026496 | Broken Link, VDB Entry | |
| psirt@adobe.com | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14615 | Third Party Advisory, Tool Signature | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.adobe.com/support/security/bulletins/apsb12-01.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/51350 | Broken Link, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id?1026496 | Broken Link, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14615 | Third Party Advisory, Tool Signature |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A70868B3-F3C5-4DC0-9013-78E77F424109",
"versionEndIncluding": "10.1.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EA1F1816-CFFC-45BF-A193-35F4A07C2EF7",
"versionEndIncluding": "10.1.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4C56F007-5F8E-4BDD-A803-C907BCC0AF55",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E63E65B1-5E44-4ADD-A692-20877FA22057",
"versionEndIncluding": "9.4.6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:9.4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "314014C8-527A-4D6D-B9BF-30084178C9B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "45B31326-A27E-42EA-B8D6-FE7165111A55",
"versionEndIncluding": "9.4.6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:9.4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "F1DE8E04-ACEC-4D43-B65C-C74C8020FB50",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "758BD624-4D03-40C9-8F03-F0F9A7A5DE99",
"versionEndIncluding": "9.4.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:9.4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "0335CEAA-ED55-46AA-98D9-693733CDA68C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BCAF5003-4BF0-4C1B-A153-9FC76D64CB44",
"versionEndIncluding": "9.4.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:9.4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "8C2303F4-5AD9-4863-A42B-FBB618AB73DD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*",
"matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 9.5, and 10.x before 10.1.2, on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-4370 and CVE-2011-4372."
},
{
"lang": "es",
"value": "Adobe Reader y Adobe Acrobat antes de v9.5, y v10.x antes de v10.1.2, en Windows y Mac OS X permite a los atacantes ejecutar c\u00f3digo de su elecci\u00f3n o causar una denegaci\u00f3n de servicio (por corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados. Se trata de una vulnerabilidad diferente a CVE-2011-4370 y CVE-2011-4372."
}
],
"id": "CVE-2011-4373",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2012-01-10T21:55:03.637",
"references": [
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.adobe.com/support/security/bulletins/apsb12-01.html"
},
{
"source": "psirt@adobe.com",
"tags": [
"Broken Link",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/51350"
},
{
"source": "psirt@adobe.com",
"tags": [
"Broken Link",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id?1026496"
},
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"Tool Signature"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14615"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.adobe.com/support/security/bulletins/apsb12-01.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/51350"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id?1026496"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"Tool Signature"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14615"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-08-11 19:29
Modified
2025-04-20 01:37
Severity ?
Summary
Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conversion engine when parsing JPEG data. Successful exploitation could lead to arbitrary code execution.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| psirt@adobe.com | http://www.securityfocus.com/bid/100184 | Third Party Advisory, VDB Entry | |
| psirt@adobe.com | http://www.securitytracker.com/id/1039098 | Third Party Advisory, VDB Entry | |
| psirt@adobe.com | https://helpx.adobe.com/security/products/acrobat/apsb17-24.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/100184 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1039098 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://helpx.adobe.com/security/products/acrobat/apsb17-24.html | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| adobe | acrobat | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * | |
| apple | mac_os_x | * | |
| microsoft | windows | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A30D9514-FE2E-4A9C-9500-16890F53E970",
"versionEndIncluding": "11.0.20",
"versionStartIncluding": "11.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7C9B6745-48B3-47D5-B624-3321E9058FB6",
"versionEndIncluding": "17.011.30066",
"versionStartIncluding": "17.011.00000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "99D08096-DEEA-4409-835A-68479002FF0F",
"versionEndIncluding": "15.006.30306",
"versionStartIncluding": "15.006.30060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "C7A7FA12-9250-4E26-87AE-D5413A1B7D83",
"versionEndIncluding": "17.009.20058",
"versionStartIncluding": "15.007.20033",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "11A0E83A-9D77-4A0B-90DE-386D21D54146",
"versionEndIncluding": "17.011.30066",
"versionStartIncluding": "17.011.00000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "0E4BAFB4-C5F3-4033-9876-AC3CF37206F8",
"versionEndIncluding": "15.006.30306",
"versionStartIncluding": "15.006.30060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "7C578153-11EF-4F8D-9137-4F7AB8024D7E",
"versionEndIncluding": "17.009.20058",
"versionStartIncluding": "15.007.20033",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1F87CC97-6ED7-4AF1-B7B7-F89EA09A68DB",
"versionEndIncluding": "11.0.20",
"versionStartIncluding": "11.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conversion engine when parsing JPEG data. Successful exploitation could lead to arbitrary code execution."
},
{
"lang": "es",
"value": "Adobe Acrobat Reader 2017.009.20058 y anteriores, 2017.008.30051 y anteriores, 2015.006.30306 y anteriores, y 11.0.20 y anteriores tiene una vulnerabilidad de corrupci\u00f3n de memoria en el motor de conversi\u00f3n de im\u00e1genes cuando parsea datos JPEG. La explotaci\u00f3n con \u00e9xito de esta vulnerabilidad podr\u00eda permitir la ejecuci\u00f3n arbitraria de c\u00f3digo."
}
],
"id": "CVE-2017-11246",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-08-11T19:29:01.243",
"references": [
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/100184"
},
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039098"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/100184"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039098"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-10-13 20:00
Modified
2025-04-12 10:46
Severity ?
Summary
Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1089, CVE-2016-1091, CVE-2016-6944, CVE-2016-6945, CVE-2016-6946, CVE-2016-6949, CVE-2016-6952, CVE-2016-6953, CVE-2016-6961, CVE-2016-6962, CVE-2016-6963, CVE-2016-6964, CVE-2016-6965, CVE-2016-6967, CVE-2016-6968, CVE-2016-6969, CVE-2016-6971, CVE-2016-6979, and CVE-2016-6993.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | mac_os_x | * | |
| microsoft | windows | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CE518B7B-656F-42F8-BF38-F74B8D9CF5DE",
"versionEndIncluding": "11.0.17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "56758CE4-B394-41C2-9EF9-A00022DA7257",
"versionEndIncluding": "15.006.30201",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "B3F34EB4-2203-4BA8-9729-C1EB2DEEC334",
"versionEndIncluding": "15.017.20053",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "08EAC1A2-56CE-4375-822A-9B8C43758654",
"versionEndIncluding": "15.006.30201",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "747D8222-B077-49A3-83EB-A210CAF0D094",
"versionEndIncluding": "15.017.20053",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0A07526D-9AD0-4778-B9DC-57815F9F450F",
"versionEndIncluding": "11.0.17",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1089, CVE-2016-1091, CVE-2016-6944, CVE-2016-6945, CVE-2016-6946, CVE-2016-6949, CVE-2016-6952, CVE-2016-6953, CVE-2016-6961, CVE-2016-6962, CVE-2016-6963, CVE-2016-6964, CVE-2016-6965, CVE-2016-6967, CVE-2016-6968, CVE-2016-6969, CVE-2016-6971, CVE-2016-6979, and CVE-2016-6993."
},
{
"lang": "es",
"value": "Vulnerabilidad de uso despu\u00e9s de liberaci\u00f3n de memoria en Adobe Reader y Acrobat en versiones anteriores a 11.0.18, Acrobat y Acrobat Reader DC Classic en versiones anteriores a 15.006.30243 y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 15.020.20039 en Windows y OS X permite a atacantes ejecutar c\u00f3digo arbitrario a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-1089, CVE-2016-1091, CVE-2016-6944, CVE-2016-6945, CVE-2016-6946, CVE-2016-6949, CVE-2016-6952, CVE-2016-6953, CVE-2016-6961, CVE-2016-6962, CVE-2016-6963, CVE-2016-6964, CVE-2016-6965, CVE-2016-6967, CVE-2016-6968, CVE-2016-6969, CVE-2016-6971, CVE-2016-6979 y CVE-2016-6993."
}
],
"id": "CVE-2016-6988",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-10-13T20:00:01.463",
"references": [
{
"source": "psirt@adobe.com",
"url": "http://www.securityfocus.com/bid/93491"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/93491"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-416"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-08-11 19:29
Modified
2025-04-20 01:37
Severity ?
Summary
Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the font parsing module. Successful exploitation could lead to arbitrary code execution.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| psirt@adobe.com | http://www.securityfocus.com/bid/100179 | Third Party Advisory, VDB Entry | |
| psirt@adobe.com | http://www.securitytracker.com/id/1039098 | Third Party Advisory, VDB Entry | |
| psirt@adobe.com | https://helpx.adobe.com/security/products/acrobat/apsb17-24.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/100179 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1039098 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://helpx.adobe.com/security/products/acrobat/apsb17-24.html | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| adobe | acrobat | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * | |
| apple | mac_os_x | * | |
| microsoft | windows | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A30D9514-FE2E-4A9C-9500-16890F53E970",
"versionEndIncluding": "11.0.20",
"versionStartIncluding": "11.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7C9B6745-48B3-47D5-B624-3321E9058FB6",
"versionEndIncluding": "17.011.30066",
"versionStartIncluding": "17.011.00000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "99D08096-DEEA-4409-835A-68479002FF0F",
"versionEndIncluding": "15.006.30306",
"versionStartIncluding": "15.006.30060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "C7A7FA12-9250-4E26-87AE-D5413A1B7D83",
"versionEndIncluding": "17.009.20058",
"versionStartIncluding": "15.007.20033",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "11A0E83A-9D77-4A0B-90DE-386D21D54146",
"versionEndIncluding": "17.011.30066",
"versionStartIncluding": "17.011.00000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "0E4BAFB4-C5F3-4033-9876-AC3CF37206F8",
"versionEndIncluding": "15.006.30306",
"versionStartIncluding": "15.006.30060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "7C578153-11EF-4F8D-9137-4F7AB8024D7E",
"versionEndIncluding": "17.009.20058",
"versionStartIncluding": "15.007.20033",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1F87CC97-6ED7-4AF1-B7B7-F89EA09A68DB",
"versionEndIncluding": "11.0.20",
"versionStartIncluding": "11.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the font parsing module. Successful exploitation could lead to arbitrary code execution."
},
{
"lang": "es",
"value": "Adobe Acrobat Reader 2017.009.20058 y anteriores, 2017.008.30051 y anteriores, 2015.006.30306 y anteriores, y 11.0.20 y anteriores tiene una vulnerabilidad de corrupci\u00f3n de memoria en el m\u00f3dulo de parseo de fuentes. La explotaci\u00f3n con \u00e9xito de esta vulnerabilidad podr\u00eda permitir la ejecuci\u00f3n arbitraria de c\u00f3digo."
}
],
"id": "CVE-2017-11237",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-08-11T19:29:01.007",
"references": [
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/100179"
},
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039098"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/100179"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039098"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-05-11 10:59
Modified
2025-04-12 10:46
Severity ?
Summary
Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1045, CVE-2016-1046, CVE-2016-1047, CVE-2016-1048, CVE-2016-1049, CVE-2016-1050, CVE-2016-1051, CVE-2016-1052, CVE-2016-1053, CVE-2016-1054, CVE-2016-1056, CVE-2016-1057, CVE-2016-1058, CVE-2016-1059, CVE-2016-1060, CVE-2016-1061, CVE-2016-1065, CVE-2016-1066, CVE-2016-1067, CVE-2016-1068, CVE-2016-1069, CVE-2016-1070, CVE-2016-1075, CVE-2016-1094, CVE-2016-1121, CVE-2016-1122, CVE-2016-4102, and CVE-2016-4107.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | mac_os_x | * | |
| microsoft | windows | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3A70458C-0416-49BD-A371-1CFA85DC6A13",
"versionEndIncluding": "11.0.15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "E91D5928-1453-4359-9F35-46D9A3A9CD91",
"versionEndIncluding": "15.006.30121",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "504D35C5-04CB-4FBD-B9FD-4CBA71A5EC1A",
"versionEndIncluding": "15.010.20060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "A63411C3-E8AE-415D-B1B6-1EA6AA20494A",
"versionEndIncluding": "15.006.30121",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "B33BAE59-1F77-4F21-A5C0-B5D9D1D67F1E",
"versionEndIncluding": "15.010.20060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "15C60A67-A7DE-4B57-BC2B-28D9B546DA3B",
"versionEndIncluding": "11.0.15",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1045, CVE-2016-1046, CVE-2016-1047, CVE-2016-1048, CVE-2016-1049, CVE-2016-1050, CVE-2016-1051, CVE-2016-1052, CVE-2016-1053, CVE-2016-1054, CVE-2016-1056, CVE-2016-1057, CVE-2016-1058, CVE-2016-1059, CVE-2016-1060, CVE-2016-1061, CVE-2016-1065, CVE-2016-1066, CVE-2016-1067, CVE-2016-1068, CVE-2016-1069, CVE-2016-1070, CVE-2016-1075, CVE-2016-1094, CVE-2016-1121, CVE-2016-1122, CVE-2016-4102, and CVE-2016-4107."
},
{
"lang": "es",
"value": "Vulnerabilidad de uso despu\u00e9s de liberaci\u00f3n de memoria en Adobe Reader y Acrobat en versiones anteriores a 11.0.16, Acrobat y Acrobat Reader DC Classic en versiones anteriores a 15.006.30172 y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 15.016.20039 sobre Windows y OS X permite a atacantes ejecutar c\u00f3digo arbitrario a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-1045, CVE-2016-1046, CVE-2016-1047, CVE-2016-1048, CVE-2016-1049, CVE-2016-1050, CVE-2016-1051, CVE-2016-1052, CVE-2016-1053, CVE-2016-1054, CVE-2016-1056, CVE-2016-1057, CVE-2016-1058, CVE-2016-1059, CVE-2016-1060, CVE-2016-1061, CVE-2016-1065, CVE-2016-1066, CVE-2016-1067, CVE-2016-1068, CVE-2016-1069, CVE-2016-1070, CVE-2016-1075, CVE-2016-1094, CVE-2016-1121, CVE-2016-1122, CVE-2016-4102 y CVE-2016-4107."
}
],
"evaluatorComment": "\u003ca href=\"http://cwe.mitre.org/data/definitions/416.html\"\u003eCWE-416: Use After Free\u003c/a\u003e",
"id": "CVE-2016-1055",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-05-11T10:59:21.223",
"references": [
{
"source": "psirt@adobe.com",
"url": "http://www.securityfocus.com/bid/90512"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"source": "psirt@adobe.com",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-303"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/90512"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-303"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-05-11 11:00
Modified
2025-04-12 10:46
Severity ?
Summary
Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | mac_os_x | * | |
| microsoft | windows | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3A70458C-0416-49BD-A371-1CFA85DC6A13",
"versionEndIncluding": "11.0.15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "E91D5928-1453-4359-9F35-46D9A3A9CD91",
"versionEndIncluding": "15.006.30121",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "504D35C5-04CB-4FBD-B9FD-4CBA71A5EC1A",
"versionEndIncluding": "15.010.20060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "A63411C3-E8AE-415D-B1B6-1EA6AA20494A",
"versionEndIncluding": "15.006.30121",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "B33BAE59-1F77-4F21-A5C0-B5D9D1D67F1E",
"versionEndIncluding": "15.010.20060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "15C60A67-A7DE-4B57-BC2B-28D9B546DA3B",
"versionEndIncluding": "11.0.15",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105."
},
{
"lang": "es",
"value": "Adobe Reader y Acrobat en versiones anteriores a 11.0.16, Acrobat y Acrobat Reader DC Classic en versiones anteriores a 15.006.30172 y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 15.016.20039 sobre Windows y OS X permiten a atacantes ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104 y CVE-2016-4105."
}
],
"id": "CVE-2016-1129",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-05-11T11:00:38.357",
"references": [
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-10-13 19:59
Modified
2025-04-12 10:46
Severity ?
Summary
Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | mac_os_x | * | |
| microsoft | windows | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CE518B7B-656F-42F8-BF38-F74B8D9CF5DE",
"versionEndIncluding": "11.0.17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "56758CE4-B394-41C2-9EF9-A00022DA7257",
"versionEndIncluding": "15.006.30201",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "B3F34EB4-2203-4BA8-9729-C1EB2DEEC334",
"versionEndIncluding": "15.017.20053",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "08EAC1A2-56CE-4375-822A-9B8C43758654",
"versionEndIncluding": "15.006.30201",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "747D8222-B077-49A3-83EB-A210CAF0D094",
"versionEndIncluding": "15.017.20053",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0A07526D-9AD0-4778-B9DC-57815F9F450F",
"versionEndIncluding": "11.0.17",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019."
},
{
"lang": "es",
"value": "Adobe Reader y Acrobat en versiones anteriores a 11.0.18, Acrobat y Acrobat Reader DC Classic en versiones anteriores a 15.006.30243 y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 15.020.20039 en Windows y OS X permiten a atacantes ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-6940, CVE-2016-6941, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018 y CVE-2016-7019."
}
],
"id": "CVE-2016-6942",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-10-13T19:59:11.033",
"references": [
{
"source": "psirt@adobe.com",
"url": "http://www.securityfocus.com/bid/93496"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/93496"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-10-13 19:59
Modified
2025-04-12 10:46
Severity ?
Summary
Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1089, CVE-2016-1091, CVE-2016-6945, CVE-2016-6946, CVE-2016-6949, CVE-2016-6952, CVE-2016-6953, CVE-2016-6961, CVE-2016-6962, CVE-2016-6963, CVE-2016-6964, CVE-2016-6965, CVE-2016-6967, CVE-2016-6968, CVE-2016-6969, CVE-2016-6971, CVE-2016-6979, CVE-2016-6988, and CVE-2016-6993.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | mac_os_x | * | |
| microsoft | windows | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CE518B7B-656F-42F8-BF38-F74B8D9CF5DE",
"versionEndIncluding": "11.0.17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "56758CE4-B394-41C2-9EF9-A00022DA7257",
"versionEndIncluding": "15.006.30201",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "B3F34EB4-2203-4BA8-9729-C1EB2DEEC334",
"versionEndIncluding": "15.017.20053",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "08EAC1A2-56CE-4375-822A-9B8C43758654",
"versionEndIncluding": "15.006.30201",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "747D8222-B077-49A3-83EB-A210CAF0D094",
"versionEndIncluding": "15.017.20053",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0A07526D-9AD0-4778-B9DC-57815F9F450F",
"versionEndIncluding": "11.0.17",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1089, CVE-2016-1091, CVE-2016-6945, CVE-2016-6946, CVE-2016-6949, CVE-2016-6952, CVE-2016-6953, CVE-2016-6961, CVE-2016-6962, CVE-2016-6963, CVE-2016-6964, CVE-2016-6965, CVE-2016-6967, CVE-2016-6968, CVE-2016-6969, CVE-2016-6971, CVE-2016-6979, CVE-2016-6988, and CVE-2016-6993."
},
{
"lang": "es",
"value": "Vulnerabilidad de uso despu\u00e9s de liberaci\u00f3n de memoria en Adobe Reader y Acrobat en versiones anteriores a 11.0.18, Acrobat y Acrobat Reader DC Classic en versiones anteriores a 15.006.30243 y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 15.020.20039 en Windows y OS X permite a atacantes ejecutar c\u00f3digo arbitrario a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-1089, CVE-2016-1091, CVE-2016-6945, CVE-2016-6946, CVE-2016-6949, CVE-2016-6952, CVE-2016-6953, CVE-2016-6961, CVE-2016-6962, CVE-2016-6963, CVE-2016-6964, CVE-2016-6965, CVE-2016-6967, CVE-2016-6968, CVE-2016-6969, CVE-2016-6971, CVE-2016-6979, CVE-2016-6988 y CVE-2016-6993."
}
],
"id": "CVE-2016-6944",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-10-13T19:59:13.290",
"references": [
{
"source": "psirt@adobe.com",
"url": "http://www.securityfocus.com/bid/93491"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/93491"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-416"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-04-12 14:59
Modified
2025-04-20 01:37
Severity ?
Summary
Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have a memory address leak vulnerability in the JPEG 2000 code-stream parser.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| psirt@adobe.com | http://www.securityfocus.com/bid/97554 | Third Party Advisory, VDB Entry | |
| psirt@adobe.com | http://www.securitytracker.com/id/1038228 | ||
| psirt@adobe.com | https://helpx.adobe.com/security/products/acrobat/apsb17-11.html | Vendor Advisory | |
| nvd@nist.gov | http://www.zerodayinitiative.com/advisories/ZDI-17-257/ | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/97554 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1038228 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://helpx.adobe.com/security/products/acrobat/apsb17-11.html | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * | |
| apple | mac_os_x | * | |
| microsoft | windows | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "920C2C98-5D86-4436-BEFF-54D9A41D43C8",
"versionEndIncluding": "11.0.19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "E065F497-3396-4F95-B19F-35628C8AA570",
"versionEndIncluding": "15.006.30280",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "FAC7EE17-469A-45D6-94B1-7C84E8727A06",
"versionEndIncluding": "15.023.20070",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "EF2B91EA-41D3-4054-958C-5F174D2ADDF0",
"versionEndIncluding": "15.006.30280",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "2E18E48C-BDDD-4A01-91F1-C233D53C0978",
"versionEndIncluding": "15.023.20070",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E65E415E-1C3C-472E-9750-3295B65CC6F0",
"versionEndIncluding": "11.0.19",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have a memory address leak vulnerability in the JPEG 2000 code-stream parser."
},
{
"lang": "es",
"value": "Las versiones de Adobe Acrobat Reader 11.0.19 y anteriores, 15.006.30280 y anteriores, 15.023.20070 y anteriores tienen una vulnerabilidad de fuga de direcci\u00f3n de memoria en el analizador de flujo de c\u00f3digo JPEG 2000."
}
],
"id": "CVE-2017-3032",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-04-12T14:59:02.267",
"references": [
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/97554"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1038228"
},
{
"source": "psirt@adobe.com",
"tags": [
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
},
{
"source": "nvd@nist.gov",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-17-257/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/97554"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1038228"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-05-11 11:00
Modified
2025-04-12 10:46
Severity ?
Summary
Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| psirt@adobe.com | http://www.securitytracker.com/id/1035828 | Third Party Advisory, VDB Entry | |
| psirt@adobe.com | https://helpx.adobe.com/security/products/acrobat/apsb16-14.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1035828 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://helpx.adobe.com/security/products/acrobat/apsb16-14.html | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | mac_os_x | * | |
| microsoft | windows | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3A70458C-0416-49BD-A371-1CFA85DC6A13",
"versionEndIncluding": "11.0.15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "E91D5928-1453-4359-9F35-46D9A3A9CD91",
"versionEndIncluding": "15.006.30121",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "504D35C5-04CB-4FBD-B9FD-4CBA71A5EC1A",
"versionEndIncluding": "15.010.20060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "A63411C3-E8AE-415D-B1B6-1EA6AA20494A",
"versionEndIncluding": "15.006.30121",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "B33BAE59-1F77-4F21-A5C0-B5D9D1D67F1E",
"versionEndIncluding": "15.010.20060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "15C60A67-A7DE-4B57-BC2B-28D9B546DA3B",
"versionEndIncluding": "11.0.15",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105."
},
{
"lang": "es",
"value": "Adobe Reader y Acrobat en versiones anteriores a 11.0.16, Acrobat y Acrobat Reader DC Classic en versiones anteriores a 15.006.30172 y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 15.016.20039 sobre Windows y OS X permiten a atacantes ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104 y CVE-2016-4105."
}
],
"id": "CVE-2016-4090",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-05-11T11:00:42.090",
"references": [
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1035828"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1035828"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-08-11 19:29
Modified
2025-04-20 01:37
Severity ?
Summary
Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conversion engine when processing Enhanced Metafile Format (EMF) data related to block transfer of pixels. Successful exploitation could lead to arbitrary code execution.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| psirt@adobe.com | http://www.securityfocus.com/bid/100184 | Third Party Advisory, VDB Entry | |
| psirt@adobe.com | http://www.securitytracker.com/id/1039098 | Third Party Advisory, VDB Entry | |
| psirt@adobe.com | https://helpx.adobe.com/security/products/acrobat/apsb17-24.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/100184 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1039098 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://helpx.adobe.com/security/products/acrobat/apsb17-24.html | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| adobe | acrobat | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * | |
| apple | mac_os_x | * | |
| microsoft | windows | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A30D9514-FE2E-4A9C-9500-16890F53E970",
"versionEndIncluding": "11.0.20",
"versionStartIncluding": "11.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7C9B6745-48B3-47D5-B624-3321E9058FB6",
"versionEndIncluding": "17.011.30066",
"versionStartIncluding": "17.011.00000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "99D08096-DEEA-4409-835A-68479002FF0F",
"versionEndIncluding": "15.006.30306",
"versionStartIncluding": "15.006.30060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "C7A7FA12-9250-4E26-87AE-D5413A1B7D83",
"versionEndIncluding": "17.009.20058",
"versionStartIncluding": "15.007.20033",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "11A0E83A-9D77-4A0B-90DE-386D21D54146",
"versionEndIncluding": "17.011.30066",
"versionStartIncluding": "17.011.00000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "0E4BAFB4-C5F3-4033-9876-AC3CF37206F8",
"versionEndIncluding": "15.006.30306",
"versionStartIncluding": "15.006.30060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "7C578153-11EF-4F8D-9137-4F7AB8024D7E",
"versionEndIncluding": "17.009.20058",
"versionStartIncluding": "15.007.20033",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1F87CC97-6ED7-4AF1-B7B7-F89EA09A68DB",
"versionEndIncluding": "11.0.20",
"versionStartIncluding": "11.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conversion engine when processing Enhanced Metafile Format (EMF) data related to block transfer of pixels. Successful exploitation could lead to arbitrary code execution."
},
{
"lang": "es",
"value": "Adobe Acrobat Reader 2017.009.20058 y anteriores, 2017.008.30051 y anteriores, 2015.006.30306 y anteriores, y 11.0.20 y anteriores tiene una vulnerabilidad de corrupci\u00f3n de memoria en el motor de conversi\u00f3n de imagen cuando procesa datos Enhanced Metafile Format (EMF) relacionados con la transferencia en bloque de p\u00edxeles. La explotaci\u00f3n con \u00e9xito de esta vulnerabilidad podr\u00eda permitir la ejecuci\u00f3n arbitraria de c\u00f3digo."
}
],
"id": "CVE-2017-11233",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-08-11T19:29:00.883",
"references": [
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/100184"
},
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039098"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/100184"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039098"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-10-13 19:59
Modified
2025-04-12 10:46
Severity ?
Summary
Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1089, CVE-2016-1091, CVE-2016-6944, CVE-2016-6945, CVE-2016-6949, CVE-2016-6952, CVE-2016-6953, CVE-2016-6961, CVE-2016-6962, CVE-2016-6963, CVE-2016-6964, CVE-2016-6965, CVE-2016-6967, CVE-2016-6968, CVE-2016-6969, CVE-2016-6971, CVE-2016-6979, CVE-2016-6988, and CVE-2016-6993.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | mac_os_x | * | |
| microsoft | windows | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CE518B7B-656F-42F8-BF38-F74B8D9CF5DE",
"versionEndIncluding": "11.0.17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "56758CE4-B394-41C2-9EF9-A00022DA7257",
"versionEndIncluding": "15.006.30201",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "B3F34EB4-2203-4BA8-9729-C1EB2DEEC334",
"versionEndIncluding": "15.017.20053",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "08EAC1A2-56CE-4375-822A-9B8C43758654",
"versionEndIncluding": "15.006.30201",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "747D8222-B077-49A3-83EB-A210CAF0D094",
"versionEndIncluding": "15.017.20053",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0A07526D-9AD0-4778-B9DC-57815F9F450F",
"versionEndIncluding": "11.0.17",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1089, CVE-2016-1091, CVE-2016-6944, CVE-2016-6945, CVE-2016-6949, CVE-2016-6952, CVE-2016-6953, CVE-2016-6961, CVE-2016-6962, CVE-2016-6963, CVE-2016-6964, CVE-2016-6965, CVE-2016-6967, CVE-2016-6968, CVE-2016-6969, CVE-2016-6971, CVE-2016-6979, CVE-2016-6988, and CVE-2016-6993."
},
{
"lang": "es",
"value": "Vulnerabilidad de uso despu\u00e9s de liberaci\u00f3n de memoria en Adobe Reader y Acrobat en versiones anteriores a 11.0.18, Acrobat y Acrobat Reader DC Classic en versiones anteriores a 15.006.30243 y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 15.020.20039 en Windows y OS X permite a atacantes ejecutar c\u00f3digo arbitrario a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-1089, CVE-2016-1091, CVE-2016-6944, CVE-2016-6945, CVE-2016-6949, CVE-2016-6952, CVE-2016-6953, CVE-2016-6961, CVE-2016-6962, CVE-2016-6963, CVE-2016-6964, CVE-2016-6965, CVE-2016-6967, CVE-2016-6968, CVE-2016-6969, CVE-2016-6971, CVE-2016-6979, CVE-2016-6988 y CVE-2016-6993."
}
],
"id": "CVE-2016-6946",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-10-13T19:59:15.157",
"references": [
{
"source": "psirt@adobe.com",
"url": "http://www.securityfocus.com/bid/93491"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/93491"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-416"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-04-12 14:59
Modified
2025-04-20 01:37
Severity ?
Summary
Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have a memory address leak vulnerability in the collaboration functionality.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| psirt@adobe.com | http://www.securityfocus.com/bid/97554 | Third Party Advisory, VDB Entry | |
| psirt@adobe.com | http://www.securitytracker.com/id/1038228 | ||
| psirt@adobe.com | https://helpx.adobe.com/security/products/acrobat/apsb17-11.html | Vendor Advisory | |
| nvd@nist.gov | http://www.zerodayinitiative.com/advisories/ZDI-17-263/ | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/97554 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1038228 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://helpx.adobe.com/security/products/acrobat/apsb17-11.html | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * | |
| apple | mac_os_x | * | |
| microsoft | windows | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "920C2C98-5D86-4436-BEFF-54D9A41D43C8",
"versionEndIncluding": "11.0.19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "E065F497-3396-4F95-B19F-35628C8AA570",
"versionEndIncluding": "15.006.30280",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "FAC7EE17-469A-45D6-94B1-7C84E8727A06",
"versionEndIncluding": "15.023.20070",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "EF2B91EA-41D3-4054-958C-5F174D2ADDF0",
"versionEndIncluding": "15.006.30280",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "2E18E48C-BDDD-4A01-91F1-C233D53C0978",
"versionEndIncluding": "15.023.20070",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E65E415E-1C3C-472E-9750-3295B65CC6F0",
"versionEndIncluding": "11.0.19",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have a memory address leak vulnerability in the collaboration functionality."
},
{
"lang": "es",
"value": "Las versiones de Adobe Acrobat Reader 11.0.19 y anteriores, 15.006.30280 y anteriores, 15.023.20070 y anteriores tienen una vulnerabilidad de fuga de direcci\u00f3n de memoria en la funcionalidad de colaboraci\u00f3n."
}
],
"id": "CVE-2017-3043",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-04-12T14:59:02.593",
"references": [
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/97554"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1038228"
},
{
"source": "psirt@adobe.com",
"tags": [
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
},
{
"source": "nvd@nist.gov",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-17-263/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/97554"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1038228"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-08-26 19:59
Modified
2025-04-12 10:46
Severity ?
Summary
Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4191, CVE-2016-4192, CVE-2016-4193, CVE-2016-4194, CVE-2016-4195, CVE-2016-4196, CVE-2016-4197, CVE-2016-4198, CVE-2016-4199, CVE-2016-4200, CVE-2016-4201, CVE-2016-4202, CVE-2016-4203, CVE-2016-4204, CVE-2016-4205, CVE-2016-4206, CVE-2016-4207, CVE-2016-4208, CVE-2016-4211, CVE-2016-4212, CVE-2016-4213, CVE-2016-4214, CVE-2016-4250, CVE-2016-4251, CVE-2016-4252, CVE-2016-4254, CVE-2016-4265, CVE-2016-4266, CVE-2016-4268, CVE-2016-4269, and CVE-2016-4270.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | mac_os_x | * | |
| microsoft | windows | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "48F7FCE4-6C44-45DA-B1F0-7808F497AA93",
"versionEndIncluding": "11.0.16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "3F3C7F23-77F4-4698-8E74-72917F2A83E9",
"versionEndIncluding": "15.006.30174",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "2E46BF91-F475-46CB-8575-13FE3A57BD55",
"versionEndIncluding": "15.016.20045",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "6D455EA4-9459-471D-8B4E-D7D78C1772F3",
"versionEndIncluding": "15.006.30174",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "79074ABD-9720-4298-A680-0B636FFC6151",
"versionEndIncluding": "15.016.20045",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CD2EDEC-3767-4713-ACD7-D463DAE2D273",
"versionEndIncluding": "11.0.16",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4191, CVE-2016-4192, CVE-2016-4193, CVE-2016-4194, CVE-2016-4195, CVE-2016-4196, CVE-2016-4197, CVE-2016-4198, CVE-2016-4199, CVE-2016-4200, CVE-2016-4201, CVE-2016-4202, CVE-2016-4203, CVE-2016-4204, CVE-2016-4205, CVE-2016-4206, CVE-2016-4207, CVE-2016-4208, CVE-2016-4211, CVE-2016-4212, CVE-2016-4213, CVE-2016-4214, CVE-2016-4250, CVE-2016-4251, CVE-2016-4252, CVE-2016-4254, CVE-2016-4265, CVE-2016-4266, CVE-2016-4268, CVE-2016-4269, and CVE-2016-4270."
},
{
"lang": "es",
"value": "Adobe Reader y Acrobat en versiones anteriores a 11.0.17, Acrobat y Acrobat Reader DC Classic en versiones anteriores a 15.006.30198 y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 15.017.20050 en Windows y OS X permiten a atacantes ejecutar un c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-4191, CVE-2016-4192, CVE-2016-4193, CVE-2016-4194, CVE-2016-4195, CVE-2016-4196, CVE-2016-4197, CVE-2016-4198, CVE-2016-4199, CVE-2016-4200, CVE-2016-4201, CVE-2016-4202, CVE-2016-4203, CVE-2016-4204, CVE-2016-4205, CVE-2016-4206, CVE-2016-4207, CVE-2016-4208, CVE-2016-4211, CVE-2016-4212, CVE-2016-4213, CVE-2016-4214, CVE-2016-4250, CVE-2016-4251, CVE-2016-4252, CVE-2016-4254, CVE-2016-4265, CVE-2016-4266, CVE-2016-4268, CVE-2016-4269, and CVE-2016-4270."
}
],
"id": "CVE-2016-4267",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-08-26T19:59:03.633",
"references": [
{
"source": "psirt@adobe.com",
"url": "http://www.securityfocus.com/bid/92637"
},
{
"source": "psirt@adobe.com",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-490"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/92637"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-490"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-01-18 17:29
Modified
2024-11-21 03:51
Severity ?
Summary
Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008.20080 and earlier, 2019.008.20081 and earlier, 2017.011.30106 and earlier version, 2017.011.30105 and earlier version, 2015.006.30457 and earlier, and 2015.006.30456 and earlier have a security bypass vulnerability. Successful exploitation could lead to information disclosure.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | 11.0.10 | |
| adobe | reader | 11.0.23 | |
| iskysoft | pdf_editor_6 | 6.4.2.3521 | |
| iskysoft | pdfelement6 | 6.8.0.3523 | |
| iskysoft | pdfelement6 | 6.8.4.3921 | |
| microsoft | windows | - | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | 11.0.10 | |
| adobe | reader | 11.0.23 | |
| iskysoft | pdf_editor_6 | 6.6.2.3315 | |
| iskysoft | pdf_editor_6 | 6.7.6.3399 | |
| iskysoft | pdfelement6 | 6.7.1.3355 | |
| iskysoft | pdfelement6 | 6.7.6.3399 | |
| apple | mac_os_x | - | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| linux | linux_kernel | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "F01FAB9E-7F95-4BD5-B524-F008637A1DCF",
"versionEndIncluding": "15.006.30457",
"versionStartIncluding": "15.006.30060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "8C9E9FC0-F0D7-4EA8-B232-FC8832AB51CD",
"versionEndIncluding": "19.008.20081",
"versionStartIncluding": "15.008.20082",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "4E07B1BA-D23B-4AF8-88DA-E7C676F2FE17",
"versionEndIncluding": "17.011.30106",
"versionStartIncluding": "17.011.30056",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "16FBD87F-B4BC-4EE1-8833-11E16142E3A3",
"versionEndIncluding": "15.006.30457",
"versionStartIncluding": "15.006.30060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "205830D0-E93E-45A6-9EC6-FCB93D4EF951",
"versionEndIncluding": "19.008.20081",
"versionStartIncluding": "15.008.20082",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "84DE8099-EC97-4F4B-B672-7ECBFFB4EA83",
"versionEndIncluding": "17.011.30106",
"versionStartIncluding": "17.011.30059",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:11.0.10:*:*:*:*:*:*:*",
"matchCriteriaId": "5FFA3D5B-0464-4A5B-AF66-BFE2A1B0A57F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:11.0.23:*:*:*:*:*:*:*",
"matchCriteriaId": "6C2FC6AA-CD20-4331-8347-5CD38DDA63E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:iskysoft:pdf_editor_6:6.4.2.3521:*:*:*:professional:*:*:*",
"matchCriteriaId": "9796785E-F5A4-4EB9-AE4C-3296449F0A27",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:iskysoft:pdfelement6:6.8.0.3523:*:*:*:professional:*:*:*",
"matchCriteriaId": "C6FE27B0-5187-441A-8824-211838C71F3D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:iskysoft:pdfelement6:6.8.4.3921:*:*:*:professional:*:*:*",
"matchCriteriaId": "950C35B2-1B7F-495F-9947-0E992329954B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "8FB180E5-8772-4EE7-8A0D-3A1BC4BD5C02",
"versionEndIncluding": "15.006.30456",
"versionStartIncluding": "15.006.30060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "9A540D30-F192-41B2-A37E-D85A21363132",
"versionEndIncluding": "19.008.20080",
"versionStartIncluding": "15.008.20082",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "A3BE78D3-D0A2-425E-835C-9E095231958E",
"versionEndIncluding": "17.011.30105",
"versionStartIncluding": "17.011.30056",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "3F292064-4175-485C-8D52-FD7DCC3E9D07",
"versionEndIncluding": "15.006.30456",
"versionStartIncluding": "15.006.30060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "17CD35B3-5C4B-486E-AAF0-23E6487C45DE",
"versionEndIncluding": "19.008.20080",
"versionStartIncluding": "15.008.20082",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "524B36D5-26A7-4069-9786-B72120FB7309",
"versionEndIncluding": "17.011.30105",
"versionStartIncluding": "17.011.30059",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:11.0.10:*:*:*:*:*:*:*",
"matchCriteriaId": "5FFA3D5B-0464-4A5B-AF66-BFE2A1B0A57F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:11.0.23:*:*:*:*:*:*:*",
"matchCriteriaId": "6C2FC6AA-CD20-4331-8347-5CD38DDA63E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:iskysoft:pdf_editor_6:6.6.2.3315:*:*:*:professional:*:*:*",
"matchCriteriaId": "80241CB1-3BC7-4572-92A4-E348C50FAE9A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:iskysoft:pdf_editor_6:6.7.6.3399:*:*:*:professional:*:*:*",
"matchCriteriaId": "8336F6DF-0677-4AED-B062-0E7957A7A293",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:iskysoft:pdfelement6:6.7.1.3355:*:*:*:professional:*:*:*",
"matchCriteriaId": "1D3941F4-B294-4E22-A6FF-CF3085DF6C89",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:iskysoft:pdfelement6:6.7.6.3399:*:*:*:professional:*:*:*",
"matchCriteriaId": "1A3DB79B-12A7-4E55-9499-36EED6688382",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "8FB180E5-8772-4EE7-8A0D-3A1BC4BD5C02",
"versionEndIncluding": "15.006.30456",
"versionStartIncluding": "15.006.30060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "9A540D30-F192-41B2-A37E-D85A21363132",
"versionEndIncluding": "19.008.20080",
"versionStartIncluding": "15.008.20082",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "A3BE78D3-D0A2-425E-835C-9E095231958E",
"versionEndIncluding": "17.011.30105",
"versionStartIncluding": "17.011.30056",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "3F292064-4175-485C-8D52-FD7DCC3E9D07",
"versionEndIncluding": "15.006.30456",
"versionStartIncluding": "15.006.30060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "17CD35B3-5C4B-486E-AAF0-23E6487C45DE",
"versionEndIncluding": "19.008.20080",
"versionStartIncluding": "15.008.20082",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "524B36D5-26A7-4069-9786-B72120FB7309",
"versionEndIncluding": "17.011.30105",
"versionStartIncluding": "17.011.30059",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008.20080 and earlier, 2019.008.20081 and earlier, 2017.011.30106 and earlier version, 2017.011.30105 and earlier version, 2015.006.30457 and earlier, and 2015.006.30456 and earlier have a security bypass vulnerability. Successful exploitation could lead to information disclosure."
},
{
"lang": "es",
"value": "Adobe Acrobat y Adobe Reader, en las versiones 2019.008.20081 y anteriores, en las 2019.008.20080 y anteriores, en las 2019.008.20081 y anteriores, en las 2017.011.30106 y anteriores, en las 2017.011.30105 y anteriores, en las 2015.006.30457 y anteriores y en las 2015.006.30456 y anteriores, podr\u00edan tener una vulnerabilidad omisi\u00f3n de seguridad. Su explotaci\u00f3n con \u00e9xito podr\u00eda resultar en una divulgaci\u00f3n de informaci\u00f3n."
}
],
"id": "CVE-2018-16042",
"lastModified": "2024-11-21T03:51:59.113",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 2.5,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-01-18T17:29:31.230",
"references": [
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/106159"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb18-41.html"
},
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory"
],
"url": "https://pdf-insecurity.org/signature/evaluation_2018.html"
},
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory"
],
"url": "https://pdf-insecurity.org/signature/signature.html"
},
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.pdfa.org/recently-identified-pdf-digital-signature-vulnerabilities/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/106159"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb18-41.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://pdf-insecurity.org/signature/evaluation_2018.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://pdf-insecurity.org/signature/signature.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.pdfa.org/recently-identified-pdf-digital-signature-vulnerabilities/"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-347"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-08-26 19:59
Modified
2025-04-12 10:46
Severity ?
Summary
Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4191, CVE-2016-4192, CVE-2016-4193, CVE-2016-4194, CVE-2016-4195, CVE-2016-4196, CVE-2016-4197, CVE-2016-4198, CVE-2016-4199, CVE-2016-4200, CVE-2016-4201, CVE-2016-4202, CVE-2016-4203, CVE-2016-4204, CVE-2016-4205, CVE-2016-4206, CVE-2016-4207, CVE-2016-4208, CVE-2016-4211, CVE-2016-4212, CVE-2016-4213, CVE-2016-4214, CVE-2016-4250, CVE-2016-4251, CVE-2016-4252, CVE-2016-4254, CVE-2016-4265, CVE-2016-4266, CVE-2016-4267, CVE-2016-4269, and CVE-2016-4270.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | mac_os_x | * | |
| microsoft | windows | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "48F7FCE4-6C44-45DA-B1F0-7808F497AA93",
"versionEndIncluding": "11.0.16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "3F3C7F23-77F4-4698-8E74-72917F2A83E9",
"versionEndIncluding": "15.006.30174",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "2E46BF91-F475-46CB-8575-13FE3A57BD55",
"versionEndIncluding": "15.016.20045",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "6D455EA4-9459-471D-8B4E-D7D78C1772F3",
"versionEndIncluding": "15.006.30174",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "79074ABD-9720-4298-A680-0B636FFC6151",
"versionEndIncluding": "15.016.20045",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CD2EDEC-3767-4713-ACD7-D463DAE2D273",
"versionEndIncluding": "11.0.16",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4191, CVE-2016-4192, CVE-2016-4193, CVE-2016-4194, CVE-2016-4195, CVE-2016-4196, CVE-2016-4197, CVE-2016-4198, CVE-2016-4199, CVE-2016-4200, CVE-2016-4201, CVE-2016-4202, CVE-2016-4203, CVE-2016-4204, CVE-2016-4205, CVE-2016-4206, CVE-2016-4207, CVE-2016-4208, CVE-2016-4211, CVE-2016-4212, CVE-2016-4213, CVE-2016-4214, CVE-2016-4250, CVE-2016-4251, CVE-2016-4252, CVE-2016-4254, CVE-2016-4265, CVE-2016-4266, CVE-2016-4267, CVE-2016-4269, and CVE-2016-4270."
},
{
"lang": "es",
"value": "Adobe Reader y Acrobat en versiones anteriores a 11.0.17, Acrobat y Acrobat Reader DC Classic en versiones anteriores a 15.006.30198 y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 15.017.20050 en Windows y OS X permiten a atacantes remotos ejecutar un c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-4191, CVE-2016-4192, CVE-2016-4193, CVE-2016-4194, CVE-2016-4195, CVE-2016-4196, CVE-2016-4197, CVE-2016-4198, CVE-2016-4199, CVE-2016-4200, CVE-2016-4201, CVE-2016-4202, CVE-2016-4203, CVE-2016-4204, CVE-2016-4205, CVE-2016-4206, CVE-2016-4207, CVE-2016-4208, CVE-2016-4211, CVE-2016-4212, CVE-2016-4213, CVE-2016-4214, CVE-2016-4250, CVE-2016-4251, CVE-2016-4252, CVE-2016-4254, CVE-2016-4265, CVE-2016-4266, CVE-2016-4267, CVE-2016-4269, y CVE-2016-4270."
}
],
"id": "CVE-2016-4268",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-08-26T19:59:04.930",
"references": [
{
"source": "psirt@adobe.com",
"url": "http://www.securityfocus.com/bid/92643"
},
{
"source": "psirt@adobe.com",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-492"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/92643"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-492"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-08-11 19:29
Modified
2025-04-20 01:37
Severity ?
Summary
Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable type confusion vulnerability in the XFA layout engine. Successful exploitation could lead to arbitrary code execution.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| psirt@adobe.com | http://www.securityfocus.com/bid/100181 | Third Party Advisory, VDB Entry | |
| psirt@adobe.com | http://www.securitytracker.com/id/1039098 | Third Party Advisory, VDB Entry | |
| psirt@adobe.com | https://helpx.adobe.com/security/products/acrobat/apsb17-24.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/100181 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1039098 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://helpx.adobe.com/security/products/acrobat/apsb17-24.html | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| adobe | acrobat | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * | |
| apple | mac_os_x | * | |
| microsoft | windows | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A30D9514-FE2E-4A9C-9500-16890F53E970",
"versionEndIncluding": "11.0.20",
"versionStartIncluding": "11.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7C9B6745-48B3-47D5-B624-3321E9058FB6",
"versionEndIncluding": "17.011.30066",
"versionStartIncluding": "17.011.00000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "99D08096-DEEA-4409-835A-68479002FF0F",
"versionEndIncluding": "15.006.30306",
"versionStartIncluding": "15.006.30060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "C7A7FA12-9250-4E26-87AE-D5413A1B7D83",
"versionEndIncluding": "17.009.20058",
"versionStartIncluding": "15.007.20033",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "11A0E83A-9D77-4A0B-90DE-386D21D54146",
"versionEndIncluding": "17.011.30066",
"versionStartIncluding": "17.011.00000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "0E4BAFB4-C5F3-4033-9876-AC3CF37206F8",
"versionEndIncluding": "15.006.30306",
"versionStartIncluding": "15.006.30060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "7C578153-11EF-4F8D-9137-4F7AB8024D7E",
"versionEndIncluding": "17.009.20058",
"versionStartIncluding": "15.007.20033",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1F87CC97-6ED7-4AF1-B7B7-F89EA09A68DB",
"versionEndIncluding": "11.0.20",
"versionStartIncluding": "11.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable type confusion vulnerability in the XFA layout engine. Successful exploitation could lead to arbitrary code execution."
},
{
"lang": "es",
"value": "Adobe Acrobat Reader 2017.009.20058 y anteriores, 2017.008.30051 y anteriores, 2015.006.30306 y anteriores, y 11.0.20 y anteriores tiene una vulnerabilidad de confusi\u00f3n de tipo en el motor de dise\u00f1o XFA. La explotaci\u00f3n con \u00e9xito de esta vulnerabilidad podr\u00eda permitir la ejecuci\u00f3n arbitraria de c\u00f3digo."
}
],
"id": "CVE-2017-11257",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-08-11T19:29:01.523",
"references": [
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/100181"
},
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039098"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/100181"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039098"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-704"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-07-13 02:00
Modified
2025-04-12 10:46
Severity ?
Summary
Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4191, CVE-2016-4192, CVE-2016-4193, CVE-2016-4194, CVE-2016-4195, CVE-2016-4196, CVE-2016-4197, CVE-2016-4198, CVE-2016-4200, CVE-2016-4201, CVE-2016-4202, CVE-2016-4203, CVE-2016-4204, CVE-2016-4205, CVE-2016-4206, CVE-2016-4207, CVE-2016-4208, CVE-2016-4211, CVE-2016-4212, CVE-2016-4213, CVE-2016-4214, CVE-2016-4250, CVE-2016-4251, CVE-2016-4252, and CVE-2016-4254.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | mac_os_x | * | |
| microsoft | windows | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "48F7FCE4-6C44-45DA-B1F0-7808F497AA93",
"versionEndIncluding": "11.0.16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "3F3C7F23-77F4-4698-8E74-72917F2A83E9",
"versionEndIncluding": "15.006.30174",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "2E46BF91-F475-46CB-8575-13FE3A57BD55",
"versionEndIncluding": "15.016.20045",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "6D455EA4-9459-471D-8B4E-D7D78C1772F3",
"versionEndIncluding": "15.006.30174",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "79074ABD-9720-4298-A680-0B636FFC6151",
"versionEndIncluding": "15.016.20045",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CD2EDEC-3767-4713-ACD7-D463DAE2D273",
"versionEndIncluding": "11.0.16",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4191, CVE-2016-4192, CVE-2016-4193, CVE-2016-4194, CVE-2016-4195, CVE-2016-4196, CVE-2016-4197, CVE-2016-4198, CVE-2016-4200, CVE-2016-4201, CVE-2016-4202, CVE-2016-4203, CVE-2016-4204, CVE-2016-4205, CVE-2016-4206, CVE-2016-4207, CVE-2016-4208, CVE-2016-4211, CVE-2016-4212, CVE-2016-4213, CVE-2016-4214, CVE-2016-4250, CVE-2016-4251, CVE-2016-4252, and CVE-2016-4254."
},
{
"lang": "es",
"value": "Adobe Reader y Acrobat en versiones anteriores a 11.0.17, Acrobat y Acrobat Reader DC Classic en versiones anteriores a 15.006.30198 y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 15.017.20050 en Windows y OS X permiten a atacantes ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-4191, CVE-2016-4192, CVE-2016-4193, CVE-2016-4194, CVE-2016-4195, CVE-2016-4196, CVE-2016-4197, CVE-2016-4198, CVE-2016-4200, CVE-2016-4201, CVE-2016-4202, CVE-2016-4203, CVE-2016-4204, CVE-2016-4205, CVE-2016-4206, CVE-2016-4207, CVE-2016-4208, CVE-2016-4211, CVE-2016-4212, CVE-2016-4213, CVE-2016-4214, CVE-2016-4250, CVE-2016-4251, CVE-2016-4252 y CVE-2016-4254."
}
],
"id": "CVE-2016-4199",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-07-13T02:00:09.290",
"references": [
{
"source": "psirt@adobe.com",
"url": "http://www.securityfocus.com/bid/91716"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1036281"
},
{
"source": "psirt@adobe.com",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-417"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/91716"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1036281"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-417"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-08-11 19:29
Modified
2025-04-20 01:37
Severity ?
Summary
Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conversion engine when processing Enhanced Metafile Format (EMF) data related to line segments. Successful exploitation could lead to arbitrary code execution.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| psirt@adobe.com | http://www.securityfocus.com/bid/100184 | Third Party Advisory, VDB Entry | |
| psirt@adobe.com | http://www.securitytracker.com/id/1039098 | Third Party Advisory, VDB Entry | |
| psirt@adobe.com | https://helpx.adobe.com/security/products/acrobat/apsb17-24.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/100184 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1039098 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://helpx.adobe.com/security/products/acrobat/apsb17-24.html | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| adobe | acrobat | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * | |
| apple | mac_os_x | * | |
| microsoft | windows | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A30D9514-FE2E-4A9C-9500-16890F53E970",
"versionEndIncluding": "11.0.20",
"versionStartIncluding": "11.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7C9B6745-48B3-47D5-B624-3321E9058FB6",
"versionEndIncluding": "17.011.30066",
"versionStartIncluding": "17.011.00000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "99D08096-DEEA-4409-835A-68479002FF0F",
"versionEndIncluding": "15.006.30306",
"versionStartIncluding": "15.006.30060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "C7A7FA12-9250-4E26-87AE-D5413A1B7D83",
"versionEndIncluding": "17.009.20058",
"versionStartIncluding": "15.007.20033",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "11A0E83A-9D77-4A0B-90DE-386D21D54146",
"versionEndIncluding": "17.011.30066",
"versionStartIncluding": "17.011.00000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "0E4BAFB4-C5F3-4033-9876-AC3CF37206F8",
"versionEndIncluding": "15.006.30306",
"versionStartIncluding": "15.006.30060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "7C578153-11EF-4F8D-9137-4F7AB8024D7E",
"versionEndIncluding": "17.009.20058",
"versionStartIncluding": "15.007.20033",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1F87CC97-6ED7-4AF1-B7B7-F89EA09A68DB",
"versionEndIncluding": "11.0.20",
"versionStartIncluding": "11.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conversion engine when processing Enhanced Metafile Format (EMF) data related to line segments. Successful exploitation could lead to arbitrary code execution."
},
{
"lang": "es",
"value": "Adobe Acrobat Reader 2017.009.20058 y anteriores, 2017.008.30051 y anteriores, 2015.006.30306 y anteriores, y 11.0.20 y anteriores tiene una vulnerabilidad de corrupci\u00f3n de memoria en el motor de conversi\u00f3n de imagen cuando procesa datos Enhanced Metafile Format (EMF) relacionados con los segmentos de l\u00ednea. La explotaci\u00f3n con \u00e9xito de esta vulnerabilidad podr\u00eda permitir la ejecuci\u00f3n arbitraria de c\u00f3digo."
}
],
"id": "CVE-2017-11242",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-08-11T19:29:01.133",
"references": [
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/100184"
},
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039098"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/100184"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039098"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-08-11 19:29
Modified
2025-04-20 01:37
Severity ?
Summary
Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conversion engine when processing Enhanced Metafile Format (EMF) private data and the embedded TIF image. Successful exploitation could lead to arbitrary code execution.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| psirt@adobe.com | http://www.securityfocus.com/bid/100179 | Third Party Advisory, VDB Entry | |
| psirt@adobe.com | http://www.securitytracker.com/id/1039098 | Third Party Advisory, VDB Entry | |
| psirt@adobe.com | https://helpx.adobe.com/security/products/acrobat/apsb17-24.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/100179 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1039098 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://helpx.adobe.com/security/products/acrobat/apsb17-24.html | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| adobe | acrobat | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * | |
| apple | mac_os_x | * | |
| microsoft | windows | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A30D9514-FE2E-4A9C-9500-16890F53E970",
"versionEndIncluding": "11.0.20",
"versionStartIncluding": "11.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7C9B6745-48B3-47D5-B624-3321E9058FB6",
"versionEndIncluding": "17.011.30066",
"versionStartIncluding": "17.011.00000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "99D08096-DEEA-4409-835A-68479002FF0F",
"versionEndIncluding": "15.006.30306",
"versionStartIncluding": "15.006.30060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "C7A7FA12-9250-4E26-87AE-D5413A1B7D83",
"versionEndIncluding": "17.009.20058",
"versionStartIncluding": "15.007.20033",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "11A0E83A-9D77-4A0B-90DE-386D21D54146",
"versionEndIncluding": "17.011.30066",
"versionStartIncluding": "17.011.00000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "0E4BAFB4-C5F3-4033-9876-AC3CF37206F8",
"versionEndIncluding": "15.006.30306",
"versionStartIncluding": "15.006.30060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "7C578153-11EF-4F8D-9137-4F7AB8024D7E",
"versionEndIncluding": "17.009.20058",
"versionStartIncluding": "15.007.20033",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1F87CC97-6ED7-4AF1-B7B7-F89EA09A68DB",
"versionEndIncluding": "11.0.20",
"versionStartIncluding": "11.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conversion engine when processing Enhanced Metafile Format (EMF) private data and the embedded TIF image. Successful exploitation could lead to arbitrary code execution."
},
{
"lang": "es",
"value": "Adobe Acrobat Reader 2017.009.20058 y anteriores, 2017.008.30051 y anteriores, 2015.006.30306 y anteriores, y 11.0.20 y anteriores tiene una vulnerabilidad de corrupci\u00f3n de memoria en el motor de conversi\u00f3n de imagen cuando procesa datos privados Enhanced Metafile Format (EMF) y la imagen TIF embebida. La explotaci\u00f3n con \u00e9xito de esta vulnerabilidad podr\u00eda permitir la ejecuci\u00f3n arbitraria de c\u00f3digo."
}
],
"id": "CVE-2017-11261",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-08-11T19:29:01.647",
"references": [
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/100179"
},
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039098"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/100179"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039098"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-01-11 04:59
Modified
2025-04-20 01:37
Severity ?
Summary
Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable memory corruption vulnerability in the image conversion engine, related to parsing of EXIF metadata. Successful exploitation could lead to arbitrary code execution.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * | |
| apple | mac_os_x | * | |
| microsoft | windows | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "591061D5-5A3B-4788-9219-E6A267C7F205",
"versionEndIncluding": "11.0.18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "2DA73DF1-D517-4D01-A901-11C6A410F3F7",
"versionEndIncluding": "15.006.30244",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "1044057B-3C1D-4920-B16E-11E8F43B416D",
"versionEndIncluding": "15.020.20042",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "65AE21B3-AF0D-480B-9D1A-4D64D2F749D2",
"versionEndIncluding": "15.006.30244",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "C032D3A4-80F5-4066-97DC-3AED72D6C15A",
"versionEndIncluding": "15.020.20042",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8D7F2E90-F6DF-41A3-A1DB-26058BEA2A02",
"versionEndIncluding": "11.0.18",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable memory corruption vulnerability in the image conversion engine, related to parsing of EXIF metadata. Successful exploitation could lead to arbitrary code execution."
},
{
"lang": "es",
"value": "Las versiones de Adobe Acrobat Reader 15.020.20042 y anteriores, 15.006.30244 y anteriores, 11.0.18 y anteriores tienen una vulnerabilidad de corrupci\u00f3n de memoria explotable en el motor de conversi\u00f3n de im\u00e1genes, relacionado con el an\u00e1lisis de metadatos EXIF. Una explotaci\u00f3n satisfactoria podr\u00eda conducir a la ejecuci\u00f3n de c\u00f3digo arbitrario."
}
],
"id": "CVE-2017-2960",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-01-11T04:59:01.883",
"references": [
{
"source": "psirt@adobe.com",
"url": "http://www.securityfocus.com/bid/95345"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1037574"
},
{
"source": "psirt@adobe.com",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-17-024"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/95345"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1037574"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-17-024"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-04-12 14:59
Modified
2025-04-20 01:37
Severity ?
Summary
Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability when manipulating PDF annotations. Successful exploitation could lead to arbitrary code execution.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * | |
| apple | mac_os_x | * | |
| microsoft | windows | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "920C2C98-5D86-4436-BEFF-54D9A41D43C8",
"versionEndIncluding": "11.0.19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "E065F497-3396-4F95-B19F-35628C8AA570",
"versionEndIncluding": "15.006.30280",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "FAC7EE17-469A-45D6-94B1-7C84E8727A06",
"versionEndIncluding": "15.023.20070",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "EF2B91EA-41D3-4054-958C-5F174D2ADDF0",
"versionEndIncluding": "15.006.30280",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "2E18E48C-BDDD-4A01-91F1-C233D53C0978",
"versionEndIncluding": "15.023.20070",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E65E415E-1C3C-472E-9750-3295B65CC6F0",
"versionEndIncluding": "11.0.19",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability when manipulating PDF annotations. Successful exploitation could lead to arbitrary code execution."
},
{
"lang": "es",
"value": "Las versiones de Adobe Acrobat Reader 11.0.19 y anteriores, 15.006.30280 y anteriores, 15.023.20070 y anteriores tienen una vulnerabilidad de corrupci\u00f3n de memoria explotable al manipular anotaciones en PDF. Una explotaci\u00f3n exitosa podr\u00eda conducir a la ejecuci\u00f3n arbitraria de c\u00f3digo."
}
],
"id": "CVE-2017-3024",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-04-12T14:59:01.983",
"references": [
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/97556"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1038228"
},
{
"source": "psirt@adobe.com",
"tags": [
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/97556"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1038228"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-10-13 19:59
Modified
2025-04-12 10:46
Severity ?
Summary
Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to bypass JavaScript API execution restrictions via unspecified vectors.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | mac_os_x | * | |
| microsoft | windows | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CE518B7B-656F-42F8-BF38-F74B8D9CF5DE",
"versionEndIncluding": "11.0.17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "56758CE4-B394-41C2-9EF9-A00022DA7257",
"versionEndIncluding": "15.006.30201",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "B3F34EB4-2203-4BA8-9729-C1EB2DEEC334",
"versionEndIncluding": "15.017.20053",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "08EAC1A2-56CE-4375-822A-9B8C43758654",
"versionEndIncluding": "15.006.30201",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "747D8222-B077-49A3-83EB-A210CAF0D094",
"versionEndIncluding": "15.017.20053",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0A07526D-9AD0-4778-B9DC-57815F9F450F",
"versionEndIncluding": "11.0.17",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to bypass JavaScript API execution restrictions via unspecified vectors."
},
{
"lang": "es",
"value": "Adobe Reader y Acrobat en versiones anteriores a 11.0.18, Acrobat y Acrobat Reader DC Classic en versiones anteriores a 15.006.30243 y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 15.020.20039 en Windows y OS X permiten a atacantes eludir las restricciones de ejecuci\u00f3n de la API de JavaScript a trav\u00e9s de vectores no especificados."
}
],
"id": "CVE-2016-6957",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-10-13T19:59:28.027",
"references": [
{
"source": "psirt@adobe.com",
"url": "http://www.securityfocus.com/bid/93486"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/93486"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-254"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-05-11 11:00
Modified
2025-04-12 10:46
Severity ?
Summary
Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1045, CVE-2016-1046, CVE-2016-1047, CVE-2016-1048, CVE-2016-1049, CVE-2016-1050, CVE-2016-1051, CVE-2016-1052, CVE-2016-1053, CVE-2016-1054, CVE-2016-1055, CVE-2016-1056, CVE-2016-1057, CVE-2016-1058, CVE-2016-1059, CVE-2016-1060, CVE-2016-1061, CVE-2016-1065, CVE-2016-1066, CVE-2016-1067, CVE-2016-1068, CVE-2016-1069, CVE-2016-1070, CVE-2016-1075, CVE-2016-1094, CVE-2016-1121, CVE-2016-1122, and CVE-2016-4107.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| psirt@adobe.com | http://www.securityfocus.com/bid/90512 | Third Party Advisory, VDB Entry | |
| psirt@adobe.com | http://www.securitytracker.com/id/1035828 | Third Party Advisory, VDB Entry | |
| psirt@adobe.com | https://helpx.adobe.com/security/products/acrobat/apsb16-14.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/90512 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1035828 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://helpx.adobe.com/security/products/acrobat/apsb16-14.html | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | mac_os_x | * | |
| microsoft | windows | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3A70458C-0416-49BD-A371-1CFA85DC6A13",
"versionEndIncluding": "11.0.15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "E91D5928-1453-4359-9F35-46D9A3A9CD91",
"versionEndIncluding": "15.006.30121",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "504D35C5-04CB-4FBD-B9FD-4CBA71A5EC1A",
"versionEndIncluding": "15.010.20060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "A63411C3-E8AE-415D-B1B6-1EA6AA20494A",
"versionEndIncluding": "15.006.30121",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "B33BAE59-1F77-4F21-A5C0-B5D9D1D67F1E",
"versionEndIncluding": "15.010.20060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "15C60A67-A7DE-4B57-BC2B-28D9B546DA3B",
"versionEndIncluding": "11.0.15",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1045, CVE-2016-1046, CVE-2016-1047, CVE-2016-1048, CVE-2016-1049, CVE-2016-1050, CVE-2016-1051, CVE-2016-1052, CVE-2016-1053, CVE-2016-1054, CVE-2016-1055, CVE-2016-1056, CVE-2016-1057, CVE-2016-1058, CVE-2016-1059, CVE-2016-1060, CVE-2016-1061, CVE-2016-1065, CVE-2016-1066, CVE-2016-1067, CVE-2016-1068, CVE-2016-1069, CVE-2016-1070, CVE-2016-1075, CVE-2016-1094, CVE-2016-1121, CVE-2016-1122, and CVE-2016-4107."
},
{
"lang": "es",
"value": "Vulnerabilidad de uso despu\u00e9s de liberaci\u00f3n de memoria en Adobe Reader y Acrobat en versiones anteriores a 11.0.16, Acrobat y Acrobat Reader DC Classic en versiones anteriores a 15.006.30172 y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 15.016.20039 sobre Windows y OS X permite a atacantes ejecutar c\u00f3digo arbitrario a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-1045, CVE-2016-1046, CVE-2016-1047, CVE-2016-1048, CVE-2016-1049, CVE-2016-1050, CVE-2016-1051, CVE-2016-1052, CVE-2016-1053, CVE-2016-1054, CVE-2016-1055, CVE-2016-1056, CVE-2016-1057, CVE-2016-1058, CVE-2016-1059, CVE-2016-1060, CVE-2016-1061, CVE-2016-1065, CVE-2016-1066, CVE-2016-1067, CVE-2016-1068, CVE-2016-1069, CVE-2016-1070, CVE-2016-1075, CVE-2016-1094, CVE-2016-1121, CVE-2016-1122 y CVE-2016-4107."
}
],
"evaluatorComment": "\u003ca href=\"http://cwe.mitre.org/data/definitions/416.html\"\u003eCWE-416: Use After Free\u003c/a\u003e",
"id": "CVE-2016-4102",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-05-11T11:00:54.543",
"references": [
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/90512"
},
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1035828"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/90512"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1035828"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-10-13 19:59
Modified
2025-04-12 10:46
Severity ?
Summary
Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1089, CVE-2016-1091, CVE-2016-6944, CVE-2016-6945, CVE-2016-6946, CVE-2016-6949, CVE-2016-6953, CVE-2016-6961, CVE-2016-6962, CVE-2016-6963, CVE-2016-6964, CVE-2016-6965, CVE-2016-6967, CVE-2016-6968, CVE-2016-6969, CVE-2016-6971, CVE-2016-6979, CVE-2016-6988, and CVE-2016-6993.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | mac_os_x | * | |
| microsoft | windows | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CE518B7B-656F-42F8-BF38-F74B8D9CF5DE",
"versionEndIncluding": "11.0.17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "56758CE4-B394-41C2-9EF9-A00022DA7257",
"versionEndIncluding": "15.006.30201",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "B3F34EB4-2203-4BA8-9729-C1EB2DEEC334",
"versionEndIncluding": "15.017.20053",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "08EAC1A2-56CE-4375-822A-9B8C43758654",
"versionEndIncluding": "15.006.30201",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "747D8222-B077-49A3-83EB-A210CAF0D094",
"versionEndIncluding": "15.017.20053",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0A07526D-9AD0-4778-B9DC-57815F9F450F",
"versionEndIncluding": "11.0.17",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1089, CVE-2016-1091, CVE-2016-6944, CVE-2016-6945, CVE-2016-6946, CVE-2016-6949, CVE-2016-6953, CVE-2016-6961, CVE-2016-6962, CVE-2016-6963, CVE-2016-6964, CVE-2016-6965, CVE-2016-6967, CVE-2016-6968, CVE-2016-6969, CVE-2016-6971, CVE-2016-6979, CVE-2016-6988, and CVE-2016-6993."
},
{
"lang": "es",
"value": "Vulnerabilidad de uso despu\u00e9s de liberaci\u00f3n de memoria en Adobe Reader y Acrobat en versiones anteriores a 11.0.18, Acrobat y Acrobat Reader DC Classic en versiones anteriores a 15.006.30243 y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 15.020.20039 en Windows y OS X permite a atacantes ejecutar c\u00f3digo arbitrario a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-1089, CVE-2016-1091, CVE-2016-6944, CVE-2016-6945, CVE-2016-6946, CVE-2016-6949, CVE-2016-6953, CVE-2016-6961, CVE-2016-6962, CVE-2016-6963, CVE-2016-6964, CVE-2016-6965, CVE-2016-6967, CVE-2016-6968, CVE-2016-6969, CVE-2016-6971, CVE-2016-6979, CVE-2016-6988 y CVE-2016-6993."
}
],
"id": "CVE-2016-6952",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-10-13T19:59:22.773",
"references": [
{
"source": "psirt@adobe.com",
"url": "http://www.securityfocus.com/bid/93491"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/93491"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-416"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-08-11 19:29
Modified
2025-04-20 01:37
Severity ?
Summary
Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conversion engine when processing Enhanced Metafile Format (EMF) data related to text strings. Successful exploitation could lead to arbitrary code execution.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| psirt@adobe.com | http://www.securityfocus.com/bid/100184 | Third Party Advisory, VDB Entry | |
| psirt@adobe.com | http://www.securitytracker.com/id/1039098 | Third Party Advisory, VDB Entry | |
| psirt@adobe.com | https://helpx.adobe.com/security/products/acrobat/apsb17-24.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/100184 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1039098 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://helpx.adobe.com/security/products/acrobat/apsb17-24.html | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| adobe | acrobat | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * | |
| apple | mac_os_x | * | |
| microsoft | windows | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A30D9514-FE2E-4A9C-9500-16890F53E970",
"versionEndIncluding": "11.0.20",
"versionStartIncluding": "11.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7C9B6745-48B3-47D5-B624-3321E9058FB6",
"versionEndIncluding": "17.011.30066",
"versionStartIncluding": "17.011.00000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "99D08096-DEEA-4409-835A-68479002FF0F",
"versionEndIncluding": "15.006.30306",
"versionStartIncluding": "15.006.30060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "C7A7FA12-9250-4E26-87AE-D5413A1B7D83",
"versionEndIncluding": "17.009.20058",
"versionStartIncluding": "15.007.20033",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "11A0E83A-9D77-4A0B-90DE-386D21D54146",
"versionEndIncluding": "17.011.30066",
"versionStartIncluding": "17.011.00000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "0E4BAFB4-C5F3-4033-9876-AC3CF37206F8",
"versionEndIncluding": "15.006.30306",
"versionStartIncluding": "15.006.30060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "7C578153-11EF-4F8D-9137-4F7AB8024D7E",
"versionEndIncluding": "17.009.20058",
"versionStartIncluding": "15.007.20033",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1F87CC97-6ED7-4AF1-B7B7-F89EA09A68DB",
"versionEndIncluding": "11.0.20",
"versionStartIncluding": "11.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conversion engine when processing Enhanced Metafile Format (EMF) data related to text strings. Successful exploitation could lead to arbitrary code execution."
},
{
"lang": "es",
"value": "Adobe Acrobat Reader 2017.009.20058 y anteriores, 2017.008.30051 y anteriores, 2015.006.30306 y anteriores, y 11.0.20 y anteriores tiene una vulnerabilidad de corrupci\u00f3n de memoria en el motor de conversi\u00f3n de imagen cuando procesa datos Enhanced Metafile Format (EMF) relacionados con las cadenas de texto. La explotaci\u00f3n con \u00e9xito de esta vulnerabilidad podr\u00eda permitir la ejecuci\u00f3n arbitraria de c\u00f3digo."
}
],
"id": "CVE-2017-11239",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-08-11T19:29:01.070",
"references": [
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/100184"
},
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039098"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/100184"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039098"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-10-13 20:00
Modified
2025-04-12 10:46
Severity ?
Summary
Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | mac_os_x | * | |
| microsoft | windows | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CE518B7B-656F-42F8-BF38-F74B8D9CF5DE",
"versionEndIncluding": "11.0.17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "56758CE4-B394-41C2-9EF9-A00022DA7257",
"versionEndIncluding": "15.006.30201",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "B3F34EB4-2203-4BA8-9729-C1EB2DEEC334",
"versionEndIncluding": "15.017.20053",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "08EAC1A2-56CE-4375-822A-9B8C43758654",
"versionEndIncluding": "15.006.30201",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "747D8222-B077-49A3-83EB-A210CAF0D094",
"versionEndIncluding": "15.017.20053",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0A07526D-9AD0-4778-B9DC-57815F9F450F",
"versionEndIncluding": "11.0.17",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019."
},
{
"lang": "es",
"value": "Adobe Reader y Acrobat en versiones anteriores a 11.0.18, Acrobat y Acrobat Reader DC Classic en versiones anteriores a 15.006.30243 y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 15.020.20039 en Windows y OS X permiten a atacantes ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018 y CVE-2016-7019."
}
],
"id": "CVE-2016-6998",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-10-13T20:00:25.870",
"references": [
{
"source": "psirt@adobe.com",
"url": "http://www.securityfocus.com/bid/93496"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/93496"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-04-12 14:59
Modified
2025-04-20 01:37
Severity ?
Summary
Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable use after free vulnerability in the XML Forms Architecture (XFA) engine. Successful exploitation could lead to arbitrary code execution.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * | |
| apple | mac_os_x | * | |
| microsoft | windows | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "920C2C98-5D86-4436-BEFF-54D9A41D43C8",
"versionEndIncluding": "11.0.19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "E065F497-3396-4F95-B19F-35628C8AA570",
"versionEndIncluding": "15.006.30280",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "FAC7EE17-469A-45D6-94B1-7C84E8727A06",
"versionEndIncluding": "15.023.20070",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "EF2B91EA-41D3-4054-958C-5F174D2ADDF0",
"versionEndIncluding": "15.006.30280",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "2E18E48C-BDDD-4A01-91F1-C233D53C0978",
"versionEndIncluding": "15.023.20070",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E65E415E-1C3C-472E-9750-3295B65CC6F0",
"versionEndIncluding": "11.0.19",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable use after free vulnerability in the XML Forms Architecture (XFA) engine. Successful exploitation could lead to arbitrary code execution."
},
{
"lang": "es",
"value": "Las versiones de Adobe Acrobat Reader 11.0.19 y anteriores, 15.006.30280 y anteriores, 15.023.20070 y anteriores tienen un uso explotable despu\u00e9s de la vulnerabilidad gratuita en el motor XFA (XML Forms Architecture). Una explotaci\u00f3n exitosa podr\u00eda conducir a la ejecuci\u00f3n arbitraria de c\u00f3digo."
}
],
"id": "CVE-2017-3035",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-04-12T14:59:02.360",
"references": [
{
"source": "psirt@adobe.com",
"url": "http://www.securityfocus.com/bid/97550"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1038228"
},
{
"source": "psirt@adobe.com",
"tags": [
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
},
{
"source": "nvd@nist.gov",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-17-261/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/97550"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1038228"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-416"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-08-11 19:29
Modified
2025-04-20 01:37
Severity ?
Summary
Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable use after free vulnerability in the Acrobat/Reader's JavaScript engine. Successful exploitation could lead to arbitrary code execution.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| psirt@adobe.com | http://www.securityfocus.com/bid/100182 | Third Party Advisory, VDB Entry | |
| psirt@adobe.com | http://www.securitytracker.com/id/1039098 | Third Party Advisory, VDB Entry | |
| psirt@adobe.com | https://helpx.adobe.com/security/products/acrobat/apsb17-24.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/100182 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1039098 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://helpx.adobe.com/security/products/acrobat/apsb17-24.html | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| adobe | acrobat | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * | |
| apple | mac_os_x | * | |
| microsoft | windows | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A30D9514-FE2E-4A9C-9500-16890F53E970",
"versionEndIncluding": "11.0.20",
"versionStartIncluding": "11.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7C9B6745-48B3-47D5-B624-3321E9058FB6",
"versionEndIncluding": "17.011.30066",
"versionStartIncluding": "17.011.00000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "99D08096-DEEA-4409-835A-68479002FF0F",
"versionEndIncluding": "15.006.30306",
"versionStartIncluding": "15.006.30060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "C7A7FA12-9250-4E26-87AE-D5413A1B7D83",
"versionEndIncluding": "17.009.20058",
"versionStartIncluding": "15.007.20033",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "11A0E83A-9D77-4A0B-90DE-386D21D54146",
"versionEndIncluding": "17.011.30066",
"versionStartIncluding": "17.011.00000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "0E4BAFB4-C5F3-4033-9876-AC3CF37206F8",
"versionEndIncluding": "15.006.30306",
"versionStartIncluding": "15.006.30060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "7C578153-11EF-4F8D-9137-4F7AB8024D7E",
"versionEndIncluding": "17.009.20058",
"versionStartIncluding": "15.007.20033",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1F87CC97-6ED7-4AF1-B7B7-F89EA09A68DB",
"versionEndIncluding": "11.0.20",
"versionStartIncluding": "11.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable use after free vulnerability in the Acrobat/Reader\u0027s JavaScript engine. Successful exploitation could lead to arbitrary code execution."
},
{
"lang": "es",
"value": "Adobe Acrobat Reader 2017.009.20058 y anteriores, 2017.008.30051 y anteriores, 2015.006.30306 y anteriores, y 11.0.20 y anteriores tiene una vulnerabilidad de uso de memoria antes de liberaci\u00f3n (use after free) en el motor JavaScript de Acrobat/Reader. La explotaci\u00f3n con \u00e9xito de esta vulnerabilidad podr\u00eda permitir la ejecuci\u00f3n arbitraria de c\u00f3digo."
}
],
"id": "CVE-2017-11254",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-08-11T19:29:01.430",
"references": [
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/100182"
},
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039098"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/100182"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039098"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-416"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-04-12 14:59
Modified
2025-04-20 01:37
Severity ?
Summary
Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability in the renderer functionality. Successful exploitation could lead to arbitrary code execution.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * | |
| apple | mac_os_x | * | |
| microsoft | windows | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "920C2C98-5D86-4436-BEFF-54D9A41D43C8",
"versionEndIncluding": "11.0.19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "E065F497-3396-4F95-B19F-35628C8AA570",
"versionEndIncluding": "15.006.30280",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "FAC7EE17-469A-45D6-94B1-7C84E8727A06",
"versionEndIncluding": "15.023.20070",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "EF2B91EA-41D3-4054-958C-5F174D2ADDF0",
"versionEndIncluding": "15.006.30280",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "2E18E48C-BDDD-4A01-91F1-C233D53C0978",
"versionEndIncluding": "15.023.20070",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E65E415E-1C3C-472E-9750-3295B65CC6F0",
"versionEndIncluding": "11.0.19",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability in the renderer functionality. Successful exploitation could lead to arbitrary code execution."
},
{
"lang": "es",
"value": "Las versiones de Adobe Acrobat Reader 11.0.19 y anteriores, 15.006.30280 y anteriores, 15.023.20070 y anteriores tienen una vulnerabilidad de corrupci\u00f3n de memoria explotable en la funcionalidad de representaci\u00f3n. Una explotaci\u00f3n exitosa podr\u00eda conducir a la ejecuci\u00f3n de c\u00f3digo arbitrario."
}
],
"id": "CVE-2017-3018",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-04-12T14:59:01.797",
"references": [
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/97556"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1038228"
},
{
"source": "psirt@adobe.com",
"tags": [
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/97556"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1038228"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-07-13 02:00
Modified
2025-04-12 10:46
Severity ?
Summary
Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4191, CVE-2016-4192, CVE-2016-4193, CVE-2016-4194, CVE-2016-4195, CVE-2016-4196, CVE-2016-4197, CVE-2016-4198, CVE-2016-4199, CVE-2016-4200, CVE-2016-4201, CVE-2016-4202, CVE-2016-4203, CVE-2016-4205, CVE-2016-4206, CVE-2016-4207, CVE-2016-4208, CVE-2016-4211, CVE-2016-4212, CVE-2016-4213, CVE-2016-4214, CVE-2016-4250, CVE-2016-4251, CVE-2016-4252, and CVE-2016-4254.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | mac_os_x | * | |
| microsoft | windows | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "48F7FCE4-6C44-45DA-B1F0-7808F497AA93",
"versionEndIncluding": "11.0.16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "3F3C7F23-77F4-4698-8E74-72917F2A83E9",
"versionEndIncluding": "15.006.30174",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "2E46BF91-F475-46CB-8575-13FE3A57BD55",
"versionEndIncluding": "15.016.20045",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "6D455EA4-9459-471D-8B4E-D7D78C1772F3",
"versionEndIncluding": "15.006.30174",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "79074ABD-9720-4298-A680-0B636FFC6151",
"versionEndIncluding": "15.016.20045",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CD2EDEC-3767-4713-ACD7-D463DAE2D273",
"versionEndIncluding": "11.0.16",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4191, CVE-2016-4192, CVE-2016-4193, CVE-2016-4194, CVE-2016-4195, CVE-2016-4196, CVE-2016-4197, CVE-2016-4198, CVE-2016-4199, CVE-2016-4200, CVE-2016-4201, CVE-2016-4202, CVE-2016-4203, CVE-2016-4205, CVE-2016-4206, CVE-2016-4207, CVE-2016-4208, CVE-2016-4211, CVE-2016-4212, CVE-2016-4213, CVE-2016-4214, CVE-2016-4250, CVE-2016-4251, CVE-2016-4252, and CVE-2016-4254."
},
{
"lang": "es",
"value": "Adobe Reader y Acrobat en versiones anteriores a 11.0.17, Acrobat y Acrobat Reader DC Classic en versiones anteriores a 15.006.30198 y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 15.017.20050 en Windows y OS X permiten a atacantes ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-4191, CVE-2016-4192, CVE-2016-4193, CVE-2016-4194, CVE-2016-4195, CVE-2016-4196, CVE-2016-4197, CVE-2016-4198, CVE-2016-4199, CVE-2016-4200, CVE-2016-4201, CVE-2016-4202, CVE-2016-4203, CVE-2016-4205, CVE-2016-4206, CVE-2016-4207, CVE-2016-4208, CVE-2016-4211, CVE-2016-4212, CVE-2016-4213, CVE-2016-4214, CVE-2016-4250, CVE-2016-4251, CVE-2016-4252 y CVE-2016-4254."
}
],
"id": "CVE-2016-4204",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-07-13T02:00:14.070",
"references": [
{
"source": "psirt@adobe.com",
"url": "http://www.securityfocus.com/bid/91716"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1036281"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html"
},
{
"source": "psirt@adobe.com",
"url": "https://www.exploit-db.com/exploits/40096/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/91716"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1036281"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.exploit-db.com/exploits/40096/"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-10-13 19:59
Modified
2025-04-12 10:46
Severity ?
Summary
Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | mac_os_x | * | |
| microsoft | windows | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CE518B7B-656F-42F8-BF38-F74B8D9CF5DE",
"versionEndIncluding": "11.0.17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "56758CE4-B394-41C2-9EF9-A00022DA7257",
"versionEndIncluding": "15.006.30201",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "B3F34EB4-2203-4BA8-9729-C1EB2DEEC334",
"versionEndIncluding": "15.017.20053",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "08EAC1A2-56CE-4375-822A-9B8C43758654",
"versionEndIncluding": "15.006.30201",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "747D8222-B077-49A3-83EB-A210CAF0D094",
"versionEndIncluding": "15.017.20053",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0A07526D-9AD0-4778-B9DC-57815F9F450F",
"versionEndIncluding": "11.0.17",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019."
},
{
"lang": "es",
"value": "Adobe Reader y Acrobat en versiones anteriores a 11.0.18, Acrobat y Acrobat Reader DC Classic en versiones anteriores a 15.006.30243 y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 15.020.20039 en Windows y OS X permiten a atacantes ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018 y CVE-2016-7019."
}
],
"id": "CVE-2016-6947",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-10-13T19:59:17.630",
"references": [
{
"source": "psirt@adobe.com",
"url": "http://www.securityfocus.com/bid/93496"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/93496"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-08-11 19:29
Modified
2025-04-20 01:37
Severity ?
Summary
Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conversion engine when processing Enhanced Metafile Format (EMF) private data. Successful exploitation could lead to arbitrary code execution.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| psirt@adobe.com | http://www.securityfocus.com/bid/100184 | Third Party Advisory, VDB Entry | |
| psirt@adobe.com | http://www.securitytracker.com/id/1039098 | Third Party Advisory, VDB Entry | |
| psirt@adobe.com | https://helpx.adobe.com/security/products/acrobat/apsb17-24.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/100184 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1039098 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://helpx.adobe.com/security/products/acrobat/apsb17-24.html | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| adobe | acrobat | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * | |
| apple | mac_os_x | * | |
| microsoft | windows | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A30D9514-FE2E-4A9C-9500-16890F53E970",
"versionEndIncluding": "11.0.20",
"versionStartIncluding": "11.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7C9B6745-48B3-47D5-B624-3321E9058FB6",
"versionEndIncluding": "17.011.30066",
"versionStartIncluding": "17.011.00000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "99D08096-DEEA-4409-835A-68479002FF0F",
"versionEndIncluding": "15.006.30306",
"versionStartIncluding": "15.006.30060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "C7A7FA12-9250-4E26-87AE-D5413A1B7D83",
"versionEndIncluding": "17.009.20058",
"versionStartIncluding": "15.007.20033",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "11A0E83A-9D77-4A0B-90DE-386D21D54146",
"versionEndIncluding": "17.011.30066",
"versionStartIncluding": "17.011.00000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "0E4BAFB4-C5F3-4033-9876-AC3CF37206F8",
"versionEndIncluding": "15.006.30306",
"versionStartIncluding": "15.006.30060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "7C578153-11EF-4F8D-9137-4F7AB8024D7E",
"versionEndIncluding": "17.009.20058",
"versionStartIncluding": "15.007.20033",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1F87CC97-6ED7-4AF1-B7B7-F89EA09A68DB",
"versionEndIncluding": "11.0.20",
"versionStartIncluding": "11.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conversion engine when processing Enhanced Metafile Format (EMF) private data. Successful exploitation could lead to arbitrary code execution."
},
{
"lang": "es",
"value": "Adobe Acrobat Reader 2017.009.20058 y anteriores, 2017.008.30051 y anteriores, 2015.006.30306 y anteriores, y 11.0.20 y anteriores tiene una vulnerabilidad de corrupci\u00f3n de memoria en el motor de conversi\u00f3n de imagen cuando procesa datos privados Enhanced Metafile Format (EMF). La explotaci\u00f3n con \u00e9xito de esta vulnerabilidad podr\u00eda permitir la ejecuci\u00f3n arbitraria de c\u00f3digo."
}
],
"id": "CVE-2017-11245",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-08-11T19:29:01.210",
"references": [
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/100184"
},
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039098"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/100184"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039098"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-08-11 19:29
Modified
2025-04-20 01:37
Severity ?
Summary
Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the XSLT engine. Successful exploitation could lead to arbitrary code execution.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| psirt@adobe.com | http://www.securityfocus.com/bid/100184 | Third Party Advisory, VDB Entry | |
| psirt@adobe.com | http://www.securitytracker.com/id/1039098 | Third Party Advisory, VDB Entry | |
| psirt@adobe.com | https://helpx.adobe.com/security/products/acrobat/apsb17-24.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/100184 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1039098 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://helpx.adobe.com/security/products/acrobat/apsb17-24.html | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| adobe | acrobat | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * | |
| apple | mac_os_x | * | |
| microsoft | windows | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A30D9514-FE2E-4A9C-9500-16890F53E970",
"versionEndIncluding": "11.0.20",
"versionStartIncluding": "11.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7C9B6745-48B3-47D5-B624-3321E9058FB6",
"versionEndIncluding": "17.011.30066",
"versionStartIncluding": "17.011.00000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "99D08096-DEEA-4409-835A-68479002FF0F",
"versionEndIncluding": "15.006.30306",
"versionStartIncluding": "15.006.30060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "C7A7FA12-9250-4E26-87AE-D5413A1B7D83",
"versionEndIncluding": "17.009.20058",
"versionStartIncluding": "15.007.20033",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "11A0E83A-9D77-4A0B-90DE-386D21D54146",
"versionEndIncluding": "17.011.30066",
"versionStartIncluding": "17.011.00000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "0E4BAFB4-C5F3-4033-9876-AC3CF37206F8",
"versionEndIncluding": "15.006.30306",
"versionStartIncluding": "15.006.30060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "7C578153-11EF-4F8D-9137-4F7AB8024D7E",
"versionEndIncluding": "17.009.20058",
"versionStartIncluding": "15.007.20033",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1F87CC97-6ED7-4AF1-B7B7-F89EA09A68DB",
"versionEndIncluding": "11.0.20",
"versionStartIncluding": "11.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the XSLT engine. Successful exploitation could lead to arbitrary code execution."
},
{
"lang": "es",
"value": "Adobe Acrobat Reader 2017.009.20058 y anteriores, 2017.008.30051 y anteriores, 2015.006.30306 y anteriores, y 11.0.20 y anteriores tiene una vulnerabilidad de corrupci\u00f3n de memoria en el motor XSLT. La explotaci\u00f3n con \u00e9xito de esta vulnerabilidad podr\u00eda permitir la ejecuci\u00f3n arbitraria de c\u00f3digo."
}
],
"id": "CVE-2017-11243",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-08-11T19:29:01.163",
"references": [
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/100184"
},
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039098"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/100184"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039098"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-01-11 04:59
Modified
2025-04-20 01:37
Severity ?
Summary
Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable use after free vulnerability in the JavaScript engine. Successful exploitation could lead to arbitrary code execution.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * | |
| apple | mac_os_x | * | |
| microsoft | windows | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "591061D5-5A3B-4788-9219-E6A267C7F205",
"versionEndIncluding": "11.0.18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "2DA73DF1-D517-4D01-A901-11C6A410F3F7",
"versionEndIncluding": "15.006.30244",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "1044057B-3C1D-4920-B16E-11E8F43B416D",
"versionEndIncluding": "15.020.20042",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "65AE21B3-AF0D-480B-9D1A-4D64D2F749D2",
"versionEndIncluding": "15.006.30244",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "C032D3A4-80F5-4066-97DC-3AED72D6C15A",
"versionEndIncluding": "15.020.20042",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8D7F2E90-F6DF-41A3-A1DB-26058BEA2A02",
"versionEndIncluding": "11.0.18",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable use after free vulnerability in the JavaScript engine. Successful exploitation could lead to arbitrary code execution."
},
{
"lang": "es",
"value": "Las versiones de Adobe Acrobat Reader 15.020.20042 y anteriores, 15.006.30244 y anteriores, 11.0.18 y anteriores tienen una vulnerabilidad de uso despu\u00e9s de liberaci\u00f3n de memoria explotable en el motor JavaScript. Una explotaci\u00f3n satisfactoria podr\u00eda conducir a la ejecuci\u00f3n de c\u00f3digo arbitrario."
}
],
"id": "CVE-2017-2958",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-01-11T04:59:01.773",
"references": [
{
"source": "psirt@adobe.com",
"url": "http://www.securityfocus.com/bid/95343"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1037574"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/95343"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1037574"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-416"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-01-11 04:59
Modified
2025-04-20 01:37
Severity ?
Summary
Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable type confusion vulnerability in the XSLT engine related to localization functionality. Successful exploitation could lead to arbitrary code execution.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * | |
| apple | mac_os_x | * | |
| microsoft | windows | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "591061D5-5A3B-4788-9219-E6A267C7F205",
"versionEndIncluding": "11.0.18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "2DA73DF1-D517-4D01-A901-11C6A410F3F7",
"versionEndIncluding": "15.006.30244",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "1044057B-3C1D-4920-B16E-11E8F43B416D",
"versionEndIncluding": "15.020.20042",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "65AE21B3-AF0D-480B-9D1A-4D64D2F749D2",
"versionEndIncluding": "15.006.30244",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "C032D3A4-80F5-4066-97DC-3AED72D6C15A",
"versionEndIncluding": "15.020.20042",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8D7F2E90-F6DF-41A3-A1DB-26058BEA2A02",
"versionEndIncluding": "11.0.18",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable type confusion vulnerability in the XSLT engine related to localization functionality. Successful exploitation could lead to arbitrary code execution."
},
{
"lang": "es",
"value": "Las versiones de Adobe Acrobat Reader 15.020.20042 y anteriores, 15.006.30244 y anteriores, 11.0.18 y anteriores tienen una vulnerabilidad de confusi\u00f3n de tipo explotable en el motor XSLT relacionado con la funcionalidad de localizaci\u00f3n. Una explotaci\u00f3n satisfactoria podr\u00eda conducir a la ejecuci\u00f3n de c\u00f3digo arbitrario."
}
],
"id": "CVE-2017-2962",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-01-11T04:59:01.977",
"references": [
{
"source": "psirt@adobe.com",
"url": "http://www.securityfocus.com/bid/95340"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1037574"
},
{
"source": "psirt@adobe.com",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-17-026"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/95340"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1037574"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-17-026"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-704"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-05-11 10:59
Modified
2025-04-12 10:46
Severity ?
Summary
Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to obtain sensitive information from process memory via unspecified vectors, a different vulnerability than CVE-2016-1092.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | mac_os_x | * | |
| microsoft | windows | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3A70458C-0416-49BD-A371-1CFA85DC6A13",
"versionEndIncluding": "11.0.15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "E91D5928-1453-4359-9F35-46D9A3A9CD91",
"versionEndIncluding": "15.006.30121",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "504D35C5-04CB-4FBD-B9FD-4CBA71A5EC1A",
"versionEndIncluding": "15.010.20060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "A63411C3-E8AE-415D-B1B6-1EA6AA20494A",
"versionEndIncluding": "15.006.30121",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "B33BAE59-1F77-4F21-A5C0-B5D9D1D67F1E",
"versionEndIncluding": "15.010.20060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "15C60A67-A7DE-4B57-BC2B-28D9B546DA3B",
"versionEndIncluding": "11.0.15",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to obtain sensitive information from process memory via unspecified vectors, a different vulnerability than CVE-2016-1092."
},
{
"lang": "es",
"value": "Adobe Reader y Acrobat en versiones anteriores a 11.0.16, Acrobat y Acrobat Reader DC Classic en versiones anteriores a 15.006.30172 y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 15.016.20039 sobre Windows y OS X permiten a atacantes obtener informaci\u00f3n sensible de la memoria de proceso a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-1092."
}
],
"id": "CVE-2016-1079",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-05-11T10:59:49.127",
"references": [
{
"source": "psirt@adobe.com",
"url": "http://www.securityfocus.com/bid/90511"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"source": "psirt@adobe.com",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-326"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/90511"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-326"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-08-11 19:29
Modified
2025-04-20 01:37
Severity ?
Summary
Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable use after free vulnerability when processing Enhanced Metafile Format (EMF) data related to brush manipulation. Successful exploitation could lead to arbitrary code execution.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| psirt@adobe.com | http://www.securityfocus.com/bid/100185 | Third Party Advisory, VDB Entry | |
| psirt@adobe.com | http://www.securitytracker.com/id/1039098 | Third Party Advisory, VDB Entry | |
| psirt@adobe.com | https://helpx.adobe.com/security/products/acrobat/apsb17-24.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/100185 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1039098 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://helpx.adobe.com/security/products/acrobat/apsb17-24.html | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| adobe | acrobat | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * | |
| apple | mac_os_x | * | |
| microsoft | windows | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A30D9514-FE2E-4A9C-9500-16890F53E970",
"versionEndIncluding": "11.0.20",
"versionStartIncluding": "11.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7C9B6745-48B3-47D5-B624-3321E9058FB6",
"versionEndIncluding": "17.011.30066",
"versionStartIncluding": "17.011.00000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "99D08096-DEEA-4409-835A-68479002FF0F",
"versionEndIncluding": "15.006.30306",
"versionStartIncluding": "15.006.30060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "C7A7FA12-9250-4E26-87AE-D5413A1B7D83",
"versionEndIncluding": "17.009.20058",
"versionStartIncluding": "15.007.20033",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "11A0E83A-9D77-4A0B-90DE-386D21D54146",
"versionEndIncluding": "17.011.30066",
"versionStartIncluding": "17.011.00000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "0E4BAFB4-C5F3-4033-9876-AC3CF37206F8",
"versionEndIncluding": "15.006.30306",
"versionStartIncluding": "15.006.30060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "7C578153-11EF-4F8D-9137-4F7AB8024D7E",
"versionEndIncluding": "17.009.20058",
"versionStartIncluding": "15.007.20033",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1F87CC97-6ED7-4AF1-B7B7-F89EA09A68DB",
"versionEndIncluding": "11.0.20",
"versionStartIncluding": "11.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable use after free vulnerability when processing Enhanced Metafile Format (EMF) data related to brush manipulation. Successful exploitation could lead to arbitrary code execution."
},
{
"lang": "es",
"value": "Adobe Acrobat Reader 2017.009.20058 y anteriores, 2017.008.30051 y anteriores, 2015.006.30306 y anteriores, y 11.0.20 y anteriores tiene una vulnerabilidad de uso de memoria antes de liberaci\u00f3n (use after free) cuando procesa datos Enhanced Metafile Format (EMF) relacionados con la manipulaci\u00f3n de pinceles. La explotaci\u00f3n con \u00e9xito de esta vulnerabilidad podr\u00eda permitir la ejecuci\u00f3n arbitraria de c\u00f3digo."
}
],
"id": "CVE-2017-11232",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-08-11T19:29:00.850",
"references": [
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/100185"
},
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039098"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/100185"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039098"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
},
{
"lang": "en",
"value": "CWE-416"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-10-13 19:59
Modified
2025-04-12 10:46
Severity ?
Summary
Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1089, CVE-2016-1091, CVE-2016-6944, CVE-2016-6945, CVE-2016-6946, CVE-2016-6952, CVE-2016-6953, CVE-2016-6961, CVE-2016-6962, CVE-2016-6963, CVE-2016-6964, CVE-2016-6965, CVE-2016-6967, CVE-2016-6968, CVE-2016-6969, CVE-2016-6971, CVE-2016-6979, CVE-2016-6988, and CVE-2016-6993.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| psirt@adobe.com | http://www.securityfocus.com/bid/93491 | Third Party Advisory, VDB Entry | |
| psirt@adobe.com | http://www.securitytracker.com/id/1036986 | ||
| psirt@adobe.com | https://helpx.adobe.com/security/products/acrobat/apsb16-33.html | Patch, Vendor Advisory | |
| psirt@adobe.com | https://www.verisign.com/en_US/security-services/security-intelligence/vulnerability-reports/articles/index.xhtml?id=1230 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/93491 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1036986 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://helpx.adobe.com/security/products/acrobat/apsb16-33.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.verisign.com/en_US/security-services/security-intelligence/vulnerability-reports/articles/index.xhtml?id=1230 | Third Party Advisory, VDB Entry |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | mac_os_x | * | |
| microsoft | windows | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CE518B7B-656F-42F8-BF38-F74B8D9CF5DE",
"versionEndIncluding": "11.0.17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "56758CE4-B394-41C2-9EF9-A00022DA7257",
"versionEndIncluding": "15.006.30201",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "B3F34EB4-2203-4BA8-9729-C1EB2DEEC334",
"versionEndIncluding": "15.017.20053",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "08EAC1A2-56CE-4375-822A-9B8C43758654",
"versionEndIncluding": "15.006.30201",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "747D8222-B077-49A3-83EB-A210CAF0D094",
"versionEndIncluding": "15.017.20053",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0A07526D-9AD0-4778-B9DC-57815F9F450F",
"versionEndIncluding": "11.0.17",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1089, CVE-2016-1091, CVE-2016-6944, CVE-2016-6945, CVE-2016-6946, CVE-2016-6952, CVE-2016-6953, CVE-2016-6961, CVE-2016-6962, CVE-2016-6963, CVE-2016-6964, CVE-2016-6965, CVE-2016-6967, CVE-2016-6968, CVE-2016-6969, CVE-2016-6971, CVE-2016-6979, CVE-2016-6988, and CVE-2016-6993."
},
{
"lang": "es",
"value": "Vulnerabilidad de uso despu\u00e9s de liberaci\u00f3n de memoria en Adobe Reader y Acrobat en versiones anteriores a 11.0.18, Acrobat y Acrobat Reader DC Classic en versiones anteriores a 15.006.30243 y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 15.020.20039 en Windows y OS X permite a atacantes ejecutar c\u00f3digo arbitrario a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-1089, CVE-2016-1091, CVE-2016-6944, CVE-2016-6945, CVE-2016-6946, CVE-2016-6952, CVE-2016-6953, CVE-2016-6961, CVE-2016-6962, CVE-2016-6963, CVE-2016-6964, CVE-2016-6965, CVE-2016-6967, CVE-2016-6968, CVE-2016-6969, CVE-2016-6971, CVE-2016-6979, CVE-2016-6988 y CVE-2016-6993."
}
],
"id": "CVE-2016-6949",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-10-13T19:59:19.530",
"references": [
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/93491"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.verisign.com/en_US/security-services/security-intelligence/vulnerability-reports/articles/index.xhtml?id=1230"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/93491"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.verisign.com/en_US/security-services/security-intelligence/vulnerability-reports/articles/index.xhtml?id=1230"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-416"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-05-11 11:00
Modified
2025-04-12 10:46
Severity ?
Summary
Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, and CVE-2016-4104.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| psirt@adobe.com | http://www.securitytracker.com/id/1035828 | Third Party Advisory, VDB Entry | |
| psirt@adobe.com | https://helpx.adobe.com/security/products/acrobat/apsb16-14.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1035828 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://helpx.adobe.com/security/products/acrobat/apsb16-14.html | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | mac_os_x | * | |
| microsoft | windows | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3A70458C-0416-49BD-A371-1CFA85DC6A13",
"versionEndIncluding": "11.0.15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "E91D5928-1453-4359-9F35-46D9A3A9CD91",
"versionEndIncluding": "15.006.30121",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "504D35C5-04CB-4FBD-B9FD-4CBA71A5EC1A",
"versionEndIncluding": "15.010.20060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "A63411C3-E8AE-415D-B1B6-1EA6AA20494A",
"versionEndIncluding": "15.006.30121",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "B33BAE59-1F77-4F21-A5C0-B5D9D1D67F1E",
"versionEndIncluding": "15.010.20060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "15C60A67-A7DE-4B57-BC2B-28D9B546DA3B",
"versionEndIncluding": "11.0.15",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, and CVE-2016-4104."
},
{
"lang": "es",
"value": "Adobe Reader y Acrobat en versiones anteriores a 11.0.16, Acrobat y Acrobat Reader DC Classic en versiones anteriores a 15.006.30172 y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 15.016.20039 sobre Windows y OS X permiten a atacantes ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103 y CVE-2016-4104."
}
],
"id": "CVE-2016-4105",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-05-11T11:00:58.200",
"references": [
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1035828"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1035828"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-04-12 14:59
Modified
2025-04-20 01:37
Severity ?
Summary
Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have a memory address leak vulnerability when handling JPEG 2000 code-stream tile data.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| psirt@adobe.com | http://www.securityfocus.com/bid/97554 | Third Party Advisory, VDB Entry | |
| psirt@adobe.com | http://www.securitytracker.com/id/1038228 | ||
| psirt@adobe.com | https://helpx.adobe.com/security/products/acrobat/apsb17-11.html | Vendor Advisory | |
| nvd@nist.gov | http://www.zerodayinitiative.com/advisories/ZDI-17-258/ | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/97554 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1038228 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://helpx.adobe.com/security/products/acrobat/apsb17-11.html | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * | |
| apple | mac_os_x | * | |
| microsoft | windows | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "920C2C98-5D86-4436-BEFF-54D9A41D43C8",
"versionEndIncluding": "11.0.19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "E065F497-3396-4F95-B19F-35628C8AA570",
"versionEndIncluding": "15.006.30280",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "FAC7EE17-469A-45D6-94B1-7C84E8727A06",
"versionEndIncluding": "15.023.20070",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "EF2B91EA-41D3-4054-958C-5F174D2ADDF0",
"versionEndIncluding": "15.006.30280",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "2E18E48C-BDDD-4A01-91F1-C233D53C0978",
"versionEndIncluding": "15.023.20070",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E65E415E-1C3C-472E-9750-3295B65CC6F0",
"versionEndIncluding": "11.0.19",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have a memory address leak vulnerability when handling JPEG 2000 code-stream tile data."
},
{
"lang": "es",
"value": "Las versiones de Adobe Acrobat Reader 11.0.19 y anteriores, 15.006.30280 y anteriores, 15.023.20070 y anteriores tienen una vulnerabilidad de fuga de direcci\u00f3n de memoria cuando se manipulan datos de mosaico de flujo de c\u00f3digo JPEG 2000."
}
],
"id": "CVE-2017-3033",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-04-12T14:59:02.297",
"references": [
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/97554"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1038228"
},
{
"source": "psirt@adobe.com",
"tags": [
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
},
{
"source": "nvd@nist.gov",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-17-258/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/97554"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1038228"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-04-12 14:59
Modified
2025-04-20 01:37
Severity ?
Summary
Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have a memory address leak vulnerability in the weblink module.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| psirt@adobe.com | http://www.securityfocus.com/bid/97554 | Third Party Advisory, VDB Entry | |
| psirt@adobe.com | http://www.securitytracker.com/id/1038228 | ||
| psirt@adobe.com | https://helpx.adobe.com/security/products/acrobat/apsb17-11.html | Vendor Advisory | |
| nvd@nist.gov | http://www.zerodayinitiative.com/advisories/ZDI-17-250/ | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/97554 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1038228 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://helpx.adobe.com/security/products/acrobat/apsb17-11.html | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * | |
| apple | mac_os_x | * | |
| microsoft | windows | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "920C2C98-5D86-4436-BEFF-54D9A41D43C8",
"versionEndIncluding": "11.0.19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "E065F497-3396-4F95-B19F-35628C8AA570",
"versionEndIncluding": "15.006.30280",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "FAC7EE17-469A-45D6-94B1-7C84E8727A06",
"versionEndIncluding": "15.023.20070",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "EF2B91EA-41D3-4054-958C-5F174D2ADDF0",
"versionEndIncluding": "15.006.30280",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "2E18E48C-BDDD-4A01-91F1-C233D53C0978",
"versionEndIncluding": "15.023.20070",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E65E415E-1C3C-472E-9750-3295B65CC6F0",
"versionEndIncluding": "11.0.19",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have a memory address leak vulnerability in the weblink module."
},
{
"lang": "es",
"value": "Las versiones de Adobe Acrobat Reader 11.0.19 y anteriores, 15.006.30280 y anteriores, 15.023.20070 y anteriores tienen una vulnerabilidad de fuga de direcci\u00f3n de memoria en el m\u00f3dulo weblink."
}
],
"id": "CVE-2017-3020",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-04-12T14:59:01.890",
"references": [
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/97554"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1038228"
},
{
"source": "psirt@adobe.com",
"tags": [
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
},
{
"source": "nvd@nist.gov",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-17-250/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/97554"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1038228"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-08-11 19:29
Modified
2025-04-20 01:37
Severity ?
Summary
Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conversion engine when processing Enhanced Metafile Format (EMF) data related to drawing ASCII text string. Successful exploitation could lead to arbitrary code execution.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| psirt@adobe.com | http://www.securityfocus.com/bid/100179 | Third Party Advisory, VDB Entry | |
| psirt@adobe.com | http://www.securitytracker.com/id/1039098 | Third Party Advisory, VDB Entry | |
| psirt@adobe.com | https://helpx.adobe.com/security/products/acrobat/apsb17-24.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/100179 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1039098 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://helpx.adobe.com/security/products/acrobat/apsb17-24.html | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| adobe | acrobat | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * | |
| apple | mac_os_x | * | |
| microsoft | windows | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A30D9514-FE2E-4A9C-9500-16890F53E970",
"versionEndIncluding": "11.0.20",
"versionStartIncluding": "11.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7C9B6745-48B3-47D5-B624-3321E9058FB6",
"versionEndIncluding": "17.011.30066",
"versionStartIncluding": "17.011.00000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "99D08096-DEEA-4409-835A-68479002FF0F",
"versionEndIncluding": "15.006.30306",
"versionStartIncluding": "15.006.30060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "C7A7FA12-9250-4E26-87AE-D5413A1B7D83",
"versionEndIncluding": "17.009.20058",
"versionStartIncluding": "15.007.20033",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "11A0E83A-9D77-4A0B-90DE-386D21D54146",
"versionEndIncluding": "17.011.30066",
"versionStartIncluding": "17.011.00000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "0E4BAFB4-C5F3-4033-9876-AC3CF37206F8",
"versionEndIncluding": "15.006.30306",
"versionStartIncluding": "15.006.30060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "7C578153-11EF-4F8D-9137-4F7AB8024D7E",
"versionEndIncluding": "17.009.20058",
"versionStartIncluding": "15.007.20033",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1F87CC97-6ED7-4AF1-B7B7-F89EA09A68DB",
"versionEndIncluding": "11.0.20",
"versionStartIncluding": "11.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conversion engine when processing Enhanced Metafile Format (EMF) data related to drawing ASCII text string. Successful exploitation could lead to arbitrary code execution."
},
{
"lang": "es",
"value": "Adobe Acrobat Reader 2017.009.20058 y anteriores, 2017.008.30051 y anteriores, 2015.006.30306 y anteriores, y 11.0.20 y anteriores tiene una vulnerabilidad de corrupci\u00f3n de memoria en el motor de conversi\u00f3n de imagen cuando procesa datos Enhanced Metafile Format (EMF) relacionados con el dibujado de cadenas de texto ASCII. La explotaci\u00f3n con \u00e9xito de esta vulnerabilidad podr\u00eda permitir la ejecuci\u00f3n arbitraria de c\u00f3digo."
}
],
"id": "CVE-2017-11262",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-08-11T19:29:01.680",
"references": [
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/100179"
},
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039098"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/100179"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039098"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-07-13 02:00
Modified
2025-04-12 10:46
Severity ?
Summary
Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4191, CVE-2016-4192, CVE-2016-4193, CVE-2016-4194, CVE-2016-4195, CVE-2016-4196, CVE-2016-4197, CVE-2016-4198, CVE-2016-4199, CVE-2016-4200, CVE-2016-4201, CVE-2016-4202, CVE-2016-4203, CVE-2016-4204, CVE-2016-4205, CVE-2016-4206, CVE-2016-4207, CVE-2016-4208, CVE-2016-4211, CVE-2016-4212, CVE-2016-4213, CVE-2016-4214, CVE-2016-4250, CVE-2016-4252, and CVE-2016-4254.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | mac_os_x | * | |
| microsoft | windows | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "48F7FCE4-6C44-45DA-B1F0-7808F497AA93",
"versionEndIncluding": "11.0.16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "3F3C7F23-77F4-4698-8E74-72917F2A83E9",
"versionEndIncluding": "15.006.30174",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "2E46BF91-F475-46CB-8575-13FE3A57BD55",
"versionEndIncluding": "15.016.20045",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "6D455EA4-9459-471D-8B4E-D7D78C1772F3",
"versionEndIncluding": "15.006.30174",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "79074ABD-9720-4298-A680-0B636FFC6151",
"versionEndIncluding": "15.016.20045",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CD2EDEC-3767-4713-ACD7-D463DAE2D273",
"versionEndIncluding": "11.0.16",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4191, CVE-2016-4192, CVE-2016-4193, CVE-2016-4194, CVE-2016-4195, CVE-2016-4196, CVE-2016-4197, CVE-2016-4198, CVE-2016-4199, CVE-2016-4200, CVE-2016-4201, CVE-2016-4202, CVE-2016-4203, CVE-2016-4204, CVE-2016-4205, CVE-2016-4206, CVE-2016-4207, CVE-2016-4208, CVE-2016-4211, CVE-2016-4212, CVE-2016-4213, CVE-2016-4214, CVE-2016-4250, CVE-2016-4252, and CVE-2016-4254."
},
{
"lang": "es",
"value": "Adobe Reader y Acrobat en versiones anteriores a 11.0.17, Acrobat y Acrobat Reader DC Classic en versiones anteriores a 15.006.30198 y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 15.017.20050 en Windows y OS X permiten a atacantes ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-4191, CVE-2016-4192, CVE-2016-4193, CVE-2016-4194, CVE-2016-4195, CVE-2016-4196, CVE-2016-4197, CVE-2016-4198, CVE-2016-4199, CVE-2016-4200, CVE-2016-4201, CVE-2016-4202, CVE-2016-4203, CVE-2016-4204, CVE-2016-4205, CVE-2016-4206, CVE-2016-4207, CVE-2016-4208, CVE-2016-4211, CVE-2016-4212, CVE-2016-4213, CVE-2016-4214, CVE-2016-4250, CVE-2016-4252 y CVE-2016-4254."
}
],
"id": "CVE-2016-4251",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-07-13T02:00:57.453",
"references": [
{
"source": "psirt@adobe.com",
"url": "http://www.securityfocus.com/bid/91716"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1036281"
},
{
"source": "psirt@adobe.com",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-421"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/91716"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1036281"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-421"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-07-13 02:00
Modified
2025-04-12 10:46
Severity ?
Summary
Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4191, CVE-2016-4192, CVE-2016-4193, CVE-2016-4194, CVE-2016-4195, CVE-2016-4196, CVE-2016-4197, CVE-2016-4198, CVE-2016-4199, CVE-2016-4200, CVE-2016-4201, CVE-2016-4202, CVE-2016-4203, CVE-2016-4204, CVE-2016-4205, CVE-2016-4206, CVE-2016-4207, CVE-2016-4208, CVE-2016-4211, CVE-2016-4212, CVE-2016-4213, CVE-2016-4214, CVE-2016-4250, CVE-2016-4251, and CVE-2016-4254.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | mac_os_x | * | |
| microsoft | windows | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "48F7FCE4-6C44-45DA-B1F0-7808F497AA93",
"versionEndIncluding": "11.0.16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "3F3C7F23-77F4-4698-8E74-72917F2A83E9",
"versionEndIncluding": "15.006.30174",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "2E46BF91-F475-46CB-8575-13FE3A57BD55",
"versionEndIncluding": "15.016.20045",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "6D455EA4-9459-471D-8B4E-D7D78C1772F3",
"versionEndIncluding": "15.006.30174",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "79074ABD-9720-4298-A680-0B636FFC6151",
"versionEndIncluding": "15.016.20045",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CD2EDEC-3767-4713-ACD7-D463DAE2D273",
"versionEndIncluding": "11.0.16",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4191, CVE-2016-4192, CVE-2016-4193, CVE-2016-4194, CVE-2016-4195, CVE-2016-4196, CVE-2016-4197, CVE-2016-4198, CVE-2016-4199, CVE-2016-4200, CVE-2016-4201, CVE-2016-4202, CVE-2016-4203, CVE-2016-4204, CVE-2016-4205, CVE-2016-4206, CVE-2016-4207, CVE-2016-4208, CVE-2016-4211, CVE-2016-4212, CVE-2016-4213, CVE-2016-4214, CVE-2016-4250, CVE-2016-4251, and CVE-2016-4254."
},
{
"lang": "es",
"value": "Adobe Reader y Acrobat en versiones anteriores a 11.0.17, Acrobat y Acrobat Reader DC Classic en versiones anteriores a 15.006.30198, y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 15.017.20050 en Windows y OS X permiten a atacantes ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-4191, CVE-2016-4192, CVE-2016-4193, CVE-2016-4194, CVE-2016-4195, CVE-2016-4196, CVE-2016-4197, CVE-2016-4198, CVE-2016-4199, CVE-2016-4200, CVE-2016-4201, CVE-2016-4202, CVE-2016-4203, CVE-2016-4204, CVE-2016-4205, CVE-2016-4206, CVE-2016-4207, CVE-2016-4208, CVE-2016-4211, CVE-2016-4212, CVE-2016-4213, CVE-2016-4214, CVE-2016-4250, CVE-2016-4251 y CVE-2016-4254."
}
],
"id": "CVE-2016-4252",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-07-13T02:00:58.423",
"references": [
{
"source": "psirt@adobe.com",
"url": "http://www.securityfocus.com/bid/91716"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1036281"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/91716"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1036281"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-01-11 04:59
Modified
2025-04-20 01:37
Severity ?
Summary
Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable memory corruption vulnerability in the image conversion engine, related to TIFF file parsing. Successful exploitation could lead to arbitrary code execution.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * | |
| apple | mac_os_x | * | |
| microsoft | windows | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "591061D5-5A3B-4788-9219-E6A267C7F205",
"versionEndIncluding": "11.0.18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "2DA73DF1-D517-4D01-A901-11C6A410F3F7",
"versionEndIncluding": "15.006.30244",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "1044057B-3C1D-4920-B16E-11E8F43B416D",
"versionEndIncluding": "15.020.20042",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "65AE21B3-AF0D-480B-9D1A-4D64D2F749D2",
"versionEndIncluding": "15.006.30244",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "C032D3A4-80F5-4066-97DC-3AED72D6C15A",
"versionEndIncluding": "15.020.20042",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8D7F2E90-F6DF-41A3-A1DB-26058BEA2A02",
"versionEndIncluding": "11.0.18",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable memory corruption vulnerability in the image conversion engine, related to TIFF file parsing. Successful exploitation could lead to arbitrary code execution."
},
{
"lang": "es",
"value": "Las versiones de Adobe Acrobat Reader 15.020.20042 y anteriores, 15.006.30244 y anteriores, 11.0.18 y anteriores tienen una vulnerabilidad de corrupci\u00f3n de memoria explotable en el motor de conversi\u00f3n de im\u00e1genes, relacionado con el an\u00e1lisis de archivos TIFF. Una explotaci\u00f3n satisfactoria podr\u00eda conducir a la ejecuci\u00f3n de c\u00f3digo arbitrario."
}
],
"id": "CVE-2017-2965",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-01-11T04:59:02.117",
"references": [
{
"source": "psirt@adobe.com",
"url": "http://www.securityfocus.com/bid/95345"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1037574"
},
{
"source": "psirt@adobe.com",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-17-010"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/95345"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1037574"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-17-010"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-08-11 19:29
Modified
2025-04-20 01:37
Severity ?
Summary
Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image processing engine when processing JPEG 2000 (JP2) code stream data. Successful exploitation could lead to arbitrary code execution.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| psirt@adobe.com | http://www.securityfocus.com/bid/100179 | Third Party Advisory, VDB Entry | |
| psirt@adobe.com | http://www.securitytracker.com/id/1039098 | Third Party Advisory, VDB Entry | |
| psirt@adobe.com | https://helpx.adobe.com/security/products/acrobat/apsb17-24.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/100179 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1039098 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://helpx.adobe.com/security/products/acrobat/apsb17-24.html | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| adobe | acrobat | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * | |
| apple | mac_os_x | * | |
| microsoft | windows | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A30D9514-FE2E-4A9C-9500-16890F53E970",
"versionEndIncluding": "11.0.20",
"versionStartIncluding": "11.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7C9B6745-48B3-47D5-B624-3321E9058FB6",
"versionEndIncluding": "17.011.30066",
"versionStartIncluding": "17.011.00000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "99D08096-DEEA-4409-835A-68479002FF0F",
"versionEndIncluding": "15.006.30306",
"versionStartIncluding": "15.006.30060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "C7A7FA12-9250-4E26-87AE-D5413A1B7D83",
"versionEndIncluding": "17.009.20058",
"versionStartIncluding": "15.007.20033",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "11A0E83A-9D77-4A0B-90DE-386D21D54146",
"versionEndIncluding": "17.011.30066",
"versionStartIncluding": "17.011.00000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "0E4BAFB4-C5F3-4033-9876-AC3CF37206F8",
"versionEndIncluding": "15.006.30306",
"versionStartIncluding": "15.006.30060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "7C578153-11EF-4F8D-9137-4F7AB8024D7E",
"versionEndIncluding": "17.009.20058",
"versionStartIncluding": "15.007.20033",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1F87CC97-6ED7-4AF1-B7B7-F89EA09A68DB",
"versionEndIncluding": "11.0.20",
"versionStartIncluding": "11.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image processing engine when processing JPEG 2000 (JP2) code stream data. Successful exploitation could lead to arbitrary code execution."
},
{
"lang": "es",
"value": "Adobe Acrobat Reader 2017.009.20058 y anteriores, 2017.008.30051 y anteriores, 2015.006.30306 y anteriores, y 11.0.20 y anteriores tiene una vulnerabilidad de corrupci\u00f3n de memoria en el motor de procesamiento de imagen cuando procesa datos de secuencias de c\u00f3digo JPEG 2000 (JP2). La explotaci\u00f3n con \u00e9xito de esta vulnerabilidad podr\u00eda permitir la ejecuci\u00f3n arbitraria de c\u00f3digo."
}
],
"id": "CVE-2017-11226",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-08-11T19:29:00.647",
"references": [
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/100179"
},
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039098"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/100179"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039098"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-08-11 19:29
Modified
2025-04-20 01:37
Severity ?
Summary
Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conversion engine when processing TIFF data related to the way how the components of each pixel are stored. Successful exploitation could lead to arbitrary code execution.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| psirt@adobe.com | http://www.securityfocus.com/bid/100179 | Third Party Advisory, VDB Entry | |
| psirt@adobe.com | http://www.securitytracker.com/id/1039098 | Third Party Advisory, VDB Entry | |
| psirt@adobe.com | https://helpx.adobe.com/security/products/acrobat/apsb17-24.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/100179 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1039098 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://helpx.adobe.com/security/products/acrobat/apsb17-24.html | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| adobe | acrobat | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * | |
| apple | mac_os_x | * | |
| microsoft | windows | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A30D9514-FE2E-4A9C-9500-16890F53E970",
"versionEndIncluding": "11.0.20",
"versionStartIncluding": "11.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7C9B6745-48B3-47D5-B624-3321E9058FB6",
"versionEndIncluding": "17.011.30066",
"versionStartIncluding": "17.011.00000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "99D08096-DEEA-4409-835A-68479002FF0F",
"versionEndIncluding": "15.006.30306",
"versionStartIncluding": "15.006.30060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "C7A7FA12-9250-4E26-87AE-D5413A1B7D83",
"versionEndIncluding": "17.009.20058",
"versionStartIncluding": "15.007.20033",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "11A0E83A-9D77-4A0B-90DE-386D21D54146",
"versionEndIncluding": "17.011.30066",
"versionStartIncluding": "17.011.00000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "0E4BAFB4-C5F3-4033-9876-AC3CF37206F8",
"versionEndIncluding": "15.006.30306",
"versionStartIncluding": "15.006.30060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "7C578153-11EF-4F8D-9137-4F7AB8024D7E",
"versionEndIncluding": "17.009.20058",
"versionStartIncluding": "15.007.20033",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1F87CC97-6ED7-4AF1-B7B7-F89EA09A68DB",
"versionEndIncluding": "11.0.20",
"versionStartIncluding": "11.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conversion engine when processing TIFF data related to the way how the components of each pixel are stored. Successful exploitation could lead to arbitrary code execution."
},
{
"lang": "es",
"value": "Adobe Acrobat Reader 2017.009.20058 y anteriores, 2017.008.30051 y anteriores, 2015.006.30306 y anteriores, y 11.0.20 y anteriores tiene una vulnerabilidad de corrupci\u00f3n de memoria en el motor de conversi\u00f3n de imagen cuando procesa datos TIFF relacionados con la manera en la que se almacenan los componentes de cada p\u00edxel. La explotaci\u00f3n con \u00e9xito de esta vulnerabilidad podr\u00eda permitir la ejecuci\u00f3n arbitraria de c\u00f3digo."
}
],
"id": "CVE-2017-11234",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-08-11T19:29:00.913",
"references": [
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/100179"
},
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039098"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/100179"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039098"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-04-12 14:59
Modified
2025-04-20 01:37
Severity ?
Summary
Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability in the AES module. Successful exploitation could lead to arbitrary code execution.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * | |
| apple | mac_os_x | * | |
| microsoft | windows | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "920C2C98-5D86-4436-BEFF-54D9A41D43C8",
"versionEndIncluding": "11.0.19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "E065F497-3396-4F95-B19F-35628C8AA570",
"versionEndIncluding": "15.006.30280",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "FAC7EE17-469A-45D6-94B1-7C84E8727A06",
"versionEndIncluding": "15.023.20070",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "EF2B91EA-41D3-4054-958C-5F174D2ADDF0",
"versionEndIncluding": "15.006.30280",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "2E18E48C-BDDD-4A01-91F1-C233D53C0978",
"versionEndIncluding": "15.023.20070",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E65E415E-1C3C-472E-9750-3295B65CC6F0",
"versionEndIncluding": "11.0.19",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability in the AES module. Successful exploitation could lead to arbitrary code execution."
},
{
"lang": "es",
"value": "Las versiones de Adobe Acrobat Reader 11.0.19 y anteriores, 15.006.30280 y anteriores, 15.023.20070 y anteriores tienen una vulnerabilidad de corrupci\u00f3n de memoria explotable en el m\u00f3dulo AES. Una explotaci\u00f3n exitosa podr\u00eda conducir a la ejecuci\u00f3n arbitraria de c\u00f3digo."
}
],
"id": "CVE-2017-3030",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-04-12T14:59:02.187",
"references": [
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/97556"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1038228"
},
{
"source": "psirt@adobe.com",
"tags": [
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/97556"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1038228"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-05-11 10:59
Modified
2025-04-12 10:46
Severity ?
Summary
Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1045, CVE-2016-1046, CVE-2016-1047, CVE-2016-1048, CVE-2016-1049, CVE-2016-1050, CVE-2016-1051, CVE-2016-1052, CVE-2016-1053, CVE-2016-1054, CVE-2016-1055, CVE-2016-1056, CVE-2016-1057, CVE-2016-1058, CVE-2016-1059, CVE-2016-1060, CVE-2016-1061, CVE-2016-1065, CVE-2016-1066, CVE-2016-1067, CVE-2016-1069, CVE-2016-1070, CVE-2016-1075, CVE-2016-1094, CVE-2016-1121, CVE-2016-1122, CVE-2016-4102, and CVE-2016-4107.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | mac_os_x | * | |
| microsoft | windows | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3A70458C-0416-49BD-A371-1CFA85DC6A13",
"versionEndIncluding": "11.0.15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "E91D5928-1453-4359-9F35-46D9A3A9CD91",
"versionEndIncluding": "15.006.30121",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "504D35C5-04CB-4FBD-B9FD-4CBA71A5EC1A",
"versionEndIncluding": "15.010.20060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "A63411C3-E8AE-415D-B1B6-1EA6AA20494A",
"versionEndIncluding": "15.006.30121",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "B33BAE59-1F77-4F21-A5C0-B5D9D1D67F1E",
"versionEndIncluding": "15.010.20060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "15C60A67-A7DE-4B57-BC2B-28D9B546DA3B",
"versionEndIncluding": "11.0.15",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1045, CVE-2016-1046, CVE-2016-1047, CVE-2016-1048, CVE-2016-1049, CVE-2016-1050, CVE-2016-1051, CVE-2016-1052, CVE-2016-1053, CVE-2016-1054, CVE-2016-1055, CVE-2016-1056, CVE-2016-1057, CVE-2016-1058, CVE-2016-1059, CVE-2016-1060, CVE-2016-1061, CVE-2016-1065, CVE-2016-1066, CVE-2016-1067, CVE-2016-1069, CVE-2016-1070, CVE-2016-1075, CVE-2016-1094, CVE-2016-1121, CVE-2016-1122, CVE-2016-4102, and CVE-2016-4107."
},
{
"lang": "es",
"value": "Vulnerabilidad de uso despu\u00e9s de liberaci\u00f3n de memoria en Adobe Reader y Acrobat en versiones anteriores a 11.0.16, Acrobat y Acrobat Reader DC Classic en versiones anteriores a 15.006.30172 y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 15.016.20039 sobre Windows y OS X permite a atacantes ejecutar c\u00f3digo arbitrario a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-1045, CVE-2016-1046, CVE-2016-1047, CVE-2016-1048, CVE-2016-1049, CVE-2016-1050, CVE-2016-1051, CVE-2016-1052, CVE-2016-1053, CVE-2016-1054, CVE-2016-1055, CVE-2016-1056, CVE-2016-1057, CVE-2016-1058, CVE-2016-1059, CVE-2016-1060, CVE-2016-1061, CVE-2016-1065, CVE-2016-1066, CVE-2016-1067, CVE-2016-1069, CVE-2016-1070, CVE-2016-1075, CVE-2016-1094, CVE-2016-1121, CVE-2016-1122, CVE-2016-4102 y CVE-2016-4107."
}
],
"evaluatorComment": "\u003ca href=\"http://cwe.mitre.org/data/definitions/416.html\"\u003eCWE-416: Use After Free\u003c/a\u003e",
"id": "CVE-2016-1068",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-05-11T10:59:35.707",
"references": [
{
"source": "psirt@adobe.com",
"url": "http://www.securityfocus.com/bid/90512"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"source": "psirt@adobe.com",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-316"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/90512"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-316"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-01-11 04:59
Modified
2025-04-20 01:37
Severity ?
Summary
Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable heap overflow vulnerability when processing TIFF image data. Successful exploitation could lead to arbitrary code execution.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * | |
| apple | mac_os_x | * | |
| microsoft | windows | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "591061D5-5A3B-4788-9219-E6A267C7F205",
"versionEndIncluding": "11.0.18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "2DA73DF1-D517-4D01-A901-11C6A410F3F7",
"versionEndIncluding": "15.006.30244",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "1044057B-3C1D-4920-B16E-11E8F43B416D",
"versionEndIncluding": "15.020.20042",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "65AE21B3-AF0D-480B-9D1A-4D64D2F749D2",
"versionEndIncluding": "15.006.30244",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "C032D3A4-80F5-4066-97DC-3AED72D6C15A",
"versionEndIncluding": "15.020.20042",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8D7F2E90-F6DF-41A3-A1DB-26058BEA2A02",
"versionEndIncluding": "11.0.18",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable heap overflow vulnerability when processing TIFF image data. Successful exploitation could lead to arbitrary code execution."
},
{
"lang": "es",
"value": "Las versiones de Adobe Acrobat Reader 15.020.20042 y anteriores, 15.006.30244 y anteriores, 11.0.18 y anteriores tienen una vulnerabilidad de desbordamiento de memoria din\u00e1mica explotable cuando procesa datos de imagen TIFF. Una explotaci\u00f3n satisfactoria podr\u00eda conducir a la ejecuci\u00f3n de c\u00f3digo arbitrario."
}
],
"id": "CVE-2017-2942",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-01-11T04:59:00.883",
"references": [
{
"source": "psirt@adobe.com",
"url": "http://www.securityfocus.com/bid/95344"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1037574"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/95344"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1037574"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-10-13 20:00
Modified
2025-04-12 10:46
Severity ?
Summary
Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | mac_os_x | * | |
| microsoft | windows | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CE518B7B-656F-42F8-BF38-F74B8D9CF5DE",
"versionEndIncluding": "11.0.17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "56758CE4-B394-41C2-9EF9-A00022DA7257",
"versionEndIncluding": "15.006.30201",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "B3F34EB4-2203-4BA8-9729-C1EB2DEEC334",
"versionEndIncluding": "15.017.20053",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "08EAC1A2-56CE-4375-822A-9B8C43758654",
"versionEndIncluding": "15.006.30201",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "747D8222-B077-49A3-83EB-A210CAF0D094",
"versionEndIncluding": "15.017.20053",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0A07526D-9AD0-4778-B9DC-57815F9F450F",
"versionEndIncluding": "11.0.17",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019."
},
{
"lang": "es",
"value": "Adobe Reader y Acrobat en versiones anteriores a 11.0.18, Acrobat y Acrobat Reader DC Classic en versiones anteriores a 15.006.30243 y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 15.020.20039 en Windows y OS X permiten a atacantes ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018 y CVE-2016-7019."
}
],
"id": "CVE-2016-7012",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-10-13T20:00:51.597",
"references": [
{
"source": "psirt@adobe.com",
"url": "http://www.securityfocus.com/bid/93496"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/93496"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-10-13 19:59
Modified
2025-04-12 10:46
Severity ?
Summary
Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | mac_os_x | * | |
| microsoft | windows | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CE518B7B-656F-42F8-BF38-F74B8D9CF5DE",
"versionEndIncluding": "11.0.17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "56758CE4-B394-41C2-9EF9-A00022DA7257",
"versionEndIncluding": "15.006.30201",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "B3F34EB4-2203-4BA8-9729-C1EB2DEEC334",
"versionEndIncluding": "15.017.20053",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "08EAC1A2-56CE-4375-822A-9B8C43758654",
"versionEndIncluding": "15.006.30201",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "747D8222-B077-49A3-83EB-A210CAF0D094",
"versionEndIncluding": "15.017.20053",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0A07526D-9AD0-4778-B9DC-57815F9F450F",
"versionEndIncluding": "11.0.17",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019."
},
{
"lang": "es",
"value": "Adobe Reader y Acrobat en versiones anteriores a 11.0.18, Acrobat y Acrobat Reader DC Classic en versiones anteriores a 15.006.30243 y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 15.020.20039 en Windows y OS X permiten a atacantes ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-6940, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018 y CVE-2016-7019."
}
],
"id": "CVE-2016-6941",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-10-13T19:59:09.580",
"references": [
{
"source": "psirt@adobe.com",
"url": "http://www.securityfocus.com/bid/93496"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/93496"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-04-12 14:59
Modified
2025-04-20 01:37
Severity ?
Summary
Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have a memory address leak vulnerability in the image conversion engine, related to parsing of the APP13 segment in JPEG files.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| psirt@adobe.com | http://www.securityfocus.com/bid/97554 | Third Party Advisory, VDB Entry | |
| psirt@adobe.com | http://www.securitytracker.com/id/1038228 | ||
| psirt@adobe.com | https://helpx.adobe.com/security/products/acrobat/apsb17-11.html | Vendor Advisory | |
| nvd@nist.gov | http://www.zerodayinitiative.com/advisories/ZDI-17-277/ | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/97554 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1038228 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://helpx.adobe.com/security/products/acrobat/apsb17-11.html | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * | |
| apple | mac_os_x | * | |
| microsoft | windows | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "920C2C98-5D86-4436-BEFF-54D9A41D43C8",
"versionEndIncluding": "11.0.19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "E065F497-3396-4F95-B19F-35628C8AA570",
"versionEndIncluding": "15.006.30280",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "FAC7EE17-469A-45D6-94B1-7C84E8727A06",
"versionEndIncluding": "15.023.20070",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "EF2B91EA-41D3-4054-958C-5F174D2ADDF0",
"versionEndIncluding": "15.006.30280",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "2E18E48C-BDDD-4A01-91F1-C233D53C0978",
"versionEndIncluding": "15.023.20070",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E65E415E-1C3C-472E-9750-3295B65CC6F0",
"versionEndIncluding": "11.0.19",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have a memory address leak vulnerability in the image conversion engine, related to parsing of the APP13 segment in JPEG files."
},
{
"lang": "es",
"value": "Las versiones de Adobe Acrobat Reader 11.0.19 y anteriores, 15.006.30280 y anteriores, 15.023.20070 y anteriores tienen una vulnerabilidad de fuga de direcci\u00f3n de memoria en el motor de conversi\u00f3n de im\u00e1genes, relacionado con el an\u00e1lisis del segmento APP13 en archivos JPEG."
}
],
"id": "CVE-2017-3053",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-04-12T14:59:02.907",
"references": [
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/97554"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1038228"
},
{
"source": "psirt@adobe.com",
"tags": [
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
},
{
"source": "nvd@nist.gov",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-17-277/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/97554"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1038228"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-05-11 10:59
Modified
2025-04-12 10:46
Severity ?
Summary
Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | mac_os_x | * | |
| microsoft | windows | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3A70458C-0416-49BD-A371-1CFA85DC6A13",
"versionEndIncluding": "11.0.15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "E91D5928-1453-4359-9F35-46D9A3A9CD91",
"versionEndIncluding": "15.006.30121",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "504D35C5-04CB-4FBD-B9FD-4CBA71A5EC1A",
"versionEndIncluding": "15.010.20060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "A63411C3-E8AE-415D-B1B6-1EA6AA20494A",
"versionEndIncluding": "15.006.30121",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "B33BAE59-1F77-4F21-A5C0-B5D9D1D67F1E",
"versionEndIncluding": "15.010.20060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "15C60A67-A7DE-4B57-BC2B-28D9B546DA3B",
"versionEndIncluding": "11.0.15",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105."
},
{
"lang": "es",
"value": "Adobe Reader y Acrobat en versiones anteriores a 11.0.16, Acrobat y Acrobat Reader DC Classic en versiones anteriores a 15.006.30172 y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 15.016.20039 sobre Windows y OS X permiten a atacantes ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104 y CVE-2016-4105."
}
],
"id": "CVE-2016-1072",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-05-11T10:59:40.673",
"references": [
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"source": "psirt@adobe.com",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-320"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-320"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-07-13 02:00
Modified
2025-04-12 10:46
Severity ?
Summary
Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4191, CVE-2016-4192, CVE-2016-4193, CVE-2016-4194, CVE-2016-4195, CVE-2016-4196, CVE-2016-4197, CVE-2016-4198, CVE-2016-4199, CVE-2016-4200, CVE-2016-4201, CVE-2016-4202, CVE-2016-4203, CVE-2016-4204, CVE-2016-4206, CVE-2016-4207, CVE-2016-4208, CVE-2016-4211, CVE-2016-4212, CVE-2016-4213, CVE-2016-4214, CVE-2016-4250, CVE-2016-4251, CVE-2016-4252, and CVE-2016-4254.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | mac_os_x | * | |
| microsoft | windows | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "48F7FCE4-6C44-45DA-B1F0-7808F497AA93",
"versionEndIncluding": "11.0.16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "3F3C7F23-77F4-4698-8E74-72917F2A83E9",
"versionEndIncluding": "15.006.30174",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "2E46BF91-F475-46CB-8575-13FE3A57BD55",
"versionEndIncluding": "15.016.20045",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "6D455EA4-9459-471D-8B4E-D7D78C1772F3",
"versionEndIncluding": "15.006.30174",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "79074ABD-9720-4298-A680-0B636FFC6151",
"versionEndIncluding": "15.016.20045",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CD2EDEC-3767-4713-ACD7-D463DAE2D273",
"versionEndIncluding": "11.0.16",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4191, CVE-2016-4192, CVE-2016-4193, CVE-2016-4194, CVE-2016-4195, CVE-2016-4196, CVE-2016-4197, CVE-2016-4198, CVE-2016-4199, CVE-2016-4200, CVE-2016-4201, CVE-2016-4202, CVE-2016-4203, CVE-2016-4204, CVE-2016-4206, CVE-2016-4207, CVE-2016-4208, CVE-2016-4211, CVE-2016-4212, CVE-2016-4213, CVE-2016-4214, CVE-2016-4250, CVE-2016-4251, CVE-2016-4252, and CVE-2016-4254."
},
{
"lang": "es",
"value": "Adobe Reader y Acrobat en versiones anteriores a 11.0.17, Acrobat y Acrobat Reader DC Classic en versiones anteriores a 15.006.30198 y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 15.017.20050 en Windows y OS X permiten a atacantes ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-4191, CVE-2016-4192, CVE-2016-4193, CVE-2016-4194, CVE-2016-4195, CVE-2016-4196, CVE-2016-4197, CVE-2016-4198, CVE-2016-4199, CVE-2016-4200, CVE-2016-4201, CVE-2016-4202, CVE-2016-4203, CVE-2016-4204, CVE-2016-4206, CVE-2016-4207, CVE-2016-4208, CVE-2016-4211, CVE-2016-4212, CVE-2016-4213, CVE-2016-4214, CVE-2016-4250, CVE-2016-4251, CVE-2016-4252 y CVE-2016-4254."
}
],
"id": "CVE-2016-4205",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-07-13T02:00:14.963",
"references": [
{
"source": "psirt@adobe.com",
"url": "http://www.securityfocus.com/bid/91716"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1036281"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html"
},
{
"source": "psirt@adobe.com",
"url": "https://www.exploit-db.com/exploits/40095/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/91716"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1036281"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.exploit-db.com/exploits/40095/"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-04-12 14:59
Modified
2025-04-20 01:37
Severity ?
Summary
Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability in the image conversion engine, related to parsing of GIF files. Successful exploitation could lead to arbitrary code execution.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| psirt@adobe.com | http://www.securityfocus.com/bid/97556 | Third Party Advisory, VDB Entry | |
| psirt@adobe.com | http://www.securitytracker.com/id/1038228 | ||
| psirt@adobe.com | https://helpx.adobe.com/security/products/acrobat/apsb17-11.html | Vendor Advisory | |
| nvd@nist.gov | http://www.zerodayinitiative.com/advisories/ZDI-17-274/ | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/97556 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1038228 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://helpx.adobe.com/security/products/acrobat/apsb17-11.html | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * | |
| apple | mac_os_x | * | |
| microsoft | windows | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "920C2C98-5D86-4436-BEFF-54D9A41D43C8",
"versionEndIncluding": "11.0.19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "E065F497-3396-4F95-B19F-35628C8AA570",
"versionEndIncluding": "15.006.30280",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "FAC7EE17-469A-45D6-94B1-7C84E8727A06",
"versionEndIncluding": "15.023.20070",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "EF2B91EA-41D3-4054-958C-5F174D2ADDF0",
"versionEndIncluding": "15.006.30280",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "2E18E48C-BDDD-4A01-91F1-C233D53C0978",
"versionEndIncluding": "15.023.20070",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E65E415E-1C3C-472E-9750-3295B65CC6F0",
"versionEndIncluding": "11.0.19",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability in the image conversion engine, related to parsing of GIF files. Successful exploitation could lead to arbitrary code execution."
},
{
"lang": "es",
"value": "Las versiones de Adobe Acrobat Reader 11.0.19 y anteriores, 15.006.30280 y anteriores, 15.023.20070 y anteriores tienen una vulnerabilidad de corrupci\u00f3n de memoria explotable en el motor de conversi\u00f3n de im\u00e1genes, relacionado con el an\u00e1lisis de archivos GIF. Una explotaci\u00f3n exitosa podr\u00eda conducir a la ejecuci\u00f3n arbitraria de c\u00f3digo."
}
],
"id": "CVE-2017-3050",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-04-12T14:59:02.813",
"references": [
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/97556"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1038228"
},
{
"source": "psirt@adobe.com",
"tags": [
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
},
{
"source": "nvd@nist.gov",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-17-274/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/97556"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1038228"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-08-11 19:29
Modified
2025-04-20 01:37
Severity ?
Summary
Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in Acrobat/Reader 11.0.19 engine. Successful exploitation could lead to arbitrary code execution.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| psirt@adobe.com | http://www.securityfocus.com/bid/100179 | Third Party Advisory, VDB Entry | |
| psirt@adobe.com | http://www.securitytracker.com/id/1039098 | Third Party Advisory, VDB Entry | |
| psirt@adobe.com | https://helpx.adobe.com/security/products/acrobat/apsb17-24.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/100179 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1039098 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://helpx.adobe.com/security/products/acrobat/apsb17-24.html | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * | |
| apple | mac_os_x | * | |
| microsoft | windows | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "841C1E2E-489F-452C-9512-C4976F7951ED",
"versionEndExcluding": "11.0.21",
"versionStartIncluding": "11.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "DD7E48BF-3FFF-4584-A3EF-4C3B671FF3E4",
"versionEndExcluding": "15.006.30355",
"versionStartIncluding": "15.000.0000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "AEAD8344-7386-4468-BD13-F3220B6EBA48",
"versionEndIncluding": "17.011.30066",
"versionStartIncluding": "17.000.0000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "4A939794-0D67-400D-AF40-5B09A747DA3B",
"versionEndExcluding": "17.012.20098",
"versionStartIncluding": "17.000.0000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "84C9A908-2F15-4B64-9627-32029DC93DCD",
"versionEndExcluding": "15.006.30355",
"versionStartIncluding": "15.000.0000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "28BC5560-D81A-4B5F-B38A-5BA6000E2586",
"versionEndExcluding": "17.011.30066",
"versionStartIncluding": "17.000.0000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "ADB953D4-4A78-4D43-BAD9-72BC7F3DF8D8",
"versionEndExcluding": "17.012.20098",
"versionStartIncluding": "17.000.0000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F6E71815-C6E4-465F-B484-C8C87543DEDC",
"versionEndExcluding": "11.0.21",
"versionStartIncluding": "11.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in Acrobat/Reader 11.0.19 engine. Successful exploitation could lead to arbitrary code execution."
},
{
"lang": "es",
"value": "Adobe Acrobat Reader 2017.009.20058 y anteriores, 2017.008.30051 y anteriores, 2015.006.30306 y anteriores, y 11.0.20 y anteriores tiene una vulnerabilidad de corrupci\u00f3n de memoria en el motor Acrobat/Reader 11.0.19. La explotaci\u00f3n con \u00e9xito de esta vulnerabilidad podr\u00eda permitir la ejecuci\u00f3n arbitraria de c\u00f3digo."
}
],
"id": "CVE-2017-3119",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-08-11T19:29:02.743",
"references": [
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/100179"
},
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039098"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/100179"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039098"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-09-17 02:59
Modified
2025-04-12 10:46
Severity ?
Summary
Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4191, CVE-2016-4192, CVE-2016-4193, CVE-2016-4194, CVE-2016-4195, CVE-2016-4196, CVE-2016-4197, CVE-2016-4198, CVE-2016-4199, CVE-2016-4200, CVE-2016-4201, CVE-2016-4202, CVE-2016-4203, CVE-2016-4204, CVE-2016-4205, CVE-2016-4206, CVE-2016-4207, CVE-2016-4208, CVE-2016-4211, CVE-2016-4212, CVE-2016-4213, CVE-2016-4214, CVE-2016-4250, CVE-2016-4251, CVE-2016-4252, CVE-2016-4254, CVE-2016-4265, CVE-2016-4266, CVE-2016-4267, CVE-2016-4268, CVE-2016-4269, and CVE-2016-4270.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | mac_os_x | * | |
| microsoft | windows | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "48F7FCE4-6C44-45DA-B1F0-7808F497AA93",
"versionEndIncluding": "11.0.16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "3F3C7F23-77F4-4698-8E74-72917F2A83E9",
"versionEndIncluding": "15.006.30174",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "2E46BF91-F475-46CB-8575-13FE3A57BD55",
"versionEndIncluding": "15.016.20045",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "6D455EA4-9459-471D-8B4E-D7D78C1772F3",
"versionEndIncluding": "15.006.30174",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "79074ABD-9720-4298-A680-0B636FFC6151",
"versionEndIncluding": "15.016.20045",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CD2EDEC-3767-4713-ACD7-D463DAE2D273",
"versionEndIncluding": "11.0.16",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4191, CVE-2016-4192, CVE-2016-4193, CVE-2016-4194, CVE-2016-4195, CVE-2016-4196, CVE-2016-4197, CVE-2016-4198, CVE-2016-4199, CVE-2016-4200, CVE-2016-4201, CVE-2016-4202, CVE-2016-4203, CVE-2016-4204, CVE-2016-4205, CVE-2016-4206, CVE-2016-4207, CVE-2016-4208, CVE-2016-4211, CVE-2016-4212, CVE-2016-4213, CVE-2016-4214, CVE-2016-4250, CVE-2016-4251, CVE-2016-4252, CVE-2016-4254, CVE-2016-4265, CVE-2016-4266, CVE-2016-4267, CVE-2016-4268, CVE-2016-4269, and CVE-2016-4270."
},
{
"lang": "es",
"value": "Adobe Reader y Acrobat en versiones anteriores a 11.0.17, Acrobat y Acrobat Reader DC Classic en versiones anteriores a 15.006.30198 y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 15.017.20050 en Windows y OS X permiten a atacantes remotos ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-4191, CVE-2016-4192, CVE-2016-4193, CVE-2016-4194, CVE-2016-4195, CVE-2016-4196, CVE-2016-4197, CVE-2016-4198, CVE-2016-4199, CVE-2016-4200, CVE-2016-4201, CVE-2016-4202, CVE-2016-4203, CVE-2016-4204, CVE-2016-4205, CVE-2016-4206, CVE-2016-4207, CVE-2016-4208, CVE-2016-4211, CVE-2016-4212, CVE-2016-4213, CVE-2016-4214, CVE-2016-4250, CVE-2016-4251, CVE-2016-4252, CVE-2016-4254, CVE-2016-4265, CVE-2016-4266, CVE-2016-4267, CVE-2016-4268, CVE-2016-4269 y CVE-2016-4270."
}
],
"id": "CVE-2016-6937",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-09-17T02:59:03.663",
"references": [
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/93014"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1037574"
},
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-574"
},
{
"source": "psirt@adobe.com",
"tags": [
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/93014"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1037574"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-574"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-05-11 10:59
Modified
2025-04-12 10:46
Severity ?
Summary
Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | mac_os_x | * | |
| microsoft | windows | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3A70458C-0416-49BD-A371-1CFA85DC6A13",
"versionEndIncluding": "11.0.15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "E91D5928-1453-4359-9F35-46D9A3A9CD91",
"versionEndIncluding": "15.006.30121",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "504D35C5-04CB-4FBD-B9FD-4CBA71A5EC1A",
"versionEndIncluding": "15.010.20060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "A63411C3-E8AE-415D-B1B6-1EA6AA20494A",
"versionEndIncluding": "15.006.30121",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "B33BAE59-1F77-4F21-A5C0-B5D9D1D67F1E",
"versionEndIncluding": "15.010.20060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "15C60A67-A7DE-4B57-BC2B-28D9B546DA3B",
"versionEndIncluding": "11.0.15",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105."
},
{
"lang": "es",
"value": "Adobe Reader y Acrobat en versiones anteriores a 11.0.16, Acrobat y Acrobat Reader DC Classic en versiones anteriores a 15.006.30172 y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 15.016.20039 sobre Windows y OS X permiten a atacantes ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104 y CVE-2016-4105."
}
],
"id": "CVE-2016-1037",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-05-11T10:59:00.130",
"references": [
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-05-11 10:59
Modified
2025-04-12 10:46
Severity ?
Summary
Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1045, CVE-2016-1046, CVE-2016-1047, CVE-2016-1048, CVE-2016-1049, CVE-2016-1050, CVE-2016-1051, CVE-2016-1052, CVE-2016-1053, CVE-2016-1054, CVE-2016-1055, CVE-2016-1056, CVE-2016-1057, CVE-2016-1058, CVE-2016-1059, CVE-2016-1060, CVE-2016-1061, CVE-2016-1066, CVE-2016-1067, CVE-2016-1068, CVE-2016-1069, CVE-2016-1070, CVE-2016-1075, CVE-2016-1094, CVE-2016-1121, CVE-2016-1122, CVE-2016-4102, and CVE-2016-4107.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | mac_os_x | * | |
| microsoft | windows | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3A70458C-0416-49BD-A371-1CFA85DC6A13",
"versionEndIncluding": "11.0.15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "E91D5928-1453-4359-9F35-46D9A3A9CD91",
"versionEndIncluding": "15.006.30121",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "504D35C5-04CB-4FBD-B9FD-4CBA71A5EC1A",
"versionEndIncluding": "15.010.20060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "A63411C3-E8AE-415D-B1B6-1EA6AA20494A",
"versionEndIncluding": "15.006.30121",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "B33BAE59-1F77-4F21-A5C0-B5D9D1D67F1E",
"versionEndIncluding": "15.010.20060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "15C60A67-A7DE-4B57-BC2B-28D9B546DA3B",
"versionEndIncluding": "11.0.15",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1045, CVE-2016-1046, CVE-2016-1047, CVE-2016-1048, CVE-2016-1049, CVE-2016-1050, CVE-2016-1051, CVE-2016-1052, CVE-2016-1053, CVE-2016-1054, CVE-2016-1055, CVE-2016-1056, CVE-2016-1057, CVE-2016-1058, CVE-2016-1059, CVE-2016-1060, CVE-2016-1061, CVE-2016-1066, CVE-2016-1067, CVE-2016-1068, CVE-2016-1069, CVE-2016-1070, CVE-2016-1075, CVE-2016-1094, CVE-2016-1121, CVE-2016-1122, CVE-2016-4102, and CVE-2016-4107."
},
{
"lang": "es",
"value": "Vulnerabilidad de uso despu\u00e9s de liberaci\u00f3n de memoria en Adobe Reader y Acrobat en versiones anteriores a 11.0.16, Acrobat y Acrobat Reader DC Classic en versiones anteriores a 15.006.30172 y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 15.016.20039 sobre Windows y OS X permite a atacantes ejecutar c\u00f3digo arbitrario a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-1045, CVE-2016-1046, CVE-2016-1047, CVE-2016-1048, CVE-2016-1049, CVE-2016-1050, CVE-2016-1051, CVE-2016-1052, CVE-2016-1053, CVE-2016-1054, CVE-2016-1055, CVE-2016-1056, CVE-2016-1057, CVE-2016-1058, CVE-2016-1059, CVE-2016-1060, CVE-2016-1061, CVE-2016-1066, CVE-2016-1067, CVE-2016-1068, CVE-2016-1069, CVE-2016-1070, CVE-2016-1075, CVE-2016-1094, CVE-2016-1121, CVE-2016-1122, CVE-2016-4102 y CVE-2016-4107."
}
],
"evaluatorComment": "\u003ca href=\"http://cwe.mitre.org/data/definitions/416.html\"\u003eCWE-416: Use After Free\u003c/a\u003e",
"id": "CVE-2016-1065",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-05-11T10:59:32.580",
"references": [
{
"source": "psirt@adobe.com",
"url": "http://www.securityfocus.com/bid/90512"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"source": "psirt@adobe.com",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-312"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/90512"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-312"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-05-11 11:00
Modified
2025-04-12 10:46
Severity ?
Summary
Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1045, CVE-2016-1046, CVE-2016-1047, CVE-2016-1048, CVE-2016-1049, CVE-2016-1050, CVE-2016-1051, CVE-2016-1052, CVE-2016-1053, CVE-2016-1054, CVE-2016-1055, CVE-2016-1056, CVE-2016-1057, CVE-2016-1058, CVE-2016-1059, CVE-2016-1060, CVE-2016-1061, CVE-2016-1065, CVE-2016-1066, CVE-2016-1067, CVE-2016-1068, CVE-2016-1069, CVE-2016-1070, CVE-2016-1075, CVE-2016-1094, CVE-2016-1121, CVE-2016-4102, and CVE-2016-4107.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | mac_os_x | * | |
| microsoft | windows | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3A70458C-0416-49BD-A371-1CFA85DC6A13",
"versionEndIncluding": "11.0.15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "E91D5928-1453-4359-9F35-46D9A3A9CD91",
"versionEndIncluding": "15.006.30121",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "504D35C5-04CB-4FBD-B9FD-4CBA71A5EC1A",
"versionEndIncluding": "15.010.20060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "A63411C3-E8AE-415D-B1B6-1EA6AA20494A",
"versionEndIncluding": "15.006.30121",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "B33BAE59-1F77-4F21-A5C0-B5D9D1D67F1E",
"versionEndIncluding": "15.010.20060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "15C60A67-A7DE-4B57-BC2B-28D9B546DA3B",
"versionEndIncluding": "11.0.15",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1045, CVE-2016-1046, CVE-2016-1047, CVE-2016-1048, CVE-2016-1049, CVE-2016-1050, CVE-2016-1051, CVE-2016-1052, CVE-2016-1053, CVE-2016-1054, CVE-2016-1055, CVE-2016-1056, CVE-2016-1057, CVE-2016-1058, CVE-2016-1059, CVE-2016-1060, CVE-2016-1061, CVE-2016-1065, CVE-2016-1066, CVE-2016-1067, CVE-2016-1068, CVE-2016-1069, CVE-2016-1070, CVE-2016-1075, CVE-2016-1094, CVE-2016-1121, CVE-2016-4102, and CVE-2016-4107."
},
{
"lang": "es",
"value": "Vulnerabilidad de uso despu\u00e9s de liberaci\u00f3n de memoria en Adobe Reader y Acrobat en versiones anteriores a 11.0.16, Acrobat y Acrobat Reader DC Classic en versiones anteriores a 15.006.30172 y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 15.016.20039 sobre Windows y OS X permite a atacantes ejecutar c\u00f3digo arbitrario a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-1045, CVE-2016-1046, CVE-2016-1047, CVE-2016-1048, CVE-2016-1049, CVE-2016-1050, CVE-2016-1051, CVE-2016-1052, CVE-2016-1053, CVE-2016-1054, CVE-2016-1055, CVE-2016-1056, CVE-2016-1057, CVE-2016-1058, CVE-2016-1059, CVE-2016-1060, CVE-2016-1061, CVE-2016-1065, CVE-2016-1066, CVE-2016-1067, CVE-2016-1068, CVE-2016-1069, CVE-2016-1070, CVE-2016-1075, CVE-2016-1094, CVE-2016-1121, CVE-2016-4102 y CVE-2016-4107."
}
],
"evaluatorComment": "\u003ca href=\"http://cwe.mitre.org/data/definitions/416.html\"\u003eCWE-416: Use After Free\u003c/a\u003e",
"id": "CVE-2016-1122",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-05-11T11:00:31.297",
"references": [
{
"source": "psirt@adobe.com",
"url": "http://www.securityfocus.com/bid/90512"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/90512"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-05-11 10:59
Modified
2025-04-12 10:46
Severity ?
Summary
Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1045, CVE-2016-1046, CVE-2016-1047, CVE-2016-1048, CVE-2016-1049, CVE-2016-1050, CVE-2016-1051, CVE-2016-1052, CVE-2016-1053, CVE-2016-1054, CVE-2016-1055, CVE-2016-1056, CVE-2016-1057, CVE-2016-1058, CVE-2016-1059, CVE-2016-1060, CVE-2016-1065, CVE-2016-1066, CVE-2016-1067, CVE-2016-1068, CVE-2016-1069, CVE-2016-1070, CVE-2016-1075, CVE-2016-1094, CVE-2016-1121, CVE-2016-1122, CVE-2016-4102, and CVE-2016-4107.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | mac_os_x | * | |
| microsoft | windows | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3A70458C-0416-49BD-A371-1CFA85DC6A13",
"versionEndIncluding": "11.0.15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "E91D5928-1453-4359-9F35-46D9A3A9CD91",
"versionEndIncluding": "15.006.30121",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "504D35C5-04CB-4FBD-B9FD-4CBA71A5EC1A",
"versionEndIncluding": "15.010.20060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "A63411C3-E8AE-415D-B1B6-1EA6AA20494A",
"versionEndIncluding": "15.006.30121",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "B33BAE59-1F77-4F21-A5C0-B5D9D1D67F1E",
"versionEndIncluding": "15.010.20060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "15C60A67-A7DE-4B57-BC2B-28D9B546DA3B",
"versionEndIncluding": "11.0.15",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1045, CVE-2016-1046, CVE-2016-1047, CVE-2016-1048, CVE-2016-1049, CVE-2016-1050, CVE-2016-1051, CVE-2016-1052, CVE-2016-1053, CVE-2016-1054, CVE-2016-1055, CVE-2016-1056, CVE-2016-1057, CVE-2016-1058, CVE-2016-1059, CVE-2016-1060, CVE-2016-1065, CVE-2016-1066, CVE-2016-1067, CVE-2016-1068, CVE-2016-1069, CVE-2016-1070, CVE-2016-1075, CVE-2016-1094, CVE-2016-1121, CVE-2016-1122, CVE-2016-4102, and CVE-2016-4107."
},
{
"lang": "es",
"value": "Vulnerabilidad de uso despu\u00e9s de liberaci\u00f3n de memoria en Adobe Reader y Acrobat en versiones anteriores a 11.0.16, Acrobat y Acrobat Reader DC Classic en versiones anteriores a 15.006.30172 y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 15.016.20039 sobre Windows y OS X permite a atacantes ejecutar c\u00f3digo arbitrario a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-1045, CVE-2016-1046, CVE-2016-1047, CVE-2016-1048, CVE-2016-1049, CVE-2016-1050, CVE-2016-1051, CVE-2016-1052, CVE-2016-1053, CVE-2016-1054, CVE-2016-1055, CVE-2016-1056, CVE-2016-1057, CVE-2016-1058, CVE-2016-1059, CVE-2016-1060, CVE-2016-1065, CVE-2016-1066, CVE-2016-1067, CVE-2016-1068, CVE-2016-1069, CVE-2016-1070, CVE-2016-1075, CVE-2016-1094, CVE-2016-1121, CVE-2016-1122, CVE-2016-4102 y CVE-2016-4107."
}
],
"evaluatorComment": "\u003ca href=\"http://cwe.mitre.org/data/definitions/416.html\"\u003eCWE-416: Use After Free\u003c/a\u003e",
"id": "CVE-2016-1061",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-05-11T10:59:27.877",
"references": [
{
"source": "psirt@adobe.com",
"url": "http://www.securityfocus.com/bid/90512"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"source": "psirt@adobe.com",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-309"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/90512"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-309"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-05-11 11:00
Modified
2025-04-12 10:46
Severity ?
Summary
Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| psirt@adobe.com | http://www.securitytracker.com/id/1035828 | Third Party Advisory, VDB Entry | |
| psirt@adobe.com | https://helpx.adobe.com/security/products/acrobat/apsb16-14.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1035828 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://helpx.adobe.com/security/products/acrobat/apsb16-14.html | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | mac_os_x | * | |
| microsoft | windows | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3A70458C-0416-49BD-A371-1CFA85DC6A13",
"versionEndIncluding": "11.0.15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "E91D5928-1453-4359-9F35-46D9A3A9CD91",
"versionEndIncluding": "15.006.30121",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "504D35C5-04CB-4FBD-B9FD-4CBA71A5EC1A",
"versionEndIncluding": "15.010.20060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "A63411C3-E8AE-415D-B1B6-1EA6AA20494A",
"versionEndIncluding": "15.006.30121",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "B33BAE59-1F77-4F21-A5C0-B5D9D1D67F1E",
"versionEndIncluding": "15.010.20060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "15C60A67-A7DE-4B57-BC2B-28D9B546DA3B",
"versionEndIncluding": "11.0.15",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105."
},
{
"lang": "es",
"value": "Adobe Reader y Acrobat en versiones anteriores a 11.0.16, Acrobat y Acrobat Reader DC Classic en versiones anteriores a 15.006.30172 y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 15.016.20039 sobre Windows y OS X permiten a atacantes ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104 y CVE-2016-4105."
}
],
"id": "CVE-2016-4097",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-05-11T11:00:48.577",
"references": [
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1035828"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1035828"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-01-11 04:59
Modified
2025-04-20 01:37
Severity ?
Summary
Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable use after free vulnerability in the JavaScript engine. Successful exploitation could lead to arbitrary code execution.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * | |
| apple | mac_os_x | * | |
| microsoft | windows | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "591061D5-5A3B-4788-9219-E6A267C7F205",
"versionEndIncluding": "11.0.18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "2DA73DF1-D517-4D01-A901-11C6A410F3F7",
"versionEndIncluding": "15.006.30244",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "1044057B-3C1D-4920-B16E-11E8F43B416D",
"versionEndIncluding": "15.020.20042",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "65AE21B3-AF0D-480B-9D1A-4D64D2F749D2",
"versionEndIncluding": "15.006.30244",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "C032D3A4-80F5-4066-97DC-3AED72D6C15A",
"versionEndIncluding": "15.020.20042",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8D7F2E90-F6DF-41A3-A1DB-26058BEA2A02",
"versionEndIncluding": "11.0.18",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable use after free vulnerability in the JavaScript engine. Successful exploitation could lead to arbitrary code execution."
},
{
"lang": "es",
"value": "Las versiones de Adobe Acrobat Reader 15.020.20042 y anteriores, 15.006.30244 y anteriores, 11.0.18 y anteriores tienen una vulnerabilidad de uso despu\u00e9s de liberaci\u00f3n de memoria explotable en el motor JavaScript. Una explotaci\u00f3n satisfactoria podr\u00eda conducir a la ejecuci\u00f3n de c\u00f3digo arbitrario."
}
],
"id": "CVE-2017-2955",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-01-11T04:59:01.617",
"references": [
{
"source": "psirt@adobe.com",
"url": "http://www.securityfocus.com/bid/95343"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1037574"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/95343"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1037574"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-416"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2009-04-30 20:30
Modified
2025-04-09 00:30
Severity ?
Summary
The customDictionaryOpen spell method in the JavaScript API in Adobe Reader 9.1, 8.1.4, 7.1.1, and earlier on Linux and UNIX allows remote attackers to cause a denial of service (memory corruption) or execute arbitrary code via a PDF file that triggers a call to this method with a long string in the second argument.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:reader:8.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "61151189-E24C-4AB6-BC60-B9AF720E3D4B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FBE16943-CCD8-4A39-832F-F6ED3CF2936B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The customDictionaryOpen spell method in the JavaScript API in Adobe Reader 9.1, 8.1.4, 7.1.1, and earlier on Linux and UNIX allows remote attackers to cause a denial of service (memory corruption) or execute arbitrary code via a PDF file that triggers a call to this method with a long string in the second argument."
},
{
"lang": "es",
"value": "El m\u00e9todo spell customDictionaryOpen en la API de JavaScript en Adobe Reader v8.1.4 y v9.1 de Linux permite a atacantes remotos provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) o ejecutar c\u00f3digo arbitrario a trav\u00e9s de un archivo PDF que activa una llamada a este m\u00e9todo con una larga cadena de en el segundo argumento."
}
],
"id": "CVE-2009-1493",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2009-04-30T20:30:00.687",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://blogs.adobe.com/psirt/2009/04/update_on_adobe_reader_issue.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://blogs.adobe.com/psirt/2009/05/adobe_reader_issue_update.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00001.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00003.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://osvdb.org/54129"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://packetstorm.linuxsecurity.com/0904-exploits/spell.txt"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/34924"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/35055"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/35096"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/35152"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/35358"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/35416"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/35734"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://security.gentoo.org/glsa/glsa-200907-06.xml"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-259028-1"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL\u0026id=926953"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.adobe.com/support/security/bulletins/apsb09-06.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/970180"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-0478.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/34740"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id?1022139"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA09-133B.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://www.vupen.com/english/advisories/2009/1189"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://www.vupen.com/english/advisories/2009/1317"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50146"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.exploit-db.com/exploits/8570"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://blogs.adobe.com/psirt/2009/04/update_on_adobe_reader_issue.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://blogs.adobe.com/psirt/2009/05/adobe_reader_issue_update.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00001.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00003.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://osvdb.org/54129"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://packetstorm.linuxsecurity.com/0904-exploits/spell.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/34924"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/35055"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/35096"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/35152"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/35358"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/35416"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://secunia.com/advisories/35734"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://security.gentoo.org/glsa/glsa-200907-06.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-259028-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL\u0026id=926953"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.adobe.com/support/security/bulletins/apsb09-06.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/970180"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-0478.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/34740"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id?1022139"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA09-133B.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.vupen.com/english/advisories/2009/1189"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.vupen.com/english/advisories/2009/1317"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50146"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.exploit-db.com/exploits/8570"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-399"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-10-13 19:59
Modified
2025-04-12 10:46
Severity ?
Summary
Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | mac_os_x | * | |
| microsoft | windows | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CE518B7B-656F-42F8-BF38-F74B8D9CF5DE",
"versionEndIncluding": "11.0.17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "56758CE4-B394-41C2-9EF9-A00022DA7257",
"versionEndIncluding": "15.006.30201",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "B3F34EB4-2203-4BA8-9729-C1EB2DEEC334",
"versionEndIncluding": "15.017.20053",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "08EAC1A2-56CE-4375-822A-9B8C43758654",
"versionEndIncluding": "15.006.30201",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "747D8222-B077-49A3-83EB-A210CAF0D094",
"versionEndIncluding": "15.017.20053",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0A07526D-9AD0-4778-B9DC-57815F9F450F",
"versionEndIncluding": "11.0.17",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019."
},
{
"lang": "es",
"value": "Adobe Reader y Acrobat en versiones anteriores a 11.0.18, Acrobat y Acrobat Reader DC Classic en versiones anteriores a 15.006.30243 y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 15.020.20039 en Windows y OS X permiten a atacantes ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018 y CVE-2016-7019."
}
],
"id": "CVE-2016-6956",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-10-13T19:59:27.053",
"references": [
{
"source": "psirt@adobe.com",
"url": "http://www.securityfocus.com/bid/93496"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/93496"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-05-11 10:59
Modified
2025-04-12 10:46
Severity ?
Summary
Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1045, CVE-2016-1046, CVE-2016-1047, CVE-2016-1048, CVE-2016-1049, CVE-2016-1051, CVE-2016-1052, CVE-2016-1053, CVE-2016-1054, CVE-2016-1055, CVE-2016-1056, CVE-2016-1057, CVE-2016-1058, CVE-2016-1059, CVE-2016-1060, CVE-2016-1061, CVE-2016-1065, CVE-2016-1066, CVE-2016-1067, CVE-2016-1068, CVE-2016-1069, CVE-2016-1070, CVE-2016-1075, CVE-2016-1094, CVE-2016-1121, CVE-2016-1122, CVE-2016-4102, and CVE-2016-4107.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | mac_os_x | * | |
| microsoft | windows | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3A70458C-0416-49BD-A371-1CFA85DC6A13",
"versionEndIncluding": "11.0.15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "E91D5928-1453-4359-9F35-46D9A3A9CD91",
"versionEndIncluding": "15.006.30121",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "504D35C5-04CB-4FBD-B9FD-4CBA71A5EC1A",
"versionEndIncluding": "15.010.20060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "A63411C3-E8AE-415D-B1B6-1EA6AA20494A",
"versionEndIncluding": "15.006.30121",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "B33BAE59-1F77-4F21-A5C0-B5D9D1D67F1E",
"versionEndIncluding": "15.010.20060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "15C60A67-A7DE-4B57-BC2B-28D9B546DA3B",
"versionEndIncluding": "11.0.15",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1045, CVE-2016-1046, CVE-2016-1047, CVE-2016-1048, CVE-2016-1049, CVE-2016-1051, CVE-2016-1052, CVE-2016-1053, CVE-2016-1054, CVE-2016-1055, CVE-2016-1056, CVE-2016-1057, CVE-2016-1058, CVE-2016-1059, CVE-2016-1060, CVE-2016-1061, CVE-2016-1065, CVE-2016-1066, CVE-2016-1067, CVE-2016-1068, CVE-2016-1069, CVE-2016-1070, CVE-2016-1075, CVE-2016-1094, CVE-2016-1121, CVE-2016-1122, CVE-2016-4102, and CVE-2016-4107."
},
{
"lang": "es",
"value": "Vulnerabilidad de uso despu\u00e9s de liberaci\u00f3n de memoria en Adobe Reader y Acrobat en versiones anteriores a 11.0.16, Acrobat y Acrobat Reader DC Classic en versiones anteriores a 15.006.30172 y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 15.016.20039 sobre Windows y OS X permite a atacantes ejecutar c\u00f3digo arbitrario a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-1045, CVE-2016-1046, CVE-2016-1047, CVE-2016-1048, CVE-2016-1049, CVE-2016-1051, CVE-2016-1052, CVE-2016-1053, CVE-2016-1054, CVE-2016-1055, CVE-2016-1056, CVE-2016-1057, CVE-2016-1058, CVE-2016-1059, CVE-2016-1060, CVE-2016-1061, CVE-2016-1065, CVE-2016-1066, CVE-2016-1067, CVE-2016-1068, CVE-2016-1069, CVE-2016-1070, CVE-2016-1075, CVE-2016-1094, CVE-2016-1121, CVE-2016-1122, CVE-2016-4102 y CVE-2016-4107."
}
],
"evaluatorComment": "\u003ca href=\"http://cwe.mitre.org/data/definitions/416.html\"\u003eCWE-416: Use After Free\u003c/a\u003e",
"id": "CVE-2016-1050",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-05-11T10:59:15.597",
"references": [
{
"source": "psirt@adobe.com",
"url": "http://www.securityfocus.com/bid/90512"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"source": "psirt@adobe.com",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-298"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/90512"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-298"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-10-13 19:59
Modified
2025-04-12 10:46
Severity ?
Summary
Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1089, CVE-2016-6944, CVE-2016-6945, CVE-2016-6946, CVE-2016-6949, CVE-2016-6952, CVE-2016-6953, CVE-2016-6961, CVE-2016-6962, CVE-2016-6963, CVE-2016-6964, CVE-2016-6965, CVE-2016-6967, CVE-2016-6968, CVE-2016-6969, CVE-2016-6971, CVE-2016-6979, CVE-2016-6988, and CVE-2016-6993.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | mac_os_x | * | |
| microsoft | windows | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CE518B7B-656F-42F8-BF38-F74B8D9CF5DE",
"versionEndIncluding": "11.0.17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "56758CE4-B394-41C2-9EF9-A00022DA7257",
"versionEndIncluding": "15.006.30201",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "B3F34EB4-2203-4BA8-9729-C1EB2DEEC334",
"versionEndIncluding": "15.017.20053",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "08EAC1A2-56CE-4375-822A-9B8C43758654",
"versionEndIncluding": "15.006.30201",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "747D8222-B077-49A3-83EB-A210CAF0D094",
"versionEndIncluding": "15.017.20053",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0A07526D-9AD0-4778-B9DC-57815F9F450F",
"versionEndIncluding": "11.0.17",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1089, CVE-2016-6944, CVE-2016-6945, CVE-2016-6946, CVE-2016-6949, CVE-2016-6952, CVE-2016-6953, CVE-2016-6961, CVE-2016-6962, CVE-2016-6963, CVE-2016-6964, CVE-2016-6965, CVE-2016-6967, CVE-2016-6968, CVE-2016-6969, CVE-2016-6971, CVE-2016-6979, CVE-2016-6988, and CVE-2016-6993."
},
{
"lang": "es",
"value": "Vulnerabilidad de uso despues de liberaci\u00f3n de memoria en Adobe Reader y Acrobat en versiones anteriores a 11.0.18, Acrobat y Acrobat Reader DC Classic en versiones anteriores a 15.006.30243 y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 15.020.20039 en Windows y OS X permite a atacantes ejecutar c\u00f3digo arbitrario a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-1089, CVE-2016-6944, CVE-2016-6945, CVE-2016-6946, CVE-2016-6949, CVE-2016-6952, CVE-2016-6953, CVE-2016-6961, CVE-2016-6962, CVE-2016-6963, CVE-2016-6964, CVE-2016-6965, CVE-2016-6967, CVE-2016-6968, CVE-2016-6969, CVE-2016-6971, CVE-2016-6979, CVE-2016-6988 y CVE-2016-6993."
}
],
"id": "CVE-2016-1091",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-10-13T19:59:03.540",
"references": [
{
"source": "psirt@adobe.com",
"url": "http://www.securityfocus.com/bid/93491"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"source": "psirt@adobe.com",
"tags": [
"Mitigation",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/93491"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mitigation",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-416"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-05-11 10:59
Modified
2025-04-12 10:46
Severity ?
Summary
Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | mac_os_x | * | |
| microsoft | windows | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3A70458C-0416-49BD-A371-1CFA85DC6A13",
"versionEndIncluding": "11.0.15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "E91D5928-1453-4359-9F35-46D9A3A9CD91",
"versionEndIncluding": "15.006.30121",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "504D35C5-04CB-4FBD-B9FD-4CBA71A5EC1A",
"versionEndIncluding": "15.010.20060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "A63411C3-E8AE-415D-B1B6-1EA6AA20494A",
"versionEndIncluding": "15.006.30121",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "B33BAE59-1F77-4F21-A5C0-B5D9D1D67F1E",
"versionEndIncluding": "15.010.20060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "15C60A67-A7DE-4B57-BC2B-28D9B546DA3B",
"versionEndIncluding": "11.0.15",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105."
},
{
"lang": "es",
"value": "Adobe Reader y Acrobat en versiones anteriores a 11.0.16, Acrobat y Acrobat Reader DC Classic en versiones anteriores a 15.006.30172 y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 15.016.20039 sobre Windows y OS X permiten a atacantes ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104 y CVE-2016-4105."
}
],
"id": "CVE-2016-1085",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-05-11T10:59:55.830",
"references": [
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-05-11 10:59
Modified
2025-04-12 10:46
Severity ?
Summary
Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | mac_os_x | * | |
| microsoft | windows | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3A70458C-0416-49BD-A371-1CFA85DC6A13",
"versionEndIncluding": "11.0.15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "E91D5928-1453-4359-9F35-46D9A3A9CD91",
"versionEndIncluding": "15.006.30121",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "504D35C5-04CB-4FBD-B9FD-4CBA71A5EC1A",
"versionEndIncluding": "15.010.20060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "A63411C3-E8AE-415D-B1B6-1EA6AA20494A",
"versionEndIncluding": "15.006.30121",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "B33BAE59-1F77-4F21-A5C0-B5D9D1D67F1E",
"versionEndIncluding": "15.010.20060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "15C60A67-A7DE-4B57-BC2B-28D9B546DA3B",
"versionEndIncluding": "11.0.15",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105."
},
{
"lang": "es",
"value": "Adobe Reader y Acrobat en versiones anteriores a 11.0.16, Acrobat y Acrobat Reader DC Classic en versiones anteriores a 15.006.30172 y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 15.016.20039 sobre Windows y OS X permiten a atacantes ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104 y CVE-2016-4105."
}
],
"id": "CVE-2016-1084",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-05-11T10:59:54.737",
"references": [
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-01-11 04:59
Modified
2025-04-20 01:37
Severity ?
Summary
Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable heap overflow vulnerability when parsing the segment for storing non-graphic information. Successful exploitation could lead to arbitrary code execution.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * | |
| apple | mac_os_x | * | |
| microsoft | windows | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "591061D5-5A3B-4788-9219-E6A267C7F205",
"versionEndIncluding": "11.0.18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "2DA73DF1-D517-4D01-A901-11C6A410F3F7",
"versionEndIncluding": "15.006.30244",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "1044057B-3C1D-4920-B16E-11E8F43B416D",
"versionEndIncluding": "15.020.20042",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "65AE21B3-AF0D-480B-9D1A-4D64D2F749D2",
"versionEndIncluding": "15.006.30244",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "C032D3A4-80F5-4066-97DC-3AED72D6C15A",
"versionEndIncluding": "15.020.20042",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8D7F2E90-F6DF-41A3-A1DB-26058BEA2A02",
"versionEndIncluding": "11.0.18",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable heap overflow vulnerability when parsing the segment for storing non-graphic information. Successful exploitation could lead to arbitrary code execution."
},
{
"lang": "es",
"value": "Las versiones de Adobe Acrobat Reader 15.020.20042 y anteriores, 15.006.30244 y anteriores, 11.0.18 y anteriores tienen una vulnerabilidad de desbordamiento de memoria din\u00e1mica explotable al analizar el segmento para almacenar informaci\u00f3n no gr\u00e1fica. Una explotaci\u00f3n satisfactoria podr\u00eda conducir a la ejecuci\u00f3n de c\u00f3digo arbitrario."
}
],
"id": "CVE-2017-2946",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-01-11T04:59:01.087",
"references": [
{
"source": "psirt@adobe.com",
"url": "http://www.securityfocus.com/bid/95344"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1037574"
},
{
"source": "psirt@adobe.com",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-17-003"
},
{
"source": "psirt@adobe.com",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-17-004"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/95344"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1037574"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-17-003"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-17-004"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-05-11 10:59
Modified
2025-04-12 10:46
Severity ?
Summary
Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1045, CVE-2016-1046, CVE-2016-1047, CVE-2016-1048, CVE-2016-1049, CVE-2016-1050, CVE-2016-1051, CVE-2016-1053, CVE-2016-1054, CVE-2016-1055, CVE-2016-1056, CVE-2016-1057, CVE-2016-1058, CVE-2016-1059, CVE-2016-1060, CVE-2016-1061, CVE-2016-1065, CVE-2016-1066, CVE-2016-1067, CVE-2016-1068, CVE-2016-1069, CVE-2016-1070, CVE-2016-1075, CVE-2016-1094, CVE-2016-1121, CVE-2016-1122, CVE-2016-4102, and CVE-2016-4107.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | mac_os_x | * | |
| microsoft | windows | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3A70458C-0416-49BD-A371-1CFA85DC6A13",
"versionEndIncluding": "11.0.15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "E91D5928-1453-4359-9F35-46D9A3A9CD91",
"versionEndIncluding": "15.006.30121",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "504D35C5-04CB-4FBD-B9FD-4CBA71A5EC1A",
"versionEndIncluding": "15.010.20060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "A63411C3-E8AE-415D-B1B6-1EA6AA20494A",
"versionEndIncluding": "15.006.30121",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "B33BAE59-1F77-4F21-A5C0-B5D9D1D67F1E",
"versionEndIncluding": "15.010.20060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "15C60A67-A7DE-4B57-BC2B-28D9B546DA3B",
"versionEndIncluding": "11.0.15",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1045, CVE-2016-1046, CVE-2016-1047, CVE-2016-1048, CVE-2016-1049, CVE-2016-1050, CVE-2016-1051, CVE-2016-1053, CVE-2016-1054, CVE-2016-1055, CVE-2016-1056, CVE-2016-1057, CVE-2016-1058, CVE-2016-1059, CVE-2016-1060, CVE-2016-1061, CVE-2016-1065, CVE-2016-1066, CVE-2016-1067, CVE-2016-1068, CVE-2016-1069, CVE-2016-1070, CVE-2016-1075, CVE-2016-1094, CVE-2016-1121, CVE-2016-1122, CVE-2016-4102, and CVE-2016-4107."
},
{
"lang": "es",
"value": "Vulnerabilidad de uso despu\u00e9s de liberaci\u00f3n de memoria en Adobe Reader y Acrobat en versiones anteriores a 11.0.16, Acrobat y Acrobat Reader DC Classic en versiones anteriores a 15.006.30172 y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 15.016.20039 sobre Windows y OS X permite a atacantes ejecutar c\u00f3digo arbitrario a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-1045, CVE-2016-1046, CVE-2016-1047, CVE-2016-1048, CVE-2016-1049, CVE-2016-1050, CVE-2016-1051, CVE-2016-1053, CVE-2016-1054, CVE-2016-1055, CVE-2016-1056, CVE-2016-1057, CVE-2016-1058, CVE-2016-1059, CVE-2016-1060, CVE-2016-1061, CVE-2016-1065, CVE-2016-1066, CVE-2016-1067, CVE-2016-1068, CVE-2016-1069, CVE-2016-1070, CVE-2016-1075, CVE-2016-1094, CVE-2016-1121, CVE-2016-1122, CVE-2016-4102 y CVE-2016-4107."
}
],
"evaluatorComment": "\u003ca href=\"http://cwe.mitre.org/data/definitions/416.html\"\u003eCWE-416: Use After Free\u003c/a\u003e",
"id": "CVE-2016-1052",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-05-11T10:59:18.160",
"references": [
{
"source": "psirt@adobe.com",
"url": "http://www.securityfocus.com/bid/90512"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"source": "psirt@adobe.com",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-300"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/90512"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-300"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-05-11 10:59
Modified
2025-04-12 10:46
Severity ?
Summary
Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to bypass JavaScript API execution restrictions via unspecified vectors, a different vulnerability than CVE-2016-1038, CVE-2016-1039, CVE-2016-1040, CVE-2016-1041, CVE-2016-1042, CVE-2016-1044, and CVE-2016-1117.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | mac_os_x | * | |
| microsoft | windows | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3A70458C-0416-49BD-A371-1CFA85DC6A13",
"versionEndIncluding": "11.0.15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "E91D5928-1453-4359-9F35-46D9A3A9CD91",
"versionEndIncluding": "15.006.30121",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "504D35C5-04CB-4FBD-B9FD-4CBA71A5EC1A",
"versionEndIncluding": "15.010.20060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "A63411C3-E8AE-415D-B1B6-1EA6AA20494A",
"versionEndIncluding": "15.006.30121",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "B33BAE59-1F77-4F21-A5C0-B5D9D1D67F1E",
"versionEndIncluding": "15.010.20060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "15C60A67-A7DE-4B57-BC2B-28D9B546DA3B",
"versionEndIncluding": "11.0.15",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to bypass JavaScript API execution restrictions via unspecified vectors, a different vulnerability than CVE-2016-1038, CVE-2016-1039, CVE-2016-1040, CVE-2016-1041, CVE-2016-1042, CVE-2016-1044, and CVE-2016-1117."
},
{
"lang": "es",
"value": "Adobe Reader y Acrobat en versiones anteriores a 11.0.16, Acrobat y Acrobat Reader DC Classic en versiones anteriores a 15.006.30172 y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 15.016.20039 sobre Windows y OS X permiten a atacantes eludir restricciones de ejecuci\u00f3n de la API JavaScript a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-1038, CVE-2016-1039, CVE-2016-1040, CVE-2016-1041, CVE-2016-1042, CVE-2016-1044 y CVE-2016-1117."
}
],
"id": "CVE-2016-1062",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-05-11T10:59:29.127",
"references": [
{
"source": "psirt@adobe.com",
"url": "http://www.securityfocus.com/bid/90517"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"source": "psirt@adobe.com",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-310"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/90517"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-310"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-284"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-05-11 10:59
Modified
2025-04-12 10:46
Severity ?
Summary
Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1045, CVE-2016-1046, CVE-2016-1047, CVE-2016-1048, CVE-2016-1049, CVE-2016-1050, CVE-2016-1051, CVE-2016-1052, CVE-2016-1053, CVE-2016-1054, CVE-2016-1055, CVE-2016-1056, CVE-2016-1057, CVE-2016-1058, CVE-2016-1059, CVE-2016-1060, CVE-2016-1061, CVE-2016-1065, CVE-2016-1066, CVE-2016-1067, CVE-2016-1068, CVE-2016-1069, CVE-2016-1075, CVE-2016-1094, CVE-2016-1121, CVE-2016-1122, CVE-2016-4102, and CVE-2016-4107.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | mac_os_x | * | |
| microsoft | windows | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3A70458C-0416-49BD-A371-1CFA85DC6A13",
"versionEndIncluding": "11.0.15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "E91D5928-1453-4359-9F35-46D9A3A9CD91",
"versionEndIncluding": "15.006.30121",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "504D35C5-04CB-4FBD-B9FD-4CBA71A5EC1A",
"versionEndIncluding": "15.010.20060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "A63411C3-E8AE-415D-B1B6-1EA6AA20494A",
"versionEndIncluding": "15.006.30121",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "B33BAE59-1F77-4F21-A5C0-B5D9D1D67F1E",
"versionEndIncluding": "15.010.20060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "15C60A67-A7DE-4B57-BC2B-28D9B546DA3B",
"versionEndIncluding": "11.0.15",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1045, CVE-2016-1046, CVE-2016-1047, CVE-2016-1048, CVE-2016-1049, CVE-2016-1050, CVE-2016-1051, CVE-2016-1052, CVE-2016-1053, CVE-2016-1054, CVE-2016-1055, CVE-2016-1056, CVE-2016-1057, CVE-2016-1058, CVE-2016-1059, CVE-2016-1060, CVE-2016-1061, CVE-2016-1065, CVE-2016-1066, CVE-2016-1067, CVE-2016-1068, CVE-2016-1069, CVE-2016-1075, CVE-2016-1094, CVE-2016-1121, CVE-2016-1122, CVE-2016-4102, and CVE-2016-4107."
},
{
"lang": "es",
"value": "Vulnerabilidad de uso despu\u00e9s de liberaci\u00f3n de memoria en Adobe Reader y Acrobat en versiones anteriores a 11.0.16, Acrobat y Acrobat Reader DC Classic en versiones anteriores a 15.006.30172 y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 15.016.20039 sobre Windows y OS X permite a atacantes ejecutar c\u00f3digo arbitrario a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-1045, CVE-2016-1046, CVE-2016-1047, CVE-2016-1048, CVE-2016-1049, CVE-2016-1050, CVE-2016-1051, CVE-2016-1052, CVE-2016-1053, CVE-2016-1054, CVE-2016-1055, CVE-2016-1056, CVE-2016-1057, CVE-2016-1058, CVE-2016-1059, CVE-2016-1060, CVE-2016-1061, CVE-2016-1065, CVE-2016-1066, CVE-2016-1067, CVE-2016-1068, CVE-2016-1069, CVE-2016-1075, CVE-2016-1094, CVE-2016-1121, CVE-2016-1122, CVE-2016-4102 y CVE-2016-4107."
}
],
"evaluatorComment": "\u003ca href=\"http://cwe.mitre.org/data/definitions/416.html\"\u003eCWE-416: Use After Free\u003c/a\u003e",
"id": "CVE-2016-1070",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-05-11T10:59:38.470",
"references": [
{
"source": "psirt@adobe.com",
"url": "http://www.securityfocus.com/bid/90512"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"source": "psirt@adobe.com",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-318"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/90512"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-318"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-08-11 19:29
Modified
2025-04-20 01:37
Severity ?
Summary
Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable use after free vulnerability in JavaScript engine when creating large strings. Successful exploitation could lead to arbitrary code execution.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| psirt@adobe.com | http://www.securityfocus.com/bid/100182 | Third Party Advisory, VDB Entry | |
| psirt@adobe.com | http://www.securitytracker.com/id/1039098 | Third Party Advisory, VDB Entry | |
| psirt@adobe.com | https://helpx.adobe.com/security/products/acrobat/apsb17-24.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/100182 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1039098 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://helpx.adobe.com/security/products/acrobat/apsb17-24.html | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * | |
| apple | mac_os_x | * | |
| microsoft | windows | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "841C1E2E-489F-452C-9512-C4976F7951ED",
"versionEndExcluding": "11.0.21",
"versionStartIncluding": "11.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "DD7E48BF-3FFF-4584-A3EF-4C3B671FF3E4",
"versionEndExcluding": "15.006.30355",
"versionStartIncluding": "15.000.0000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "AEAD8344-7386-4468-BD13-F3220B6EBA48",
"versionEndIncluding": "17.011.30066",
"versionStartIncluding": "17.000.0000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "4A939794-0D67-400D-AF40-5B09A747DA3B",
"versionEndExcluding": "17.012.20098",
"versionStartIncluding": "17.000.0000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "84C9A908-2F15-4B64-9627-32029DC93DCD",
"versionEndExcluding": "15.006.30355",
"versionStartIncluding": "15.000.0000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "28BC5560-D81A-4B5F-B38A-5BA6000E2586",
"versionEndExcluding": "17.011.30066",
"versionStartIncluding": "17.000.0000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "ADB953D4-4A78-4D43-BAD9-72BC7F3DF8D8",
"versionEndExcluding": "17.012.20098",
"versionStartIncluding": "17.000.0000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F6E71815-C6E4-465F-B484-C8C87543DEDC",
"versionEndExcluding": "11.0.21",
"versionStartIncluding": "11.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable use after free vulnerability in JavaScript engine when creating large strings. Successful exploitation could lead to arbitrary code execution."
},
{
"lang": "es",
"value": "Adobe Acrobat Reader 2017.009.20058 y anteriores, 2017.008.30051 y anteriores, 2015.006.30306 y anteriores, y 11.0.20 y anteriores tiene una vulnerabilidad de uso de memoria antes de liberaci\u00f3n (use after free) en el motor JavaScript al crear strings de gran tama\u00f1o. La explotaci\u00f3n con \u00e9xito de esta vulnerabilidad podr\u00eda permitir la ejecuci\u00f3n arbitraria de c\u00f3digo."
}
],
"id": "CVE-2017-3113",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-08-11T19:29:02.493",
"references": [
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/100182"
},
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039098"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/100182"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039098"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-416"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-08-11 19:29
Modified
2025-04-20 01:37
Severity ?
Summary
Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable heap overflow vulnerability in the JPEG parser. Successful exploitation could lead to arbitrary code execution.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| psirt@adobe.com | http://www.securityfocus.com/bid/100180 | Third Party Advisory, VDB Entry | |
| psirt@adobe.com | http://www.securitytracker.com/id/1039098 | Third Party Advisory, VDB Entry | |
| psirt@adobe.com | https://helpx.adobe.com/security/products/acrobat/apsb17-24.html | Patch, Vendor Advisory | |
| nvd@nist.gov | http://www.zerodayinitiative.com/advisories/ZDI-17-579/ | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/100180 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1039098 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://helpx.adobe.com/security/products/acrobat/apsb17-24.html | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| adobe | acrobat | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * | |
| apple | mac_os_x | * | |
| microsoft | windows | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A30D9514-FE2E-4A9C-9500-16890F53E970",
"versionEndIncluding": "11.0.20",
"versionStartIncluding": "11.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7C9B6745-48B3-47D5-B624-3321E9058FB6",
"versionEndIncluding": "17.011.30066",
"versionStartIncluding": "17.011.00000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "99D08096-DEEA-4409-835A-68479002FF0F",
"versionEndIncluding": "15.006.30306",
"versionStartIncluding": "15.006.30060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "C7A7FA12-9250-4E26-87AE-D5413A1B7D83",
"versionEndIncluding": "17.009.20058",
"versionStartIncluding": "15.007.20033",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "11A0E83A-9D77-4A0B-90DE-386D21D54146",
"versionEndIncluding": "17.011.30066",
"versionStartIncluding": "17.011.00000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "0E4BAFB4-C5F3-4033-9876-AC3CF37206F8",
"versionEndIncluding": "15.006.30306",
"versionStartIncluding": "15.006.30060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "7C578153-11EF-4F8D-9137-4F7AB8024D7E",
"versionEndIncluding": "17.009.20058",
"versionStartIncluding": "15.007.20033",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1F87CC97-6ED7-4AF1-B7B7-F89EA09A68DB",
"versionEndIncluding": "11.0.20",
"versionStartIncluding": "11.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable heap overflow vulnerability in the JPEG parser. Successful exploitation could lead to arbitrary code execution."
},
{
"lang": "es",
"value": "Adobe Acrobat Reader 2017.009.20058 y anteriores, 2017.008.30051 y anteriores, 2015.006.30306 y anteriores, y 11.0.20 y anteriores tiene una vulnerabilidad de desbordamiento basado en memoria din\u00e1mica en el parser JPEG. La explotaci\u00f3n con \u00e9xito de esta vulnerabilidad podr\u00eda permitir la ejecuci\u00f3n arbitraria de c\u00f3digo."
}
],
"id": "CVE-2017-11211",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-08-11T19:29:00.290",
"references": [
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/100180"
},
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039098"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"source": "nvd@nist.gov",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-17-579/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/100180"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039098"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-05-11 10:59
Modified
2025-04-12 10:46
Severity ?
Summary
Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | mac_os_x | * | |
| microsoft | windows | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3A70458C-0416-49BD-A371-1CFA85DC6A13",
"versionEndIncluding": "11.0.15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "E91D5928-1453-4359-9F35-46D9A3A9CD91",
"versionEndIncluding": "15.006.30121",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "504D35C5-04CB-4FBD-B9FD-4CBA71A5EC1A",
"versionEndIncluding": "15.010.20060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "A63411C3-E8AE-415D-B1B6-1EA6AA20494A",
"versionEndIncluding": "15.006.30121",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "B33BAE59-1F77-4F21-A5C0-B5D9D1D67F1E",
"versionEndIncluding": "15.010.20060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "15C60A67-A7DE-4B57-BC2B-28D9B546DA3B",
"versionEndIncluding": "11.0.15",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105."
},
{
"lang": "es",
"value": "Adobe Reader y Acrobat en versiones anteriores a 11.0.16, Acrobat y Acrobat Reader DC Classic en versiones anteriores a 15.006.30172 y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 15.016.20039 sobre Windows y OS X permiten a atacantes ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104 y CVE-2016-4105."
}
],
"id": "CVE-2016-1077",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-05-11T10:59:47.033",
"references": [
{
"source": "psirt@adobe.com",
"url": "http://packetstormsecurity.com/files/137035/Adobe-Reader-DC-15.010.20060-Memory-Corruption.html"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"source": "psirt@adobe.com",
"url": "https://0patch.blogspot.com/2016/06/writing-0patch-for-acrobat-readers-use.html"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
},
{
"source": "psirt@adobe.com",
"url": "https://www.exploit-db.com/exploits/39799/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://packetstormsecurity.com/files/137035/Adobe-Reader-DC-15.010.20060-Memory-Corruption.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://0patch.blogspot.com/2016/06/writing-0patch-for-acrobat-readers-use.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.exploit-db.com/exploits/39799/"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-10-13 20:00
Modified
2025-04-12 10:46
Severity ?
Summary
Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | mac_os_x | * | |
| microsoft | windows | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CE518B7B-656F-42F8-BF38-F74B8D9CF5DE",
"versionEndIncluding": "11.0.17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "56758CE4-B394-41C2-9EF9-A00022DA7257",
"versionEndIncluding": "15.006.30201",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "B3F34EB4-2203-4BA8-9729-C1EB2DEEC334",
"versionEndIncluding": "15.017.20053",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "08EAC1A2-56CE-4375-822A-9B8C43758654",
"versionEndIncluding": "15.006.30201",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "747D8222-B077-49A3-83EB-A210CAF0D094",
"versionEndIncluding": "15.017.20053",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0A07526D-9AD0-4778-B9DC-57815F9F450F",
"versionEndIncluding": "11.0.17",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019."
},
{
"lang": "es",
"value": "Adobe Reader y Acrobat en versiones anteriores a 11.0.18, Acrobat y Acrobat Reader DC Classic en versiones anteriores a 15.006.30243 y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 15.020.20039 en Windows y OS X permiten a atacantes ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018 y CVE-2016-7019."
}
],
"id": "CVE-2016-6997",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-10-13T20:00:23.757",
"references": [
{
"source": "psirt@adobe.com",
"url": "http://www.securityfocus.com/bid/93496"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/93496"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-05-11 10:59
Modified
2025-04-12 10:46
Severity ?
Summary
Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1045, CVE-2016-1047, CVE-2016-1048, CVE-2016-1049, CVE-2016-1050, CVE-2016-1051, CVE-2016-1052, CVE-2016-1053, CVE-2016-1054, CVE-2016-1055, CVE-2016-1056, CVE-2016-1057, CVE-2016-1058, CVE-2016-1059, CVE-2016-1060, CVE-2016-1061, CVE-2016-1065, CVE-2016-1066, CVE-2016-1067, CVE-2016-1068, CVE-2016-1069, CVE-2016-1070, CVE-2016-1075, CVE-2016-1094, CVE-2016-1121, CVE-2016-1122, CVE-2016-4102, and CVE-2016-4107.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | mac_os_x | * | |
| microsoft | windows | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3A70458C-0416-49BD-A371-1CFA85DC6A13",
"versionEndIncluding": "11.0.15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "E91D5928-1453-4359-9F35-46D9A3A9CD91",
"versionEndIncluding": "15.006.30121",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "504D35C5-04CB-4FBD-B9FD-4CBA71A5EC1A",
"versionEndIncluding": "15.010.20060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "A63411C3-E8AE-415D-B1B6-1EA6AA20494A",
"versionEndIncluding": "15.006.30121",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "B33BAE59-1F77-4F21-A5C0-B5D9D1D67F1E",
"versionEndIncluding": "15.010.20060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "15C60A67-A7DE-4B57-BC2B-28D9B546DA3B",
"versionEndIncluding": "11.0.15",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1045, CVE-2016-1047, CVE-2016-1048, CVE-2016-1049, CVE-2016-1050, CVE-2016-1051, CVE-2016-1052, CVE-2016-1053, CVE-2016-1054, CVE-2016-1055, CVE-2016-1056, CVE-2016-1057, CVE-2016-1058, CVE-2016-1059, CVE-2016-1060, CVE-2016-1061, CVE-2016-1065, CVE-2016-1066, CVE-2016-1067, CVE-2016-1068, CVE-2016-1069, CVE-2016-1070, CVE-2016-1075, CVE-2016-1094, CVE-2016-1121, CVE-2016-1122, CVE-2016-4102, and CVE-2016-4107."
},
{
"lang": "es",
"value": "Vulnerabilidad de uso despu\u00e9s de liberaci\u00f3n de memoria en Adobe Reader y Acrobat en versiones anteriores a 11.0.16, Acrobat y Acrobat Reader DC Classic en versiones anteriores a 15.006.30172 y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 15.016.20039 sobre Windows y OS X permite a atacantes ejecutar c\u00f3digo arbitrario a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-1045, CVE-2016-1047, CVE-2016-1048, CVE-2016-1049, CVE-2016-1050, CVE-2016-1051, CVE-2016-1052, CVE-2016-1053, CVE-2016-1054, CVE-2016-1055, CVE-2016-1056, CVE-2016-1057, CVE-2016-1058, CVE-2016-1059, CVE-2016-1060, CVE-2016-1061, CVE-2016-1065, CVE-2016-1066, CVE-2016-1067, CVE-2016-1068, CVE-2016-1069, CVE-2016-1070, CVE-2016-1075, CVE-2016-1094, CVE-2016-1121, CVE-2016-1122, CVE-2016-4102 y CVE-2016-4107."
}
],
"evaluatorComment": "\u003ca href=\"http://cwe.mitre.org/data/definitions/416.html\"\u003eCWE-416: Use After Free\u003c/a\u003e",
"id": "CVE-2016-1046",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-05-11T10:59:10.723",
"references": [
{
"source": "psirt@adobe.com",
"url": "http://www.securityfocus.com/bid/90512"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"source": "psirt@adobe.com",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-294"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/90512"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-294"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-05-11 10:59
Modified
2025-04-12 10:46
Severity ?
Summary
Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1046, CVE-2016-1047, CVE-2016-1048, CVE-2016-1049, CVE-2016-1050, CVE-2016-1051, CVE-2016-1052, CVE-2016-1053, CVE-2016-1054, CVE-2016-1055, CVE-2016-1056, CVE-2016-1057, CVE-2016-1058, CVE-2016-1059, CVE-2016-1060, CVE-2016-1061, CVE-2016-1065, CVE-2016-1066, CVE-2016-1067, CVE-2016-1068, CVE-2016-1069, CVE-2016-1070, CVE-2016-1075, CVE-2016-1094, CVE-2016-1121, CVE-2016-1122, CVE-2016-4102, and CVE-2016-4107.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | mac_os_x | * | |
| microsoft | windows | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3A70458C-0416-49BD-A371-1CFA85DC6A13",
"versionEndIncluding": "11.0.15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "E91D5928-1453-4359-9F35-46D9A3A9CD91",
"versionEndIncluding": "15.006.30121",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "504D35C5-04CB-4FBD-B9FD-4CBA71A5EC1A",
"versionEndIncluding": "15.010.20060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "A63411C3-E8AE-415D-B1B6-1EA6AA20494A",
"versionEndIncluding": "15.006.30121",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "B33BAE59-1F77-4F21-A5C0-B5D9D1D67F1E",
"versionEndIncluding": "15.010.20060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "15C60A67-A7DE-4B57-BC2B-28D9B546DA3B",
"versionEndIncluding": "11.0.15",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1046, CVE-2016-1047, CVE-2016-1048, CVE-2016-1049, CVE-2016-1050, CVE-2016-1051, CVE-2016-1052, CVE-2016-1053, CVE-2016-1054, CVE-2016-1055, CVE-2016-1056, CVE-2016-1057, CVE-2016-1058, CVE-2016-1059, CVE-2016-1060, CVE-2016-1061, CVE-2016-1065, CVE-2016-1066, CVE-2016-1067, CVE-2016-1068, CVE-2016-1069, CVE-2016-1070, CVE-2016-1075, CVE-2016-1094, CVE-2016-1121, CVE-2016-1122, CVE-2016-4102, and CVE-2016-4107."
},
{
"lang": "es",
"value": "Vulnerabilidad de uso despu\u00e9s de liberaci\u00f3n de memoria en Adobe Reader y Acrobat en versiones anteriores a 11.0.16, Acrobat y Acrobat Reader DC Classic en versiones anteriores a 15.006.30172 y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 15.016.20039 sobre Windows y OS X permite a atacantes ejecutar c\u00f3digo arbitrario a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-1046, CVE-2016-1047, CVE-2016-1048, CVE-2016-1049, CVE-2016-1050, CVE-2016-1051, CVE-2016-1052, CVE-2016-1053, CVE-2016-1054, CVE-2016-1055, CVE-2016-1056, CVE-2016-1057, CVE-2016-1058, CVE-2016-1059, CVE-2016-1060, CVE-2016-1061, CVE-2016-1065, CVE-2016-1066, CVE-2016-1067, CVE-2016-1068, CVE-2016-1069, CVE-2016-1070, CVE-2016-1075, CVE-2016-1094, CVE-2016-1121, CVE-2016-1122, CVE-2016-4102 y CVE-2016-4107."
}
],
"evaluatorComment": "\u003ca href=\"http://cwe.mitre.org/data/definitions/416.html\"\u003eCWE-416: Use After Free\u003c/a\u003e",
"id": "CVE-2016-1045",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-05-11T10:59:09.660",
"references": [
{
"source": "psirt@adobe.com",
"url": "http://www.securityfocus.com/bid/90512"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"source": "psirt@adobe.com",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-293"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/90512"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-293"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-01-11 04:59
Modified
2025-04-20 01:37
Severity ?
Summary
Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable use after free vulnerability in the XFA engine, related to validation functionality. Successful exploitation could lead to arbitrary code execution.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * | |
| apple | mac_os_x | * | |
| microsoft | windows | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "591061D5-5A3B-4788-9219-E6A267C7F205",
"versionEndIncluding": "11.0.18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "2DA73DF1-D517-4D01-A901-11C6A410F3F7",
"versionEndIncluding": "15.006.30244",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "1044057B-3C1D-4920-B16E-11E8F43B416D",
"versionEndIncluding": "15.020.20042",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "65AE21B3-AF0D-480B-9D1A-4D64D2F749D2",
"versionEndIncluding": "15.006.30244",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "C032D3A4-80F5-4066-97DC-3AED72D6C15A",
"versionEndIncluding": "15.020.20042",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8D7F2E90-F6DF-41A3-A1DB-26058BEA2A02",
"versionEndIncluding": "11.0.18",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable use after free vulnerability in the XFA engine, related to validation functionality. Successful exploitation could lead to arbitrary code execution."
},
{
"lang": "es",
"value": "Las versiones de Adobe Acrobat Reader 15.020.20042 y anteriores, 15.006.30244 y anteriores, 11.0.18 y anteriores tienen una vulnerabilidad de uso despu\u00e9s de liberaci\u00f3n de memoria explotable en el motor XFA, relacionado con la funcionalidad de validaci\u00f3n. Una explotaci\u00f3n satisfactoria podr\u00eda conducir a la ejecuci\u00f3n de c\u00f3digo arbitrario."
}
],
"id": "CVE-2017-2961",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-01-11T04:59:01.930",
"references": [
{
"source": "psirt@adobe.com",
"url": "http://www.securityfocus.com/bid/95343"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1037574"
},
{
"source": "psirt@adobe.com",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-17-025"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/95343"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1037574"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-17-025"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-416"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-04-12 14:59
Modified
2025-04-20 01:37
Severity ?
Summary
Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability when parsing TTF (TrueType font format) stream data. Successful exploitation could lead to arbitrary code execution.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * | |
| apple | mac_os_x | * | |
| microsoft | windows | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "920C2C98-5D86-4436-BEFF-54D9A41D43C8",
"versionEndIncluding": "11.0.19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "E065F497-3396-4F95-B19F-35628C8AA570",
"versionEndIncluding": "15.006.30280",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "FAC7EE17-469A-45D6-94B1-7C84E8727A06",
"versionEndIncluding": "15.023.20070",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "EF2B91EA-41D3-4054-958C-5F174D2ADDF0",
"versionEndIncluding": "15.006.30280",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "2E18E48C-BDDD-4A01-91F1-C233D53C0978",
"versionEndIncluding": "15.023.20070",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E65E415E-1C3C-472E-9750-3295B65CC6F0",
"versionEndIncluding": "11.0.19",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability when parsing TTF (TrueType font format) stream data. Successful exploitation could lead to arbitrary code execution."
},
{
"lang": "es",
"value": "Las versiones de Adobe Acrobat Reader 11.0.19 y anteriores, 15.006.30280 y anteriores, 15.023.20070 y anteriores tienen una vulnerabilidad de corrupci\u00f3n de memoria explotable al analizar datos de flujo TTF (formato de fuente TrueType). Una explotaci\u00f3n exitosa podr\u00eda conducir a la ejecuci\u00f3n arbitraria de c\u00f3digo."
}
],
"id": "CVE-2017-3038",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-04-12T14:59:02.437",
"references": [
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/97556"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1038228"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1039098"
},
{
"source": "psirt@adobe.com",
"tags": [
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
},
{
"source": "psirt@adobe.com",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/97556"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1038228"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1039098"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-07-13 02:00
Modified
2025-04-12 10:46
Severity ?
Summary
Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4191, CVE-2016-4192, CVE-2016-4194, CVE-2016-4195, CVE-2016-4196, CVE-2016-4197, CVE-2016-4198, CVE-2016-4199, CVE-2016-4200, CVE-2016-4201, CVE-2016-4202, CVE-2016-4203, CVE-2016-4204, CVE-2016-4205, CVE-2016-4206, CVE-2016-4207, CVE-2016-4208, CVE-2016-4211, CVE-2016-4212, CVE-2016-4213, CVE-2016-4214, CVE-2016-4250, CVE-2016-4251, CVE-2016-4252, and CVE-2016-4254.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | mac_os_x | * | |
| microsoft | windows | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "48F7FCE4-6C44-45DA-B1F0-7808F497AA93",
"versionEndIncluding": "11.0.16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "3F3C7F23-77F4-4698-8E74-72917F2A83E9",
"versionEndIncluding": "15.006.30174",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "2E46BF91-F475-46CB-8575-13FE3A57BD55",
"versionEndIncluding": "15.016.20045",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "6D455EA4-9459-471D-8B4E-D7D78C1772F3",
"versionEndIncluding": "15.006.30174",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "79074ABD-9720-4298-A680-0B636FFC6151",
"versionEndIncluding": "15.016.20045",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CD2EDEC-3767-4713-ACD7-D463DAE2D273",
"versionEndIncluding": "11.0.16",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4191, CVE-2016-4192, CVE-2016-4194, CVE-2016-4195, CVE-2016-4196, CVE-2016-4197, CVE-2016-4198, CVE-2016-4199, CVE-2016-4200, CVE-2016-4201, CVE-2016-4202, CVE-2016-4203, CVE-2016-4204, CVE-2016-4205, CVE-2016-4206, CVE-2016-4207, CVE-2016-4208, CVE-2016-4211, CVE-2016-4212, CVE-2016-4213, CVE-2016-4214, CVE-2016-4250, CVE-2016-4251, CVE-2016-4252, and CVE-2016-4254."
},
{
"lang": "es",
"value": "Adobe Reader y Acrobat en versiones anteriores a 11.0.17, Acrobat y Acrobat Reader DC Classic en versiones anteriores a 15.006.30198 y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 15.017.20050 en Windows y OS X permiten a atacantes ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-4191, CVE-2016-4192, CVE-2016-4194, CVE-2016-4195, CVE-2016-4196, CVE-2016-4197, CVE-2016-4198, CVE-2016-4199, CVE-2016-4200, CVE-2016-4201, CVE-2016-4202, CVE-2016-4203, CVE-2016-4204, CVE-2016-4205, CVE-2016-4206, CVE-2016-4207, CVE-2016-4208, CVE-2016-4211, CVE-2016-4212, CVE-2016-4213, CVE-2016-4214, CVE-2016-4250, CVE-2016-4251, CVE-2016-4252 y CVE-2016-4254."
}
],
"id": "CVE-2016-4193",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-07-13T02:00:03.210",
"references": [
{
"source": "psirt@adobe.com",
"url": "http://www.securityfocus.com/bid/91716"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1036281"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/91716"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1036281"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-08-11 19:29
Modified
2025-04-20 01:37
Severity ?
Summary
Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable heap overflow vulnerability in an internal data structure. Successful exploitation could lead to arbitrary code execution.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| psirt@adobe.com | http://www.securityfocus.com/bid/100180 | Third Party Advisory, VDB Entry | |
| psirt@adobe.com | http://www.securitytracker.com/id/1039098 | Third Party Advisory, VDB Entry | |
| psirt@adobe.com | https://helpx.adobe.com/security/products/acrobat/apsb17-24.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/100180 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1039098 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://helpx.adobe.com/security/products/acrobat/apsb17-24.html | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| adobe | acrobat | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * | |
| apple | mac_os_x | * | |
| microsoft | windows | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A30D9514-FE2E-4A9C-9500-16890F53E970",
"versionEndIncluding": "11.0.20",
"versionStartIncluding": "11.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7C9B6745-48B3-47D5-B624-3321E9058FB6",
"versionEndIncluding": "17.011.30066",
"versionStartIncluding": "17.011.00000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "99D08096-DEEA-4409-835A-68479002FF0F",
"versionEndIncluding": "15.006.30306",
"versionStartIncluding": "15.006.30060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "C7A7FA12-9250-4E26-87AE-D5413A1B7D83",
"versionEndIncluding": "17.009.20058",
"versionStartIncluding": "15.007.20033",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "11A0E83A-9D77-4A0B-90DE-386D21D54146",
"versionEndIncluding": "17.011.30066",
"versionStartIncluding": "17.011.00000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "0E4BAFB4-C5F3-4033-9876-AC3CF37206F8",
"versionEndIncluding": "15.006.30306",
"versionStartIncluding": "15.006.30060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "7C578153-11EF-4F8D-9137-4F7AB8024D7E",
"versionEndIncluding": "17.009.20058",
"versionStartIncluding": "15.007.20033",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1F87CC97-6ED7-4AF1-B7B7-F89EA09A68DB",
"versionEndIncluding": "11.0.20",
"versionStartIncluding": "11.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable heap overflow vulnerability in an internal data structure. Successful exploitation could lead to arbitrary code execution."
},
{
"lang": "es",
"value": "Adobe Acrobat Reader 2017.009.20058 y anteriores, 2017.008.30051 y anteriores, 2015.006.30306 y anteriores, y 11.0.20 y anteriores tiene una vulnerabilidad de desbordamiento de memoria din\u00e1mica en una estructura de datos interna. La explotaci\u00f3n con \u00e9xito de esta vulnerabilidad podr\u00eda permitir la ejecuci\u00f3n arbitraria de c\u00f3digo."
}
],
"id": "CVE-2017-11220",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-08-11T19:29:00.507",
"references": [
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/100180"
},
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039098"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/100180"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039098"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-07-13 02:00
Modified
2025-04-12 10:46
Severity ?
Summary
Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4191, CVE-2016-4192, CVE-2016-4193, CVE-2016-4194, CVE-2016-4195, CVE-2016-4196, CVE-2016-4197, CVE-2016-4198, CVE-2016-4199, CVE-2016-4200, CVE-2016-4201, CVE-2016-4202, CVE-2016-4203, CVE-2016-4204, CVE-2016-4205, CVE-2016-4206, CVE-2016-4207, CVE-2016-4208, CVE-2016-4211, CVE-2016-4212, CVE-2016-4213, CVE-2016-4250, CVE-2016-4251, CVE-2016-4252, and CVE-2016-4254.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | mac_os_x | * | |
| microsoft | windows | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "48F7FCE4-6C44-45DA-B1F0-7808F497AA93",
"versionEndIncluding": "11.0.16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "3F3C7F23-77F4-4698-8E74-72917F2A83E9",
"versionEndIncluding": "15.006.30174",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "2E46BF91-F475-46CB-8575-13FE3A57BD55",
"versionEndIncluding": "15.016.20045",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "6D455EA4-9459-471D-8B4E-D7D78C1772F3",
"versionEndIncluding": "15.006.30174",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "79074ABD-9720-4298-A680-0B636FFC6151",
"versionEndIncluding": "15.016.20045",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CD2EDEC-3767-4713-ACD7-D463DAE2D273",
"versionEndIncluding": "11.0.16",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4191, CVE-2016-4192, CVE-2016-4193, CVE-2016-4194, CVE-2016-4195, CVE-2016-4196, CVE-2016-4197, CVE-2016-4198, CVE-2016-4199, CVE-2016-4200, CVE-2016-4201, CVE-2016-4202, CVE-2016-4203, CVE-2016-4204, CVE-2016-4205, CVE-2016-4206, CVE-2016-4207, CVE-2016-4208, CVE-2016-4211, CVE-2016-4212, CVE-2016-4213, CVE-2016-4250, CVE-2016-4251, CVE-2016-4252, and CVE-2016-4254."
},
{
"lang": "es",
"value": "Adobe Reader y Acrobat en versiones anteriores a 11.0.17, Acrobat y Acrobat Reader DC Classic en versiones anteriores a 15.006.30198, y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 15.017.20050 on Windows y OS X permiten a atacantes ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-4191, CVE-2016-4192, CVE-2016-4193, CVE-2016-4194, CVE-2016-4195, CVE-2016-4196, CVE-2016-4197, CVE-2016-4198, CVE-2016-4199, CVE-2016-4200, CVE-2016-4201, CVE-2016-4202, CVE-2016-4203, CVE-2016-4204, CVE-2016-4205, CVE-2016-4206, CVE-2016-4207, CVE-2016-4208, CVE-2016-4211, CVE-2016-4212, CVE-2016-4213, CVE-2016-4250, CVE-2016-4251, CVE-2016-4252, y CVE-2016-4254."
}
],
"id": "CVE-2016-4214",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-07-13T02:00:23.087",
"references": [
{
"source": "psirt@adobe.com",
"url": "http://www.securityfocus.com/bid/91716"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1036281"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/91716"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1036281"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-10-13 20:00
Modified
2025-04-12 10:46
Severity ?
Summary
Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | mac_os_x | * | |
| microsoft | windows | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CE518B7B-656F-42F8-BF38-F74B8D9CF5DE",
"versionEndIncluding": "11.0.17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "56758CE4-B394-41C2-9EF9-A00022DA7257",
"versionEndIncluding": "15.006.30201",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "B3F34EB4-2203-4BA8-9729-C1EB2DEEC334",
"versionEndIncluding": "15.017.20053",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "08EAC1A2-56CE-4375-822A-9B8C43758654",
"versionEndIncluding": "15.006.30201",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "747D8222-B077-49A3-83EB-A210CAF0D094",
"versionEndIncluding": "15.017.20053",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0A07526D-9AD0-4778-B9DC-57815F9F450F",
"versionEndIncluding": "11.0.17",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019."
},
{
"lang": "es",
"value": "Adobe Reader y Acrobat en versiones anteriores a 11.0.18, Acrobat y Acrobat Reader DC Classic en versiones anteriores a 15.006.30243 y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 15.020.20039 en Windows y OS X permiten a atacantes ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018 y CVE-2016-7019."
}
],
"id": "CVE-2016-7014",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-10-13T20:00:54.533",
"references": [
{
"source": "psirt@adobe.com",
"url": "http://www.securityfocus.com/bid/93496"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/93496"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-10-13 19:59
Modified
2025-04-12 10:46
Severity ?
Summary
Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | mac_os_x | * | |
| microsoft | windows | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CE518B7B-656F-42F8-BF38-F74B8D9CF5DE",
"versionEndIncluding": "11.0.17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "56758CE4-B394-41C2-9EF9-A00022DA7257",
"versionEndIncluding": "15.006.30201",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "B3F34EB4-2203-4BA8-9729-C1EB2DEEC334",
"versionEndIncluding": "15.017.20053",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "08EAC1A2-56CE-4375-822A-9B8C43758654",
"versionEndIncluding": "15.006.30201",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "747D8222-B077-49A3-83EB-A210CAF0D094",
"versionEndIncluding": "15.017.20053",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0A07526D-9AD0-4778-B9DC-57815F9F450F",
"versionEndIncluding": "11.0.17",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019."
},
{
"lang": "es",
"value": "Adobe Reader y Acrobat en versiones anteriores a 11.0.18, Acrobat y Acrobat Reader DC Classic en versiones anteriores a 15.006.30243 y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 15.020.20039 en Windows y OS X permiten a atacantes ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018 y CVE-2016-7019."
}
],
"id": "CVE-2016-6950",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-10-13T19:59:20.533",
"references": [
{
"source": "psirt@adobe.com",
"url": "http://www.securityfocus.com/bid/93496"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/93496"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-07-13 02:00
Modified
2025-04-12 10:46
Severity ?
Summary
Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4191, CVE-2016-4192, CVE-2016-4193, CVE-2016-4194, CVE-2016-4195, CVE-2016-4196, CVE-2016-4197, CVE-2016-4198, CVE-2016-4199, CVE-2016-4200, CVE-2016-4201, CVE-2016-4202, CVE-2016-4204, CVE-2016-4205, CVE-2016-4206, CVE-2016-4207, CVE-2016-4208, CVE-2016-4211, CVE-2016-4212, CVE-2016-4213, CVE-2016-4214, CVE-2016-4250, CVE-2016-4251, CVE-2016-4252, and CVE-2016-4254.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | mac_os_x | * | |
| microsoft | windows | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "48F7FCE4-6C44-45DA-B1F0-7808F497AA93",
"versionEndIncluding": "11.0.16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "3F3C7F23-77F4-4698-8E74-72917F2A83E9",
"versionEndIncluding": "15.006.30174",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "2E46BF91-F475-46CB-8575-13FE3A57BD55",
"versionEndIncluding": "15.016.20045",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "6D455EA4-9459-471D-8B4E-D7D78C1772F3",
"versionEndIncluding": "15.006.30174",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "79074ABD-9720-4298-A680-0B636FFC6151",
"versionEndIncluding": "15.016.20045",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CD2EDEC-3767-4713-ACD7-D463DAE2D273",
"versionEndIncluding": "11.0.16",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4191, CVE-2016-4192, CVE-2016-4193, CVE-2016-4194, CVE-2016-4195, CVE-2016-4196, CVE-2016-4197, CVE-2016-4198, CVE-2016-4199, CVE-2016-4200, CVE-2016-4201, CVE-2016-4202, CVE-2016-4204, CVE-2016-4205, CVE-2016-4206, CVE-2016-4207, CVE-2016-4208, CVE-2016-4211, CVE-2016-4212, CVE-2016-4213, CVE-2016-4214, CVE-2016-4250, CVE-2016-4251, CVE-2016-4252, and CVE-2016-4254."
},
{
"lang": "es",
"value": "Adobe Reader y Acrobat en versiones anteriores a 11.0.17, Acrobat y Acrobat Reader DC Classic en versiones anteriores a 15.006.30198 y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 15.017.20050 en Windows y OS X permiten a atacantes ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-4191, CVE-2016-4192, CVE-2016-4193, CVE-2016-4194, CVE-2016-4195, CVE-2016-4196, CVE-2016-4197, CVE-2016-4198, CVE-2016-4199, CVE-2016-4200, CVE-2016-4201, CVE-2016-4202, CVE-2016-4204, CVE-2016-4205, CVE-2016-4206, CVE-2016-4207, CVE-2016-4208, CVE-2016-4211, CVE-2016-4212, CVE-2016-4213, CVE-2016-4214, CVE-2016-4250, CVE-2016-4251, CVE-2016-4252 y CVE-2016-4254."
}
],
"id": "CVE-2016-4203",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-07-13T02:00:13.213",
"references": [
{
"source": "psirt@adobe.com",
"url": "http://www.securityfocus.com/bid/91716"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1036281"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html"
},
{
"source": "psirt@adobe.com",
"url": "https://www.exploit-db.com/exploits/40097/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/91716"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1036281"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.exploit-db.com/exploits/40097/"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-04-12 14:59
Modified
2025-04-20 01:37
Severity ?
Summary
Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability in the JavaScript engine, related to string manipulation. Successful exploitation could lead to arbitrary code execution.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * | |
| apple | mac_os_x | * | |
| microsoft | windows | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "920C2C98-5D86-4436-BEFF-54D9A41D43C8",
"versionEndIncluding": "11.0.19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "E065F497-3396-4F95-B19F-35628C8AA570",
"versionEndIncluding": "15.006.30280",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "FAC7EE17-469A-45D6-94B1-7C84E8727A06",
"versionEndIncluding": "15.023.20070",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "EF2B91EA-41D3-4054-958C-5F174D2ADDF0",
"versionEndIncluding": "15.006.30280",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "2E18E48C-BDDD-4A01-91F1-C233D53C0978",
"versionEndIncluding": "15.023.20070",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E65E415E-1C3C-472E-9750-3295B65CC6F0",
"versionEndIncluding": "11.0.19",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability in the JavaScript engine, related to string manipulation. Successful exploitation could lead to arbitrary code execution."
},
{
"lang": "es",
"value": "Las versiones de Adobe Acrobat Reader 11.0.19 y anteriores, 15.006.30280 y anteriores, 15.023.20070 y anteriores tienen una vulnerabilidad de corrupci\u00f3n de memoria explotable en el motor de JavaScript, relacionada con la manipulaci\u00f3n de cadenas. Una explotaci\u00f3n exitosa podr\u00eda conducir a la ejecuci\u00f3n arbitraria de c\u00f3digo."
}
],
"id": "CVE-2017-3056",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-04-12T14:59:02.983",
"references": [
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/97556"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1038228"
},
{
"source": "psirt@adobe.com",
"tags": [
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/97556"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1038228"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-08-11 19:29
Modified
2025-04-20 01:37
Severity ?
Summary
Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conversion engine when processing JPEG 2000 (JP2) code stream data. Successful exploitation could lead to arbitrary code execution.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| psirt@adobe.com | http://www.securityfocus.com/bid/100179 | Third Party Advisory, VDB Entry | |
| psirt@adobe.com | http://www.securitytracker.com/id/1039098 | Third Party Advisory, VDB Entry | |
| psirt@adobe.com | https://helpx.adobe.com/security/products/acrobat/apsb17-24.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/100179 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1039098 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://helpx.adobe.com/security/products/acrobat/apsb17-24.html | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| adobe | acrobat | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * | |
| apple | mac_os_x | * | |
| microsoft | windows | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A30D9514-FE2E-4A9C-9500-16890F53E970",
"versionEndIncluding": "11.0.20",
"versionStartIncluding": "11.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7C9B6745-48B3-47D5-B624-3321E9058FB6",
"versionEndIncluding": "17.011.30066",
"versionStartIncluding": "17.011.00000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "99D08096-DEEA-4409-835A-68479002FF0F",
"versionEndIncluding": "15.006.30306",
"versionStartIncluding": "15.006.30060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "C7A7FA12-9250-4E26-87AE-D5413A1B7D83",
"versionEndIncluding": "17.009.20058",
"versionStartIncluding": "15.007.20033",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "11A0E83A-9D77-4A0B-90DE-386D21D54146",
"versionEndIncluding": "17.011.30066",
"versionStartIncluding": "17.011.00000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "0E4BAFB4-C5F3-4033-9876-AC3CF37206F8",
"versionEndIncluding": "15.006.30306",
"versionStartIncluding": "15.006.30060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "7C578153-11EF-4F8D-9137-4F7AB8024D7E",
"versionEndIncluding": "17.009.20058",
"versionStartIncluding": "15.007.20033",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1F87CC97-6ED7-4AF1-B7B7-F89EA09A68DB",
"versionEndIncluding": "11.0.20",
"versionStartIncluding": "11.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conversion engine when processing JPEG 2000 (JP2) code stream data. Successful exploitation could lead to arbitrary code execution."
},
{
"lang": "es",
"value": "Adobe Acrobat Reader 2017.009.20058 y anteriores, 2017.008.30051 y anteriores, 2015.006.30306 y anteriores, y 11.0.20 y anteriores tiene una vulnerabilidad de corrupci\u00f3n de memoria en el motor de conversi\u00f3n de imagen cuando procesa datos de secuencias de c\u00f3digo JPEG 2000 (JP2). La explotaci\u00f3n con \u00e9xito de esta vulnerabilidad podr\u00eda permitir la ejecuci\u00f3n arbitraria de c\u00f3digo."
}
],
"id": "CVE-2017-11228",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-08-11T19:29:00.710",
"references": [
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/100179"
},
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039098"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/100179"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039098"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-01-11 04:59
Modified
2025-04-20 01:37
Severity ?
Summary
Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable memory corruption vulnerability when processing Compact Font Format data. Successful exploitation could lead to arbitrary code execution.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * | |
| apple | mac_os_x | * | |
| microsoft | windows | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "591061D5-5A3B-4788-9219-E6A267C7F205",
"versionEndIncluding": "11.0.18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "2DA73DF1-D517-4D01-A901-11C6A410F3F7",
"versionEndIncluding": "15.006.30244",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "1044057B-3C1D-4920-B16E-11E8F43B416D",
"versionEndIncluding": "15.020.20042",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "65AE21B3-AF0D-480B-9D1A-4D64D2F749D2",
"versionEndIncluding": "15.006.30244",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "C032D3A4-80F5-4066-97DC-3AED72D6C15A",
"versionEndIncluding": "15.020.20042",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8D7F2E90-F6DF-41A3-A1DB-26058BEA2A02",
"versionEndIncluding": "11.0.18",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable memory corruption vulnerability when processing Compact Font Format data. Successful exploitation could lead to arbitrary code execution."
},
{
"lang": "es",
"value": "Las versiones de Adobe Acrobat Reader 15.020.20042 y anteriores, 15.006.30244 y anteriores, 11.0.18 y anteriores tienen una vulnerabilidad de corrupci\u00f3n de memoria explotable cuando procesa datos Compact Font Format. Una explotaci\u00f3n satisfactoria podr\u00eda conducir a la ejecuci\u00f3n de c\u00f3digo arbitrario."
}
],
"id": "CVE-2017-2941",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-01-11T04:59:00.850",
"references": [
{
"source": "psirt@adobe.com",
"url": "http://www.securityfocus.com/bid/95345"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1037574"
},
{
"source": "psirt@adobe.com",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-17-002"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/95345"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1037574"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-17-002"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-10-13 20:00
Modified
2025-04-12 10:46
Severity ?
Summary
Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | mac_os_x | * | |
| microsoft | windows | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CE518B7B-656F-42F8-BF38-F74B8D9CF5DE",
"versionEndIncluding": "11.0.17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "56758CE4-B394-41C2-9EF9-A00022DA7257",
"versionEndIncluding": "15.006.30201",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "B3F34EB4-2203-4BA8-9729-C1EB2DEEC334",
"versionEndIncluding": "15.017.20053",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "08EAC1A2-56CE-4375-822A-9B8C43758654",
"versionEndIncluding": "15.006.30201",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "747D8222-B077-49A3-83EB-A210CAF0D094",
"versionEndIncluding": "15.017.20053",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0A07526D-9AD0-4778-B9DC-57815F9F450F",
"versionEndIncluding": "11.0.17",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019."
},
{
"lang": "es",
"value": "Adobe Reader y Acrobat en versiones anteriores a 11.0.18, Acrobat y Acrobat Reader DC Classic en versiones anteriores a 15.006.30243 y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 15.020.20039 en Windows y OS X permiten a atacantes ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018 y CVE-2016-7019."
}
],
"id": "CVE-2016-6996",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-10-13T20:00:20.743",
"references": [
{
"source": "psirt@adobe.com",
"url": "http://www.securityfocus.com/bid/93496"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/93496"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-07-13 02:00
Modified
2025-04-12 10:46
Severity ?
Summary
Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to bypass JavaScript API execution restrictions via unspecified vectors.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | mac_os_x | * | |
| microsoft | windows | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "48F7FCE4-6C44-45DA-B1F0-7808F497AA93",
"versionEndIncluding": "11.0.16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "3F3C7F23-77F4-4698-8E74-72917F2A83E9",
"versionEndIncluding": "15.006.30174",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "2E46BF91-F475-46CB-8575-13FE3A57BD55",
"versionEndIncluding": "15.016.20045",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "6D455EA4-9459-471D-8B4E-D7D78C1772F3",
"versionEndIncluding": "15.006.30174",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "79074ABD-9720-4298-A680-0B636FFC6151",
"versionEndIncluding": "15.016.20045",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CD2EDEC-3767-4713-ACD7-D463DAE2D273",
"versionEndIncluding": "11.0.16",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to bypass JavaScript API execution restrictions via unspecified vectors."
},
{
"lang": "es",
"value": "Adobe Reader y Acrobat en versiones anteriores a 11.0.17, Acrobat y Acrobat Reader DC Classic en versiones anteriores a 15.006.30198, y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 15.017.20050 en Windows y OS X permiten a atacantes eludir las restricciones de ejecuci\u00f3n JavaScript API a trav\u00e9s de vectores no especificados."
}
],
"id": "CVE-2016-4215",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-07-13T02:00:23.947",
"references": [
{
"source": "psirt@adobe.com",
"url": "http://www.securityfocus.com/bid/91712"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1036281"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/91712"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1036281"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-254"
},
{
"lang": "en",
"value": "CWE-284"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-10-13 20:00
Modified
2025-04-12 10:46
Severity ?
Summary
Integer overflow in Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | mac_os_x | * | |
| microsoft | windows | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CE518B7B-656F-42F8-BF38-F74B8D9CF5DE",
"versionEndIncluding": "11.0.17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "56758CE4-B394-41C2-9EF9-A00022DA7257",
"versionEndIncluding": "15.006.30201",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "B3F34EB4-2203-4BA8-9729-C1EB2DEEC334",
"versionEndIncluding": "15.017.20053",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "08EAC1A2-56CE-4375-822A-9B8C43758654",
"versionEndIncluding": "15.006.30201",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "747D8222-B077-49A3-83EB-A210CAF0D094",
"versionEndIncluding": "15.017.20053",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0A07526D-9AD0-4778-B9DC-57815F9F450F",
"versionEndIncluding": "11.0.17",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Integer overflow in Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors."
},
{
"lang": "es",
"value": "Desbordamiento de entero en Adobe Reader y Acrobat en versiones anteriores a 11.0.18, Acrobat y Acrobat Reader DC Classic en versiones anteriores a 15.006.30243 y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 15.020.20039 en Windows y OS X permite a atacantes ejecutar c\u00f3digo arbitrario a trav\u00e9s de vectores no especificados."
}
],
"id": "CVE-2016-6999",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-10-13T20:00:27.920",
"references": [
{
"source": "psirt@adobe.com",
"url": "http://www.securityfocus.com/bid/93495"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/93495"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-190"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-05-11 11:00
Modified
2025-04-12 10:46
Severity ?
Summary
Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | mac_os_x | * | |
| microsoft | windows | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3A70458C-0416-49BD-A371-1CFA85DC6A13",
"versionEndIncluding": "11.0.15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "E91D5928-1453-4359-9F35-46D9A3A9CD91",
"versionEndIncluding": "15.006.30121",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "504D35C5-04CB-4FBD-B9FD-4CBA71A5EC1A",
"versionEndIncluding": "15.010.20060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "A63411C3-E8AE-415D-B1B6-1EA6AA20494A",
"versionEndIncluding": "15.006.30121",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "B33BAE59-1F77-4F21-A5C0-B5D9D1D67F1E",
"versionEndIncluding": "15.010.20060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "15C60A67-A7DE-4B57-BC2B-28D9B546DA3B",
"versionEndIncluding": "11.0.15",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105."
},
{
"lang": "es",
"value": "Adobe Reader y Acrobat en versiones anteriores a 11.0.16, Acrobat y Acrobat Reader DC Classic en versiones anteriores a 15.006.30172 y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 15.016.20039 sobre Windows y OS X permiten a atacantes ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104 y CVE-2016-4105."
}
],
"id": "CVE-2016-1116",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-05-11T11:00:24.857",
"references": [
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-10-13 20:00
Modified
2025-04-12 10:46
Severity ?
Summary
Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7018, and CVE-2016-7019.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | mac_os_x | * | |
| microsoft | windows | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CE518B7B-656F-42F8-BF38-F74B8D9CF5DE",
"versionEndIncluding": "11.0.17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "56758CE4-B394-41C2-9EF9-A00022DA7257",
"versionEndIncluding": "15.006.30201",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "B3F34EB4-2203-4BA8-9729-C1EB2DEEC334",
"versionEndIncluding": "15.017.20053",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "08EAC1A2-56CE-4375-822A-9B8C43758654",
"versionEndIncluding": "15.006.30201",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "747D8222-B077-49A3-83EB-A210CAF0D094",
"versionEndIncluding": "15.017.20053",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0A07526D-9AD0-4778-B9DC-57815F9F450F",
"versionEndIncluding": "11.0.17",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7018, and CVE-2016-7019."
},
{
"lang": "es",
"value": "Adobe Reader y Acrobat en versiones anteriores a 11.0.18, Acrobat y Acrobat Reader DC Classic en versiones anteriores a 15.006.30243 y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 15.020.20039 en Windows y OS X permiten a atacantes ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7018 y CVE-2016-7019."
}
],
"id": "CVE-2016-7017",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-10-13T20:00:59.180",
"references": [
{
"source": "psirt@adobe.com",
"url": "http://www.securityfocus.com/bid/93496"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/93496"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-07-13 02:00
Modified
2025-04-12 10:46
Severity ?
Summary
Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4191, CVE-2016-4192, CVE-2016-4193, CVE-2016-4194, CVE-2016-4195, CVE-2016-4196, CVE-2016-4197, CVE-2016-4198, CVE-2016-4199, CVE-2016-4200, CVE-2016-4201, CVE-2016-4202, CVE-2016-4203, CVE-2016-4204, CVE-2016-4205, CVE-2016-4206, CVE-2016-4207, CVE-2016-4208, CVE-2016-4211, CVE-2016-4212, CVE-2016-4213, CVE-2016-4214, CVE-2016-4251, CVE-2016-4252, and CVE-2016-4254.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | mac_os_x | * | |
| microsoft | windows | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "48F7FCE4-6C44-45DA-B1F0-7808F497AA93",
"versionEndIncluding": "11.0.16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "3F3C7F23-77F4-4698-8E74-72917F2A83E9",
"versionEndIncluding": "15.006.30174",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "2E46BF91-F475-46CB-8575-13FE3A57BD55",
"versionEndIncluding": "15.016.20045",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "6D455EA4-9459-471D-8B4E-D7D78C1772F3",
"versionEndIncluding": "15.006.30174",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "79074ABD-9720-4298-A680-0B636FFC6151",
"versionEndIncluding": "15.016.20045",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CD2EDEC-3767-4713-ACD7-D463DAE2D273",
"versionEndIncluding": "11.0.16",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4191, CVE-2016-4192, CVE-2016-4193, CVE-2016-4194, CVE-2016-4195, CVE-2016-4196, CVE-2016-4197, CVE-2016-4198, CVE-2016-4199, CVE-2016-4200, CVE-2016-4201, CVE-2016-4202, CVE-2016-4203, CVE-2016-4204, CVE-2016-4205, CVE-2016-4206, CVE-2016-4207, CVE-2016-4208, CVE-2016-4211, CVE-2016-4212, CVE-2016-4213, CVE-2016-4214, CVE-2016-4251, CVE-2016-4252, and CVE-2016-4254."
},
{
"lang": "es",
"value": "Adobe Reader y Acrobat en versiones anteriores a 11.0.17, Acrobat y Acrobat Reader DC Classic en versiones anteriores a 15.006.30198 y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 15.017.20050 en Windows y OS X permiten a atacantes ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-4191, CVE-2016-4192, CVE-2016-4193, CVE-2016-4194, CVE-2016-4195, CVE-2016-4196, CVE-2016-4197, CVE-2016-4198, CVE-2016-4199, CVE-2016-4200, CVE-2016-4201, CVE-2016-4202, CVE-2016-4203, CVE-2016-4204, CVE-2016-4205, CVE-2016-4206, CVE-2016-4207, CVE-2016-4208, CVE-2016-4211, CVE-2016-4212, CVE-2016-4213, CVE-2016-4214, CVE-2016-4251, CVE-2016-4252 y CVE-2016-4254."
}
],
"id": "CVE-2016-4250",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-07-13T02:00:56.500",
"references": [
{
"source": "psirt@adobe.com",
"url": "http://www.securityfocus.com/bid/91716"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1036281"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/91716"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1036281"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2012-01-10 21:55
Modified
2025-04-11 00:51
Severity ?
Summary
Adobe Reader and Acrobat before 9.5, and 10.x before 10.1.2, on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| psirt@adobe.com | http://www.adobe.com/support/security/bulletins/apsb12-01.html | Patch, Vendor Advisory | |
| psirt@adobe.com | http://www.securityfocus.com/bid/51351 | Broken Link, VDB Entry | |
| psirt@adobe.com | http://www.securitytracker.com/id?1026496 | Broken Link, VDB Entry | |
| psirt@adobe.com | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14809 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.adobe.com/support/security/bulletins/apsb12-01.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/51351 | Broken Link, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id?1026496 | Broken Link, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14809 | Third Party Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A70868B3-F3C5-4DC0-9013-78E77F424109",
"versionEndIncluding": "10.1.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EA1F1816-CFFC-45BF-A193-35F4A07C2EF7",
"versionEndIncluding": "10.1.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4C56F007-5F8E-4BDD-A803-C907BCC0AF55",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E63E65B1-5E44-4ADD-A692-20877FA22057",
"versionEndIncluding": "9.4.6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:9.4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "314014C8-527A-4D6D-B9BF-30084178C9B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "45B31326-A27E-42EA-B8D6-FE7165111A55",
"versionEndIncluding": "9.4.6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:9.4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "F1DE8E04-ACEC-4D43-B65C-C74C8020FB50",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "758BD624-4D03-40C9-8F03-F0F9A7A5DE99",
"versionEndIncluding": "9.4.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:9.4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "0335CEAA-ED55-46AA-98D9-693733CDA68C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BCAF5003-4BF0-4C1B-A153-9FC76D64CB44",
"versionEndIncluding": "9.4.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:9.4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "8C2303F4-5AD9-4863-A42B-FBB618AB73DD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*",
"matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 9.5, and 10.x before 10.1.2, on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors."
},
{
"lang": "es",
"value": "Adobe Reader y Adobe Acrobat antes de v9.5, y v10.x antes de v10.1.2 bajo Windows y Mac OS X permiten a los atacantes ejecutar c\u00f3digo de su elecci\u00f3n o causar una denegaci\u00f3n de servicio (por corrupci\u00f3n de memoria din\u00e1mica) a trav\u00e9s de vectores no especificados."
}
],
"id": "CVE-2011-4371",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-01-10T21:55:01.057",
"references": [
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.adobe.com/support/security/bulletins/apsb12-01.html"
},
{
"source": "psirt@adobe.com",
"tags": [
"Broken Link",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/51351"
},
{
"source": "psirt@adobe.com",
"tags": [
"Broken Link",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id?1026496"
},
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14809"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.adobe.com/support/security/bulletins/apsb12-01.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/51351"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id?1026496"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14809"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-07-13 02:00
Modified
2025-04-12 10:46
Severity ?
Summary
Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4191, CVE-2016-4192, CVE-2016-4193, CVE-2016-4194, CVE-2016-4195, CVE-2016-4196, CVE-2016-4197, CVE-2016-4199, CVE-2016-4200, CVE-2016-4201, CVE-2016-4202, CVE-2016-4203, CVE-2016-4204, CVE-2016-4205, CVE-2016-4206, CVE-2016-4207, CVE-2016-4208, CVE-2016-4211, CVE-2016-4212, CVE-2016-4213, CVE-2016-4214, CVE-2016-4250, CVE-2016-4251, CVE-2016-4252, and CVE-2016-4254.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | mac_os_x | * | |
| microsoft | windows | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "48F7FCE4-6C44-45DA-B1F0-7808F497AA93",
"versionEndIncluding": "11.0.16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "3F3C7F23-77F4-4698-8E74-72917F2A83E9",
"versionEndIncluding": "15.006.30174",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "2E46BF91-F475-46CB-8575-13FE3A57BD55",
"versionEndIncluding": "15.016.20045",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "6D455EA4-9459-471D-8B4E-D7D78C1772F3",
"versionEndIncluding": "15.006.30174",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "79074ABD-9720-4298-A680-0B636FFC6151",
"versionEndIncluding": "15.016.20045",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CD2EDEC-3767-4713-ACD7-D463DAE2D273",
"versionEndIncluding": "11.0.16",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4191, CVE-2016-4192, CVE-2016-4193, CVE-2016-4194, CVE-2016-4195, CVE-2016-4196, CVE-2016-4197, CVE-2016-4199, CVE-2016-4200, CVE-2016-4201, CVE-2016-4202, CVE-2016-4203, CVE-2016-4204, CVE-2016-4205, CVE-2016-4206, CVE-2016-4207, CVE-2016-4208, CVE-2016-4211, CVE-2016-4212, CVE-2016-4213, CVE-2016-4214, CVE-2016-4250, CVE-2016-4251, CVE-2016-4252, and CVE-2016-4254."
},
{
"lang": "es",
"value": "Adobe Reader y Acrobat en versiones anteriores a 11.0.17, Acrobat y Acrobat Reader DC Classic en versiones anteriores a 15.006.30198 y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 15.017.20050 en Windows y OS X permiten a atacantes ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-4191, CVE-2016-4192, CVE-2016-4193, CVE-2016-4194, CVE-2016-4195, CVE-2016-4196, CVE-2016-4197, CVE-2016-4199, CVE-2016-4200, CVE-2016-4201, CVE-2016-4202, CVE-2016-4203, CVE-2016-4204, CVE-2016-4205, CVE-2016-4206, CVE-2016-4207, CVE-2016-4208, CVE-2016-4211, CVE-2016-4212, CVE-2016-4213, CVE-2016-4214, CVE-2016-4250, CVE-2016-4251, CVE-2016-4252 y CVE-2016-4254."
}
],
"id": "CVE-2016-4198",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-07-13T02:00:08.383",
"references": [
{
"source": "psirt@adobe.com",
"url": "http://www.securityfocus.com/bid/91716"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1036281"
},
{
"source": "psirt@adobe.com",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-422"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/91716"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1036281"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-422"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-01-11 04:59
Modified
2025-04-20 01:37
Severity ?
Summary
Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable memory corruption vulnerability in the image conversion engine, related to the parsing of JPEG EXIF metadata. Successful exploitation could lead to arbitrary code execution.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * | |
| apple | mac_os_x | * | |
| microsoft | windows | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "591061D5-5A3B-4788-9219-E6A267C7F205",
"versionEndIncluding": "11.0.18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "2DA73DF1-D517-4D01-A901-11C6A410F3F7",
"versionEndIncluding": "15.006.30244",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "1044057B-3C1D-4920-B16E-11E8F43B416D",
"versionEndIncluding": "15.020.20042",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "65AE21B3-AF0D-480B-9D1A-4D64D2F749D2",
"versionEndIncluding": "15.006.30244",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "C032D3A4-80F5-4066-97DC-3AED72D6C15A",
"versionEndIncluding": "15.020.20042",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8D7F2E90-F6DF-41A3-A1DB-26058BEA2A02",
"versionEndIncluding": "11.0.18",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable memory corruption vulnerability in the image conversion engine, related to the parsing of JPEG EXIF metadata. Successful exploitation could lead to arbitrary code execution."
},
{
"lang": "es",
"value": "Las versiones de Adobe Acrobat Reader 15.020.20042 y anteriores, 15.006.30244 y anteriores, 11.0.18 y anteriores tienen una vulnerabilidad de corrupci\u00f3n de memoria explotable en el motor de conversi\u00f3n de im\u00e1genes, relacionado con el an\u00e1lisis de metadatos de JPEG EXIF. Una explotaci\u00f3n satisfactoria podr\u00eda conducir a la ejecuci\u00f3n de c\u00f3digo arbitrario."
}
],
"id": "CVE-2017-2964",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-01-11T04:59:02.070",
"references": [
{
"source": "psirt@adobe.com",
"url": "http://www.securityfocus.com/bid/95345"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1037574"
},
{
"source": "psirt@adobe.com",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-17-014"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/95345"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1037574"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-17-014"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-03-31 16:59
Modified
2025-04-20 01:37
Severity ?
Summary
Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable buffer overflow vulnerability in the JPEG2000 parser. Successful exploitation could lead to information disclosure.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| psirt@adobe.com | http://www.securityfocus.com/bid/97302 | Third Party Advisory, VDB Entry | |
| psirt@adobe.com | https://helpx.adobe.com/security/products/acrobat/apsb17-01.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/97302 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://helpx.adobe.com/security/products/acrobat/apsb17-01.html | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * | |
| apple | macos | - | |
| microsoft | windows | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "79C92CAE-E238-4450-A9D1-6AD35F006BD1",
"versionEndIncluding": "11.0.18",
"versionStartIncluding": "11.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "A5543934-84E5-4927-850D-ADEFCE150E77",
"versionEndIncluding": "15.006.30244",
"versionStartIncluding": "15.000.0000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "7D2CC936-AACB-42DA-95F6-C2567E209DF2",
"versionEndIncluding": "15.020.20042",
"versionStartIncluding": "15.000.0000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "E23E66EF-B335-473B-8895-9F392B9FA1CE",
"versionEndIncluding": "15.006.30244",
"versionStartIncluding": "15.000.0000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "DCE94D04-159C-400F-B2E7-532BBFD1B1BB",
"versionEndIncluding": "15.020.20042",
"versionStartIncluding": "15.000.0000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0755CB59-C529-42FF-8CC3-0595D3B440EE",
"versionEndIncluding": "11.0.18",
"versionStartIncluding": "11.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*",
"matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable buffer overflow vulnerability in the JPEG2000 parser. Successful exploitation could lead to information disclosure."
},
{
"lang": "es",
"value": "Adobe Acrobat Reader versiones 15.020.20042 y en versiones anteriores a 15.006.30244 y en versiones anteriores a 11.0.18 y versiones anteriores tienen una vulnerabilidad explotable de desbordamiento de b\u00fafer en el analizador JPEG2000. Una explotaci\u00f3n exitosa podr\u00eda conducir a la divulgaci\u00f3n de informaci\u00f3n."
}
],
"id": "CVE-2017-3009",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-03-31T16:59:00.520",
"references": [
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/97302"
},
{
"source": "psirt@adobe.com",
"tags": [
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/97302"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-07-13 02:00
Modified
2025-04-12 10:46
Severity ?
Summary
Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4191, CVE-2016-4193, CVE-2016-4194, CVE-2016-4195, CVE-2016-4196, CVE-2016-4197, CVE-2016-4198, CVE-2016-4199, CVE-2016-4200, CVE-2016-4201, CVE-2016-4202, CVE-2016-4203, CVE-2016-4204, CVE-2016-4205, CVE-2016-4206, CVE-2016-4207, CVE-2016-4208, CVE-2016-4211, CVE-2016-4212, CVE-2016-4213, CVE-2016-4214, CVE-2016-4250, CVE-2016-4251, CVE-2016-4252, and CVE-2016-4254.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | mac_os_x | * | |
| microsoft | windows | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "48F7FCE4-6C44-45DA-B1F0-7808F497AA93",
"versionEndIncluding": "11.0.16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "3F3C7F23-77F4-4698-8E74-72917F2A83E9",
"versionEndIncluding": "15.006.30174",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "2E46BF91-F475-46CB-8575-13FE3A57BD55",
"versionEndIncluding": "15.016.20045",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "6D455EA4-9459-471D-8B4E-D7D78C1772F3",
"versionEndIncluding": "15.006.30174",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "79074ABD-9720-4298-A680-0B636FFC6151",
"versionEndIncluding": "15.016.20045",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CD2EDEC-3767-4713-ACD7-D463DAE2D273",
"versionEndIncluding": "11.0.16",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4191, CVE-2016-4193, CVE-2016-4194, CVE-2016-4195, CVE-2016-4196, CVE-2016-4197, CVE-2016-4198, CVE-2016-4199, CVE-2016-4200, CVE-2016-4201, CVE-2016-4202, CVE-2016-4203, CVE-2016-4204, CVE-2016-4205, CVE-2016-4206, CVE-2016-4207, CVE-2016-4208, CVE-2016-4211, CVE-2016-4212, CVE-2016-4213, CVE-2016-4214, CVE-2016-4250, CVE-2016-4251, CVE-2016-4252, and CVE-2016-4254."
},
{
"lang": "es",
"value": "Adobe Reader y Acrobat en versiones anteriores a 11.0.17, Acrobat y Acrobat Reader DC Classic en versiones anteriores a 15.006.30198 y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 15.017.20050 en Windows y OS X permiten a atacantes ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-4191, CVE-2016-4193, CVE-2016-4194, CVE-2016-4195, CVE-2016-4196, CVE-2016-4197, CVE-2016-4198, CVE-2016-4199, CVE-2016-4200, CVE-2016-4201, CVE-2016-4202, CVE-2016-4203, CVE-2016-4204, CVE-2016-4205, CVE-2016-4206, CVE-2016-4207, CVE-2016-4208, CVE-2016-4211, CVE-2016-4212, CVE-2016-4213, CVE-2016-4214, CVE-2016-4250, CVE-2016-4251, CVE-2016-4252 y CVE-2016-4254."
}
],
"id": "CVE-2016-4192",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-07-13T02:00:01.977",
"references": [
{
"source": "psirt@adobe.com",
"url": "http://www.securityfocus.com/bid/91716"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1036281"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/91716"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1036281"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-10-13 19:59
Modified
2025-04-12 10:46
Severity ?
Summary
Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1089, CVE-2016-1091, CVE-2016-6944, CVE-2016-6946, CVE-2016-6949, CVE-2016-6952, CVE-2016-6953, CVE-2016-6961, CVE-2016-6962, CVE-2016-6963, CVE-2016-6964, CVE-2016-6965, CVE-2016-6967, CVE-2016-6968, CVE-2016-6969, CVE-2016-6971, CVE-2016-6979, CVE-2016-6988, and CVE-2016-6993.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | mac_os_x | * | |
| microsoft | windows | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CE518B7B-656F-42F8-BF38-F74B8D9CF5DE",
"versionEndIncluding": "11.0.17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "56758CE4-B394-41C2-9EF9-A00022DA7257",
"versionEndIncluding": "15.006.30201",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "B3F34EB4-2203-4BA8-9729-C1EB2DEEC334",
"versionEndIncluding": "15.017.20053",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "08EAC1A2-56CE-4375-822A-9B8C43758654",
"versionEndIncluding": "15.006.30201",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "747D8222-B077-49A3-83EB-A210CAF0D094",
"versionEndIncluding": "15.017.20053",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0A07526D-9AD0-4778-B9DC-57815F9F450F",
"versionEndIncluding": "11.0.17",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1089, CVE-2016-1091, CVE-2016-6944, CVE-2016-6946, CVE-2016-6949, CVE-2016-6952, CVE-2016-6953, CVE-2016-6961, CVE-2016-6962, CVE-2016-6963, CVE-2016-6964, CVE-2016-6965, CVE-2016-6967, CVE-2016-6968, CVE-2016-6969, CVE-2016-6971, CVE-2016-6979, CVE-2016-6988, and CVE-2016-6993."
},
{
"lang": "es",
"value": "Vulnerabilidad de uso despu\u00e9s de liberaci\u00f3n de memoria en Adobe Reader y Acrobat en versiones anteriores a 11.0.18, Acrobat y Acrobat Reader DC Classic en versiones anteriores a 15.006.30243 y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 15.020.20039 en Windows y OS X permite a atacantes ejecutar c\u00f3digo arbitrario a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-1089, CVE-2016-1091, CVE-2016-6944, CVE-2016-6946, CVE-2016-6949, CVE-2016-6952, CVE-2016-6953, CVE-2016-6961, CVE-2016-6962, CVE-2016-6963, CVE-2016-6964, CVE-2016-6965, CVE-2016-6967, CVE-2016-6968, CVE-2016-6969, CVE-2016-6971, CVE-2016-6979, CVE-2016-6988 y CVE-2016-6993."
}
],
"id": "CVE-2016-6945",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-10-13T19:59:14.230",
"references": [
{
"source": "psirt@adobe.com",
"url": "http://www.securityfocus.com/bid/93491"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/93491"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-416"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-05-11 11:00
Modified
2025-04-12 10:46
Severity ?
Summary
Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| psirt@adobe.com | http://www.securitytracker.com/id/1035828 | Third Party Advisory, VDB Entry | |
| psirt@adobe.com | https://helpx.adobe.com/security/products/acrobat/apsb16-14.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1035828 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://helpx.adobe.com/security/products/acrobat/apsb16-14.html | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | mac_os_x | * | |
| microsoft | windows | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3A70458C-0416-49BD-A371-1CFA85DC6A13",
"versionEndIncluding": "11.0.15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "E91D5928-1453-4359-9F35-46D9A3A9CD91",
"versionEndIncluding": "15.006.30121",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "504D35C5-04CB-4FBD-B9FD-4CBA71A5EC1A",
"versionEndIncluding": "15.010.20060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "A63411C3-E8AE-415D-B1B6-1EA6AA20494A",
"versionEndIncluding": "15.006.30121",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "B33BAE59-1F77-4F21-A5C0-B5D9D1D67F1E",
"versionEndIncluding": "15.010.20060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "15C60A67-A7DE-4B57-BC2B-28D9B546DA3B",
"versionEndIncluding": "11.0.15",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105."
},
{
"lang": "es",
"value": "Adobe Reader y Acrobat en versiones anteriores a 11.0.16, Acrobat y Acrobat Reader DC Classic en versiones anteriores a 15.006.30172 y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 15.016.20039 sobre Windows y OS X permiten a atacantes ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104 y CVE-2016-4105."
}
],
"id": "CVE-2016-4089",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-05-11T11:00:41.093",
"references": [
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1035828"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1035828"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-01-11 04:59
Modified
2025-04-20 01:37
Severity ?
Summary
Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have a security bypass vulnerability when manipulating Form Data Format (FDF).
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * | |
| apple | mac_os_x | * | |
| microsoft | windows | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "591061D5-5A3B-4788-9219-E6A267C7F205",
"versionEndIncluding": "11.0.18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "2DA73DF1-D517-4D01-A901-11C6A410F3F7",
"versionEndIncluding": "15.006.30244",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "1044057B-3C1D-4920-B16E-11E8F43B416D",
"versionEndIncluding": "15.020.20042",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "65AE21B3-AF0D-480B-9D1A-4D64D2F749D2",
"versionEndIncluding": "15.006.30244",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "C032D3A4-80F5-4066-97DC-3AED72D6C15A",
"versionEndIncluding": "15.020.20042",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8D7F2E90-F6DF-41A3-A1DB-26058BEA2A02",
"versionEndIncluding": "11.0.18",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have a security bypass vulnerability when manipulating Form Data Format (FDF)."
},
{
"lang": "es",
"value": "Las versiones de Adobe Acrobat Reader 15.020.20042 y anteriores, 15.006.30244 y anteriores, 11.0.18 y anteriores tienen una vulnerabilidad para eludir la seguridad cuando manipulan Form Data Format (FDF)."
}
],
"id": "CVE-2017-2947",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-01-11T04:59:01.147",
"references": [
{
"source": "psirt@adobe.com",
"url": "http://www.securityfocus.com/bid/95348"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1037574"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/95348"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1037574"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-04-12 14:59
Modified
2025-04-20 01:37
Severity ?
Summary
Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability in the JBIG2 image compression module. Successful exploitation could lead to arbitrary code execution.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * | |
| apple | mac_os_x | * | |
| microsoft | windows | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "920C2C98-5D86-4436-BEFF-54D9A41D43C8",
"versionEndIncluding": "11.0.19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "E065F497-3396-4F95-B19F-35628C8AA570",
"versionEndIncluding": "15.006.30280",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "FAC7EE17-469A-45D6-94B1-7C84E8727A06",
"versionEndIncluding": "15.023.20070",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "EF2B91EA-41D3-4054-958C-5F174D2ADDF0",
"versionEndIncluding": "15.006.30280",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "2E18E48C-BDDD-4A01-91F1-C233D53C0978",
"versionEndIncluding": "15.023.20070",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E65E415E-1C3C-472E-9750-3295B65CC6F0",
"versionEndIncluding": "11.0.19",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability in the JBIG2 image compression module. Successful exploitation could lead to arbitrary code execution."
},
{
"lang": "es",
"value": "Las versiones de Adobe Acrobat Reader 11.0.19 y anteriores, 15.006.30280 y anteriores, 15.023.20070 y anteriores tienen una vulnerabilidad de corrupci\u00f3n de memoria explotable en el m\u00f3dulo de compresi\u00f3n de im\u00e1genes JBIG2. Una explotaci\u00f3n exitosa podr\u00eda conducir a la ejecuci\u00f3n arbitraria de c\u00f3digo."
}
],
"id": "CVE-2017-3040",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-04-12T14:59:02.500",
"references": [
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/97556"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1038228"
},
{
"source": "psirt@adobe.com",
"tags": [
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/97556"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1038228"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-08-11 19:29
Modified
2025-04-20 01:37
Severity ?
Summary
Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has a security bypass vulnerability related to execution of malicious attachments.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| psirt@adobe.com | http://www.securityfocus.com/bid/100189 | Third Party Advisory, VDB Entry | |
| psirt@adobe.com | http://www.securitytracker.com/id/1039098 | Third Party Advisory, VDB Entry | |
| psirt@adobe.com | https://helpx.adobe.com/security/products/acrobat/apsb17-24.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/100189 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1039098 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://helpx.adobe.com/security/products/acrobat/apsb17-24.html | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * | |
| apple | mac_os_x | * | |
| microsoft | windows | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "841C1E2E-489F-452C-9512-C4976F7951ED",
"versionEndExcluding": "11.0.21",
"versionStartIncluding": "11.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "DD7E48BF-3FFF-4584-A3EF-4C3B671FF3E4",
"versionEndExcluding": "15.006.30355",
"versionStartIncluding": "15.000.0000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "AEAD8344-7386-4468-BD13-F3220B6EBA48",
"versionEndIncluding": "17.011.30066",
"versionStartIncluding": "17.000.0000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "4A939794-0D67-400D-AF40-5B09A747DA3B",
"versionEndExcluding": "17.012.20098",
"versionStartIncluding": "17.000.0000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "84C9A908-2F15-4B64-9627-32029DC93DCD",
"versionEndExcluding": "15.006.30355",
"versionStartIncluding": "15.000.0000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "28BC5560-D81A-4B5F-B38A-5BA6000E2586",
"versionEndExcluding": "17.011.30066",
"versionStartIncluding": "17.000.0000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "ADB953D4-4A78-4D43-BAD9-72BC7F3DF8D8",
"versionEndExcluding": "17.012.20098",
"versionStartIncluding": "17.000.0000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F6E71815-C6E4-465F-B484-C8C87543DEDC",
"versionEndExcluding": "11.0.21",
"versionStartIncluding": "11.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has a security bypass vulnerability related to execution of malicious attachments."
},
{
"lang": "es",
"value": "Adobe Acrobat Reader 2017.009.20058 y anteriores, 2017.008.30051 y anteriores, 2015.006.30306 y anteriores, y 11.0.20 y anteriores tiene una vulnerabilidad de omisi\u00f3n de seguridad relacionada con la ejecuci\u00f3n de archivos adjuntos maliciosos."
}
],
"id": "CVE-2017-3118",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-08-11T19:29:02.680",
"references": [
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/100189"
},
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039098"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/100189"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039098"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-07-13 02:00
Modified
2025-04-12 10:46
Severity ?
Summary
Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4191, CVE-2016-4192, CVE-2016-4193, CVE-2016-4195, CVE-2016-4196, CVE-2016-4197, CVE-2016-4198, CVE-2016-4199, CVE-2016-4200, CVE-2016-4201, CVE-2016-4202, CVE-2016-4203, CVE-2016-4204, CVE-2016-4205, CVE-2016-4206, CVE-2016-4207, CVE-2016-4208, CVE-2016-4211, CVE-2016-4212, CVE-2016-4213, CVE-2016-4214, CVE-2016-4250, CVE-2016-4251, CVE-2016-4252, and CVE-2016-4254.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | mac_os_x | * | |
| microsoft | windows | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "48F7FCE4-6C44-45DA-B1F0-7808F497AA93",
"versionEndIncluding": "11.0.16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "3F3C7F23-77F4-4698-8E74-72917F2A83E9",
"versionEndIncluding": "15.006.30174",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "2E46BF91-F475-46CB-8575-13FE3A57BD55",
"versionEndIncluding": "15.016.20045",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "6D455EA4-9459-471D-8B4E-D7D78C1772F3",
"versionEndIncluding": "15.006.30174",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "79074ABD-9720-4298-A680-0B636FFC6151",
"versionEndIncluding": "15.016.20045",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CD2EDEC-3767-4713-ACD7-D463DAE2D273",
"versionEndIncluding": "11.0.16",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4191, CVE-2016-4192, CVE-2016-4193, CVE-2016-4195, CVE-2016-4196, CVE-2016-4197, CVE-2016-4198, CVE-2016-4199, CVE-2016-4200, CVE-2016-4201, CVE-2016-4202, CVE-2016-4203, CVE-2016-4204, CVE-2016-4205, CVE-2016-4206, CVE-2016-4207, CVE-2016-4208, CVE-2016-4211, CVE-2016-4212, CVE-2016-4213, CVE-2016-4214, CVE-2016-4250, CVE-2016-4251, CVE-2016-4252, and CVE-2016-4254."
},
{
"lang": "es",
"value": "Adobe Reader y Acrobat en versiones anteriores a 11.0.17, Acrobat y Acrobat Reader DC Classic en versiones anteriores a 15.006.30198 y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 15.017.20050 en Windows y OS X permiten a atacantes ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-4191, CVE-2016-4192, CVE-2016-4193, CVE-2016-4195, CVE-2016-4196, CVE-2016-4197, CVE-2016-4198, CVE-2016-4199, CVE-2016-4200, CVE-2016-4201, CVE-2016-4202, CVE-2016-4203, CVE-2016-4204, CVE-2016-4205, CVE-2016-4206, CVE-2016-4207, CVE-2016-4208, CVE-2016-4211, CVE-2016-4212, CVE-2016-4213, CVE-2016-4214, CVE-2016-4250, CVE-2016-4251, CVE-2016-4252 y CVE-2016-4254."
}
],
"id": "CVE-2016-4194",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-07-13T02:00:04.193",
"references": [
{
"source": "psirt@adobe.com",
"url": "http://www.securityfocus.com/bid/91716"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1036281"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/91716"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1036281"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-05-11 10:59
Modified
2025-04-12 10:46
Severity ?
Summary
Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1045, CVE-2016-1046, CVE-2016-1047, CVE-2016-1048, CVE-2016-1049, CVE-2016-1050, CVE-2016-1051, CVE-2016-1052, CVE-2016-1053, CVE-2016-1054, CVE-2016-1055, CVE-2016-1056, CVE-2016-1057, CVE-2016-1058, CVE-2016-1059, CVE-2016-1061, CVE-2016-1065, CVE-2016-1066, CVE-2016-1067, CVE-2016-1068, CVE-2016-1069, CVE-2016-1070, CVE-2016-1075, CVE-2016-1094, CVE-2016-1121, CVE-2016-1122, CVE-2016-4102, and CVE-2016-4107.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | mac_os_x | * | |
| microsoft | windows | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3A70458C-0416-49BD-A371-1CFA85DC6A13",
"versionEndIncluding": "11.0.15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "E91D5928-1453-4359-9F35-46D9A3A9CD91",
"versionEndIncluding": "15.006.30121",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "504D35C5-04CB-4FBD-B9FD-4CBA71A5EC1A",
"versionEndIncluding": "15.010.20060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "A63411C3-E8AE-415D-B1B6-1EA6AA20494A",
"versionEndIncluding": "15.006.30121",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "B33BAE59-1F77-4F21-A5C0-B5D9D1D67F1E",
"versionEndIncluding": "15.010.20060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "15C60A67-A7DE-4B57-BC2B-28D9B546DA3B",
"versionEndIncluding": "11.0.15",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1045, CVE-2016-1046, CVE-2016-1047, CVE-2016-1048, CVE-2016-1049, CVE-2016-1050, CVE-2016-1051, CVE-2016-1052, CVE-2016-1053, CVE-2016-1054, CVE-2016-1055, CVE-2016-1056, CVE-2016-1057, CVE-2016-1058, CVE-2016-1059, CVE-2016-1061, CVE-2016-1065, CVE-2016-1066, CVE-2016-1067, CVE-2016-1068, CVE-2016-1069, CVE-2016-1070, CVE-2016-1075, CVE-2016-1094, CVE-2016-1121, CVE-2016-1122, CVE-2016-4102, and CVE-2016-4107."
},
{
"lang": "es",
"value": "Vulnerabilidad de uso despu\u00e9s de liberaci\u00f3n de memoria en Adobe Reader y Acrobat en versiones anteriores a 11.0.16, Acrobat y Acrobat Reader DC Classic en versiones anteriores a 15.006.30172 y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 15.016.20039 sobre Windows y OS X permite a atacantes ejecutar c\u00f3digo arbitrario a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-1045, CVE-2016-1046, CVE-2016-1047, CVE-2016-1048, CVE-2016-1049, CVE-2016-1050, CVE-2016-1051, CVE-2016-1052, CVE-2016-1053, CVE-2016-1054, CVE-2016-1055, CVE-2016-1056, CVE-2016-1057, CVE-2016-1058, CVE-2016-1059, CVE-2016-1061, CVE-2016-1065, CVE-2016-1066, CVE-2016-1067, CVE-2016-1068, CVE-2016-1069, CVE-2016-1070, CVE-2016-1075, CVE-2016-1094, CVE-2016-1121, CVE-2016-1122, CVE-2016-4102 y CVE-2016-4107."
}
],
"evaluatorComment": "\u003ca href=\"http://cwe.mitre.org/data/definitions/416.html\"\u003eCWE-416: Use After Free\u003c/a\u003e",
"id": "CVE-2016-1060",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-05-11T10:59:26.690",
"references": [
{
"source": "psirt@adobe.com",
"url": "http://www.securityfocus.com/bid/90512"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"source": "psirt@adobe.com",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-308"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/90512"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-308"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-08-11 19:29
Modified
2025-04-20 01:37
Severity ?
Summary
Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conversion engine when processing Enhanced Metafile Format (EMF) private data interpreted as a GIF image. Successful exploitation could lead to arbitrary code execution.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| psirt@adobe.com | http://www.securityfocus.com/bid/100179 | Third Party Advisory, VDB Entry | |
| psirt@adobe.com | http://www.securitytracker.com/id/1039098 | Third Party Advisory, VDB Entry | |
| psirt@adobe.com | https://helpx.adobe.com/security/products/acrobat/apsb17-24.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/100179 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1039098 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://helpx.adobe.com/security/products/acrobat/apsb17-24.html | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| adobe | acrobat | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * | |
| apple | mac_os_x | * | |
| microsoft | windows | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A30D9514-FE2E-4A9C-9500-16890F53E970",
"versionEndIncluding": "11.0.20",
"versionStartIncluding": "11.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7C9B6745-48B3-47D5-B624-3321E9058FB6",
"versionEndIncluding": "17.011.30066",
"versionStartIncluding": "17.011.00000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "99D08096-DEEA-4409-835A-68479002FF0F",
"versionEndIncluding": "15.006.30306",
"versionStartIncluding": "15.006.30060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "C7A7FA12-9250-4E26-87AE-D5413A1B7D83",
"versionEndIncluding": "17.009.20058",
"versionStartIncluding": "15.007.20033",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "11A0E83A-9D77-4A0B-90DE-386D21D54146",
"versionEndIncluding": "17.011.30066",
"versionStartIncluding": "17.011.00000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "0E4BAFB4-C5F3-4033-9876-AC3CF37206F8",
"versionEndIncluding": "15.006.30306",
"versionStartIncluding": "15.006.30060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "7C578153-11EF-4F8D-9137-4F7AB8024D7E",
"versionEndIncluding": "17.009.20058",
"versionStartIncluding": "15.007.20033",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1F87CC97-6ED7-4AF1-B7B7-F89EA09A68DB",
"versionEndIncluding": "11.0.20",
"versionStartIncluding": "11.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conversion engine when processing Enhanced Metafile Format (EMF) private data interpreted as a GIF image. Successful exploitation could lead to arbitrary code execution."
},
{
"lang": "es",
"value": "Adobe Acrobat Reader 2017.009.20058 y anteriores, 2017.008.30051 y anteriores, 2015.006.30306 y anteriores, y 11.0.20 y anteriores tiene una vulnerabilidad de corrupci\u00f3n de memoria en el motor de conversi\u00f3n de imagen cuando procesa datos privados Enhanced Metafile Format (EMF) interpretados como imagen GIF. La explotaci\u00f3n con \u00e9xito de esta vulnerabilidad podr\u00eda permitir la ejecuci\u00f3n arbitraria de c\u00f3digo."
}
],
"id": "CVE-2017-11260",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-08-11T19:29:01.617",
"references": [
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/100179"
},
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039098"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/100179"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039098"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-10-13 19:59
Modified
2025-04-12 10:46
Severity ?
Summary
Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1091, CVE-2016-6944, CVE-2016-6945, CVE-2016-6946, CVE-2016-6949, CVE-2016-6952, CVE-2016-6953, CVE-2016-6961, CVE-2016-6962, CVE-2016-6963, CVE-2016-6964, CVE-2016-6965, CVE-2016-6967, CVE-2016-6968, CVE-2016-6969, CVE-2016-6971, CVE-2016-6979, CVE-2016-6988, and CVE-2016-6993.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | mac_os_x | * | |
| microsoft | windows | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CE518B7B-656F-42F8-BF38-F74B8D9CF5DE",
"versionEndIncluding": "11.0.17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "56758CE4-B394-41C2-9EF9-A00022DA7257",
"versionEndIncluding": "15.006.30201",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "B3F34EB4-2203-4BA8-9729-C1EB2DEEC334",
"versionEndIncluding": "15.017.20053",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "08EAC1A2-56CE-4375-822A-9B8C43758654",
"versionEndIncluding": "15.006.30201",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "747D8222-B077-49A3-83EB-A210CAF0D094",
"versionEndIncluding": "15.017.20053",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0A07526D-9AD0-4778-B9DC-57815F9F450F",
"versionEndIncluding": "11.0.17",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1091, CVE-2016-6944, CVE-2016-6945, CVE-2016-6946, CVE-2016-6949, CVE-2016-6952, CVE-2016-6953, CVE-2016-6961, CVE-2016-6962, CVE-2016-6963, CVE-2016-6964, CVE-2016-6965, CVE-2016-6967, CVE-2016-6968, CVE-2016-6969, CVE-2016-6971, CVE-2016-6979, CVE-2016-6988, and CVE-2016-6993."
},
{
"lang": "es",
"value": "Vulnerabilidad de uso despu\u00e9s de liberaci\u00f3n de memoria en Adobe Reader y Acrobat en versiones anteriores a 11.0.18, Acrobat y Acrobat Reader DC Classic en versiones anteriores a 15.006.30243 y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 15.020.20039 en Windows y OS X permite a atacantes ejecutar c\u00f3digo arbitrario a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-1091, CVE-2016-6944, CVE-2016-6945, CVE-2016-6946, CVE-2016-6949, CVE-2016-6952, CVE-2016-6953, CVE-2016-6961, CVE-2016-6962, CVE-2016-6963, CVE-2016-6964, CVE-2016-6965, CVE-2016-6967, CVE-2016-6968, CVE-2016-6969, CVE-2016-6971, CVE-2016-6979, CVE-2016-6988 y CVE-2016-6993."
}
],
"id": "CVE-2016-1089",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-10-13T19:59:00.267",
"references": [
{
"source": "psirt@adobe.com",
"url": "http://www.securityfocus.com/bid/93491"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/93491"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-416"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-10-13 19:59
Modified
2025-04-12 10:46
Severity ?
Summary
Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | mac_os_x | * | |
| microsoft | windows | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CE518B7B-656F-42F8-BF38-F74B8D9CF5DE",
"versionEndIncluding": "11.0.17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "56758CE4-B394-41C2-9EF9-A00022DA7257",
"versionEndIncluding": "15.006.30201",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "B3F34EB4-2203-4BA8-9729-C1EB2DEEC334",
"versionEndIncluding": "15.017.20053",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "08EAC1A2-56CE-4375-822A-9B8C43758654",
"versionEndIncluding": "15.006.30201",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "747D8222-B077-49A3-83EB-A210CAF0D094",
"versionEndIncluding": "15.017.20053",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0A07526D-9AD0-4778-B9DC-57815F9F450F",
"versionEndIncluding": "11.0.17",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019."
},
{
"lang": "es",
"value": "Adobe Reader y Acrobat en versiones anteriores a 11.0.18, Acrobat y Acrobat Reader DC Classic en versiones anteriores a 15.006.30243 y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 15.020.20039 en Windows y OS X permiten a atacantes ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018 y CVE-2016-7019."
}
],
"id": "CVE-2016-6960",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-10-13T19:59:31.177",
"references": [
{
"source": "psirt@adobe.com",
"url": "http://www.securityfocus.com/bid/93496"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/93496"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-01-11 04:59
Modified
2025-04-20 01:37
Severity ?
Summary
Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable use after free vulnerability in the JavaScript engine, related to manipulation of the navigation pane. Successful exploitation could lead to arbitrary code execution.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * | |
| apple | mac_os_x | * | |
| microsoft | windows | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "591061D5-5A3B-4788-9219-E6A267C7F205",
"versionEndIncluding": "11.0.18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "2DA73DF1-D517-4D01-A901-11C6A410F3F7",
"versionEndIncluding": "15.006.30244",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "1044057B-3C1D-4920-B16E-11E8F43B416D",
"versionEndIncluding": "15.020.20042",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "65AE21B3-AF0D-480B-9D1A-4D64D2F749D2",
"versionEndIncluding": "15.006.30244",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "C032D3A4-80F5-4066-97DC-3AED72D6C15A",
"versionEndIncluding": "15.020.20042",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8D7F2E90-F6DF-41A3-A1DB-26058BEA2A02",
"versionEndIncluding": "11.0.18",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable use after free vulnerability in the JavaScript engine, related to manipulation of the navigation pane. Successful exploitation could lead to arbitrary code execution."
},
{
"lang": "es",
"value": "Las versiones de Adobe Acrobat Reader 15.020.20042 y anteriores, 15.006.30244 y anteriores, 11.0.18 y anteriores tienen una vulnerabilidad de uso despu\u00e9s de liberaci\u00f3n de memoria explotable en el motor JavaScript, relacionado con la manipulaci\u00f3n del panel de navegaci\u00f3n. Una explotaci\u00f3n satisfactoria podr\u00eda conducir a la ejecuci\u00f3n de c\u00f3digo arbitrario."
}
],
"id": "CVE-2017-2956",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-01-11T04:59:01.663",
"references": [
{
"source": "psirt@adobe.com",
"url": "http://www.securityfocus.com/bid/95343"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1037574"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/95343"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1037574"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-416"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-04-12 14:59
Modified
2025-04-20 01:37
Severity ?
Summary
Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability in the JPEG 2000 code-stream tile functionality. Successful exploitation could lead to arbitrary code execution.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| psirt@adobe.com | http://www.securityfocus.com/bid/97556 | Third Party Advisory, VDB Entry | |
| psirt@adobe.com | http://www.securitytracker.com/id/1038228 | ||
| psirt@adobe.com | https://helpx.adobe.com/security/products/acrobat/apsb17-11.html | Vendor Advisory | |
| nvd@nist.gov | http://www.zerodayinitiative.com/advisories/ZDI-17-253/ | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/97556 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1038228 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://helpx.adobe.com/security/products/acrobat/apsb17-11.html | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * | |
| apple | mac_os_x | * | |
| microsoft | windows | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "920C2C98-5D86-4436-BEFF-54D9A41D43C8",
"versionEndIncluding": "11.0.19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "E065F497-3396-4F95-B19F-35628C8AA570",
"versionEndIncluding": "15.006.30280",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "FAC7EE17-469A-45D6-94B1-7C84E8727A06",
"versionEndIncluding": "15.023.20070",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "EF2B91EA-41D3-4054-958C-5F174D2ADDF0",
"versionEndIncluding": "15.006.30280",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "2E18E48C-BDDD-4A01-91F1-C233D53C0978",
"versionEndIncluding": "15.023.20070",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E65E415E-1C3C-472E-9750-3295B65CC6F0",
"versionEndIncluding": "11.0.19",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability in the JPEG 2000 code-stream tile functionality. Successful exploitation could lead to arbitrary code execution."
},
{
"lang": "es",
"value": "Las versiones de Adobe Acrobat Reader 11.0.19 y anteriores, 15.006.30280 y anteriores, 15.023.20070 y anteriores tienen una vulnerabilidad de corrupci\u00f3n de memoria explotable en la funcionalidad de mosaico de flujo de c\u00f3digo JPEG 2000. Una explotaci\u00f3n exitosa podr\u00eda conducir a la ejecuci\u00f3n de c\u00f3digo arbitrario."
}
],
"id": "CVE-2017-3023",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-04-12T14:59:01.953",
"references": [
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/97556"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1038228"
},
{
"source": "psirt@adobe.com",
"tags": [
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
},
{
"source": "nvd@nist.gov",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-17-253/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/97556"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1038228"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-10-13 19:59
Modified
2025-04-12 10:46
Severity ?
Summary
Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1089, CVE-2016-1091, CVE-2016-6944, CVE-2016-6945, CVE-2016-6946, CVE-2016-6949, CVE-2016-6952, CVE-2016-6953, CVE-2016-6962, CVE-2016-6963, CVE-2016-6964, CVE-2016-6965, CVE-2016-6967, CVE-2016-6968, CVE-2016-6969, CVE-2016-6971, CVE-2016-6979, CVE-2016-6988, and CVE-2016-6993.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | mac_os_x | * | |
| microsoft | windows | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CE518B7B-656F-42F8-BF38-F74B8D9CF5DE",
"versionEndIncluding": "11.0.17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "56758CE4-B394-41C2-9EF9-A00022DA7257",
"versionEndIncluding": "15.006.30201",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "B3F34EB4-2203-4BA8-9729-C1EB2DEEC334",
"versionEndIncluding": "15.017.20053",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "08EAC1A2-56CE-4375-822A-9B8C43758654",
"versionEndIncluding": "15.006.30201",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "747D8222-B077-49A3-83EB-A210CAF0D094",
"versionEndIncluding": "15.017.20053",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0A07526D-9AD0-4778-B9DC-57815F9F450F",
"versionEndIncluding": "11.0.17",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1089, CVE-2016-1091, CVE-2016-6944, CVE-2016-6945, CVE-2016-6946, CVE-2016-6949, CVE-2016-6952, CVE-2016-6953, CVE-2016-6962, CVE-2016-6963, CVE-2016-6964, CVE-2016-6965, CVE-2016-6967, CVE-2016-6968, CVE-2016-6969, CVE-2016-6971, CVE-2016-6979, CVE-2016-6988, and CVE-2016-6993."
},
{
"lang": "es",
"value": "Vulnerabilidad de uso despu\u00e9s de liberaci\u00f3n de memoria en Adobe Reader y Acrobat en versiones anteriores a 11.0.18, Acrobat y Acrobat Reader DC Classic en versiones anteriores a 15.006.30243 y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 15.020.20039 en Windows y OS X permite a atacantes ejecutar c\u00f3digo arbitrario a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-1089, CVE-2016-1091, CVE-2016-6944, CVE-2016-6945, CVE-2016-6946, CVE-2016-6949, CVE-2016-6952, CVE-2016-6953, CVE-2016-6962, CVE-2016-6963, CVE-2016-6964, CVE-2016-6965, CVE-2016-6967, CVE-2016-6968, CVE-2016-6969, CVE-2016-6971, CVE-2016-6979, CVE-2016-6988 y CVE-2016-6993."
}
],
"id": "CVE-2016-6961",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-10-13T19:59:32.537",
"references": [
{
"source": "psirt@adobe.com",
"url": "http://www.securityfocus.com/bid/93491"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/93491"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-416"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-05-11 10:59
Modified
2025-04-12 10:46
Severity ?
Summary
Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1045, CVE-2016-1046, CVE-2016-1047, CVE-2016-1048, CVE-2016-1049, CVE-2016-1050, CVE-2016-1052, CVE-2016-1053, CVE-2016-1054, CVE-2016-1055, CVE-2016-1056, CVE-2016-1057, CVE-2016-1058, CVE-2016-1059, CVE-2016-1060, CVE-2016-1061, CVE-2016-1065, CVE-2016-1066, CVE-2016-1067, CVE-2016-1068, CVE-2016-1069, CVE-2016-1070, CVE-2016-1075, CVE-2016-1094, CVE-2016-1121, CVE-2016-1122, CVE-2016-4102, and CVE-2016-4107.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | mac_os_x | * | |
| microsoft | windows | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3A70458C-0416-49BD-A371-1CFA85DC6A13",
"versionEndIncluding": "11.0.15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "E91D5928-1453-4359-9F35-46D9A3A9CD91",
"versionEndIncluding": "15.006.30121",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "504D35C5-04CB-4FBD-B9FD-4CBA71A5EC1A",
"versionEndIncluding": "15.010.20060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "A63411C3-E8AE-415D-B1B6-1EA6AA20494A",
"versionEndIncluding": "15.006.30121",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "B33BAE59-1F77-4F21-A5C0-B5D9D1D67F1E",
"versionEndIncluding": "15.010.20060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "15C60A67-A7DE-4B57-BC2B-28D9B546DA3B",
"versionEndIncluding": "11.0.15",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1045, CVE-2016-1046, CVE-2016-1047, CVE-2016-1048, CVE-2016-1049, CVE-2016-1050, CVE-2016-1052, CVE-2016-1053, CVE-2016-1054, CVE-2016-1055, CVE-2016-1056, CVE-2016-1057, CVE-2016-1058, CVE-2016-1059, CVE-2016-1060, CVE-2016-1061, CVE-2016-1065, CVE-2016-1066, CVE-2016-1067, CVE-2016-1068, CVE-2016-1069, CVE-2016-1070, CVE-2016-1075, CVE-2016-1094, CVE-2016-1121, CVE-2016-1122, CVE-2016-4102, and CVE-2016-4107."
},
{
"lang": "es",
"value": "Vulnerabilidad de uso despu\u00e9s de liberaci\u00f3n de memoria en Adobe Reader y Acrobat en versiones anteriores a 11.0.16, Acrobat y Acrobat Reader DC Classic en versiones anteriores a 15.006.30172 y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 15.016.20039 sobre Windows y OS X permite a atacantes ejecutar c\u00f3digo arbitrario a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-1045, CVE-2016-1046, CVE-2016-1047, CVE-2016-1048, CVE-2016-1049, CVE-2016-1050, CVE-2016-1052, CVE-2016-1053, CVE-2016-1054, CVE-2016-1055, CVE-2016-1056, CVE-2016-1057, CVE-2016-1058, CVE-2016-1059, CVE-2016-1060, CVE-2016-1061, CVE-2016-1065, CVE-2016-1066, CVE-2016-1067, CVE-2016-1068, CVE-2016-1069, CVE-2016-1070, CVE-2016-1075, CVE-2016-1094, CVE-2016-1121, CVE-2016-1122, CVE-2016-4102 y CVE-2016-4107."
}
],
"evaluatorComment": "\u003ca href=\"http://cwe.mitre.org/data/definitions/416.html\"\u003eCWE-416: Use After Free\u003c/a\u003e",
"id": "CVE-2016-1051",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-05-11T10:59:16.737",
"references": [
{
"source": "psirt@adobe.com",
"url": "http://www.securityfocus.com/bid/90512"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"source": "psirt@adobe.com",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-299"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
},
{
"source": "psirt@adobe.com",
"url": "https://lists.debian.org/debian-lts-announce/2017/11/msg00004.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/90512"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-299"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.debian.org/debian-lts-announce/2017/11/msg00004.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-05-11 11:00
Modified
2025-04-12 10:46
Severity ?
Summary
Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | mac_os_x | * | |
| microsoft | windows | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3A70458C-0416-49BD-A371-1CFA85DC6A13",
"versionEndIncluding": "11.0.15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "E91D5928-1453-4359-9F35-46D9A3A9CD91",
"versionEndIncluding": "15.006.30121",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "504D35C5-04CB-4FBD-B9FD-4CBA71A5EC1A",
"versionEndIncluding": "15.010.20060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "A63411C3-E8AE-415D-B1B6-1EA6AA20494A",
"versionEndIncluding": "15.006.30121",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "B33BAE59-1F77-4F21-A5C0-B5D9D1D67F1E",
"versionEndIncluding": "15.010.20060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "15C60A67-A7DE-4B57-BC2B-28D9B546DA3B",
"versionEndIncluding": "11.0.15",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105."
},
{
"lang": "es",
"value": "Adobe Reader y Acrobat en versiones anteriores a 11.0.16, Acrobat y Acrobat Reader DC Classic en versiones anteriores a 15.006.30172 y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 15.016.20039 sobre Windows y OS X permiten a atacantes ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104 y CVE-2016-4105."
}
],
"id": "CVE-2016-1118",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-05-11T11:00:27.013",
"references": [
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-05-11 10:59
Modified
2025-04-12 10:46
Severity ?
Summary
Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to bypass JavaScript API execution restrictions via unspecified vectors, a different vulnerability than CVE-2016-1038, CVE-2016-1039, CVE-2016-1040, CVE-2016-1041, CVE-2016-1044, CVE-2016-1062, and CVE-2016-1117.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | mac_os_x | * | |
| microsoft | windows | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3A70458C-0416-49BD-A371-1CFA85DC6A13",
"versionEndIncluding": "11.0.15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "E91D5928-1453-4359-9F35-46D9A3A9CD91",
"versionEndIncluding": "15.006.30121",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "504D35C5-04CB-4FBD-B9FD-4CBA71A5EC1A",
"versionEndIncluding": "15.010.20060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "A63411C3-E8AE-415D-B1B6-1EA6AA20494A",
"versionEndIncluding": "15.006.30121",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "B33BAE59-1F77-4F21-A5C0-B5D9D1D67F1E",
"versionEndIncluding": "15.010.20060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "15C60A67-A7DE-4B57-BC2B-28D9B546DA3B",
"versionEndIncluding": "11.0.15",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to bypass JavaScript API execution restrictions via unspecified vectors, a different vulnerability than CVE-2016-1038, CVE-2016-1039, CVE-2016-1040, CVE-2016-1041, CVE-2016-1044, CVE-2016-1062, and CVE-2016-1117."
},
{
"lang": "es",
"value": "Adobe Reader y Acrobat en versiones anteriores a 11.0.16, Acrobat y Acrobat Reader DC Classic en versiones anteriores a 15.006.30172 y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 15.016.20039 sobre Windows y OS X permiten a atacantes eludir restricciones de ejecuci\u00f3n de la API JavaScript a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-1038, CVE-2016-1039, CVE-2016-1040, CVE-2016-1041, CVE-2016-1044, CVE-2016-1062 y CVE-2016-1117."
}
],
"id": "CVE-2016-1042",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-05-11T10:59:06.520",
"references": [
{
"source": "psirt@adobe.com",
"url": "http://www.securityfocus.com/bid/90517"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"source": "psirt@adobe.com",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-287"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/90517"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-287"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-284"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-07-13 02:00
Modified
2025-04-12 10:46
Severity ?
Summary
Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4191, CVE-2016-4192, CVE-2016-4193, CVE-2016-4194, CVE-2016-4195, CVE-2016-4197, CVE-2016-4198, CVE-2016-4199, CVE-2016-4200, CVE-2016-4201, CVE-2016-4202, CVE-2016-4203, CVE-2016-4204, CVE-2016-4205, CVE-2016-4206, CVE-2016-4207, CVE-2016-4208, CVE-2016-4211, CVE-2016-4212, CVE-2016-4213, CVE-2016-4214, CVE-2016-4250, CVE-2016-4251, CVE-2016-4252, and CVE-2016-4254.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | mac_os_x | * | |
| microsoft | windows | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "48F7FCE4-6C44-45DA-B1F0-7808F497AA93",
"versionEndIncluding": "11.0.16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "3F3C7F23-77F4-4698-8E74-72917F2A83E9",
"versionEndIncluding": "15.006.30174",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "2E46BF91-F475-46CB-8575-13FE3A57BD55",
"versionEndIncluding": "15.016.20045",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "6D455EA4-9459-471D-8B4E-D7D78C1772F3",
"versionEndIncluding": "15.006.30174",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "79074ABD-9720-4298-A680-0B636FFC6151",
"versionEndIncluding": "15.016.20045",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CD2EDEC-3767-4713-ACD7-D463DAE2D273",
"versionEndIncluding": "11.0.16",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4191, CVE-2016-4192, CVE-2016-4193, CVE-2016-4194, CVE-2016-4195, CVE-2016-4197, CVE-2016-4198, CVE-2016-4199, CVE-2016-4200, CVE-2016-4201, CVE-2016-4202, CVE-2016-4203, CVE-2016-4204, CVE-2016-4205, CVE-2016-4206, CVE-2016-4207, CVE-2016-4208, CVE-2016-4211, CVE-2016-4212, CVE-2016-4213, CVE-2016-4214, CVE-2016-4250, CVE-2016-4251, CVE-2016-4252, and CVE-2016-4254."
},
{
"lang": "es",
"value": "Adobe Reader y Acrobat en versiones anteriores a 11.0.17, Acrobat y Acrobat Reader DC Classic en versiones anteriores a 15.006.30198 y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 15.017.20050 en Windows y OS X permiten a atacantes ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-4191, CVE-2016-4192, CVE-2016-4193, CVE-2016-4194, CVE-2016-4195, CVE-2016-4197, CVE-2016-4198, CVE-2016-4199, CVE-2016-4200, CVE-2016-4201, CVE-2016-4202, CVE-2016-4203, CVE-2016-4204, CVE-2016-4205, CVE-2016-4206, CVE-2016-4207, CVE-2016-4208, CVE-2016-4211, CVE-2016-4212, CVE-2016-4213, CVE-2016-4214, CVE-2016-4250, CVE-2016-4251, CVE-2016-4252 y CVE-2016-4254."
}
],
"id": "CVE-2016-4196",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-07-13T02:00:06.273",
"references": [
{
"source": "psirt@adobe.com",
"url": "http://www.securityfocus.com/bid/91716"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1036281"
},
{
"source": "psirt@adobe.com",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-416"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/91716"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1036281"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-416"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-05-11 10:59
Modified
2025-04-12 10:46
Severity ?
Summary
Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to bypass JavaScript API execution restrictions via unspecified vectors, a different vulnerability than CVE-2016-1039, CVE-2016-1040, CVE-2016-1041, CVE-2016-1042, CVE-2016-1044, CVE-2016-1062, and CVE-2016-1117.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | mac_os_x | * | |
| microsoft | windows | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3A70458C-0416-49BD-A371-1CFA85DC6A13",
"versionEndIncluding": "11.0.15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "E91D5928-1453-4359-9F35-46D9A3A9CD91",
"versionEndIncluding": "15.006.30121",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "504D35C5-04CB-4FBD-B9FD-4CBA71A5EC1A",
"versionEndIncluding": "15.010.20060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "A63411C3-E8AE-415D-B1B6-1EA6AA20494A",
"versionEndIncluding": "15.006.30121",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "B33BAE59-1F77-4F21-A5C0-B5D9D1D67F1E",
"versionEndIncluding": "15.010.20060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "15C60A67-A7DE-4B57-BC2B-28D9B546DA3B",
"versionEndIncluding": "11.0.15",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to bypass JavaScript API execution restrictions via unspecified vectors, a different vulnerability than CVE-2016-1039, CVE-2016-1040, CVE-2016-1041, CVE-2016-1042, CVE-2016-1044, CVE-2016-1062, and CVE-2016-1117."
},
{
"lang": "es",
"value": "Adobe Reader y Acrobat en versiones anteriores a 11.0.16, Acrobat y Acrobat Reader DC Classic en versiones anteriores a 15.006.30172 y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 15.016.20039 sobre Windows y OS X permiten a atacantes eludir restricciones de ejecuci\u00f3n de la API JavaScript a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-1039, CVE-2016-1040, CVE-2016-1041, CVE-2016-1042, CVE-2016-1044, CVE-2016-1062 y CVE-2016-1117."
}
],
"id": "CVE-2016-1038",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 10.0,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.0,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-05-11T10:59:01.397",
"references": [
{
"source": "psirt@adobe.com",
"url": "http://www.securityfocus.com/bid/90517"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"source": "psirt@adobe.com",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-292"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/90517"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-292"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-284"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-05-11 10:59
Modified
2025-04-12 10:46
Severity ?
Summary
Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | mac_os_x | * | |
| microsoft | windows | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3A70458C-0416-49BD-A371-1CFA85DC6A13",
"versionEndIncluding": "11.0.15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "E91D5928-1453-4359-9F35-46D9A3A9CD91",
"versionEndIncluding": "15.006.30121",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "504D35C5-04CB-4FBD-B9FD-4CBA71A5EC1A",
"versionEndIncluding": "15.010.20060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "A63411C3-E8AE-415D-B1B6-1EA6AA20494A",
"versionEndIncluding": "15.006.30121",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "B33BAE59-1F77-4F21-A5C0-B5D9D1D67F1E",
"versionEndIncluding": "15.010.20060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "15C60A67-A7DE-4B57-BC2B-28D9B546DA3B",
"versionEndIncluding": "11.0.15",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105."
},
{
"lang": "es",
"value": "Adobe Reader y Acrobat en versiones anteriores a 11.0.16, Acrobat y Acrobat Reader DC Classic en versiones anteriores a 15.006.30172 y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 15.016.20039 sobre Windows y OS X permiten a atacantes ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104 y CVE-2016-4105."
}
],
"id": "CVE-2016-1088",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-05-11T10:59:59.330",
"references": [
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-04-12 14:59
Modified
2025-04-20 01:37
Severity ?
Summary
Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an insecure library loading (DLL hijacking) vulnerability in a DLL related to remote logging.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * | |
| apple | mac_os_x | * | |
| microsoft | windows | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "920C2C98-5D86-4436-BEFF-54D9A41D43C8",
"versionEndIncluding": "11.0.19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "E065F497-3396-4F95-B19F-35628C8AA570",
"versionEndIncluding": "15.006.30280",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "FAC7EE17-469A-45D6-94B1-7C84E8727A06",
"versionEndIncluding": "15.023.20070",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "EF2B91EA-41D3-4054-958C-5F174D2ADDF0",
"versionEndIncluding": "15.006.30280",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "2E18E48C-BDDD-4A01-91F1-C233D53C0978",
"versionEndIncluding": "15.023.20070",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E65E415E-1C3C-472E-9750-3295B65CC6F0",
"versionEndIncluding": "11.0.19",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an insecure library loading (DLL hijacking) vulnerability in a DLL related to remote logging."
},
{
"lang": "es",
"value": "Las versiones de Adobe Acrobat Reader 11.0.19 y anteriores, 15.006.30280 y anteriores, 15.023.20070 y anteriores tienen una vulnerabilidad de carga de la biblioteca insegura (secuestro DLL) en un DLL relacionado con el registro remoto."
}
],
"id": "CVE-2017-3013",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-04-12T14:59:01.687",
"references": [
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/97547"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1038228"
},
{
"source": "psirt@adobe.com",
"tags": [
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/97547"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1038228"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-427"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-10-13 19:59
Modified
2025-04-12 10:46
Severity ?
Summary
Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | mac_os_x | * | |
| microsoft | windows | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CE518B7B-656F-42F8-BF38-F74B8D9CF5DE",
"versionEndIncluding": "11.0.17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "56758CE4-B394-41C2-9EF9-A00022DA7257",
"versionEndIncluding": "15.006.30201",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "B3F34EB4-2203-4BA8-9729-C1EB2DEEC334",
"versionEndIncluding": "15.017.20053",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "08EAC1A2-56CE-4375-822A-9B8C43758654",
"versionEndIncluding": "15.006.30201",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "747D8222-B077-49A3-83EB-A210CAF0D094",
"versionEndIncluding": "15.017.20053",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0A07526D-9AD0-4778-B9DC-57815F9F450F",
"versionEndIncluding": "11.0.17",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019."
},
{
"lang": "es",
"value": "Adobe Reader y Acrobat en versiones anteriores a 11.0.18, Acrobat y Acrobat Reader DC Classic en versiones anteriores a 15.006.30243, y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 15.020.20039 en Windows y OS X permiten a atacantes ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018 y CVE-2016-7019."
}
],
"id": "CVE-2016-6973",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-10-13T19:59:45.320",
"references": [
{
"source": "psirt@adobe.com",
"url": "http://www.securityfocus.com/bid/93496"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/93496"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-05-11 10:59
Modified
2025-04-12 10:46
Severity ?
Summary
Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | mac_os_x | * | |
| microsoft | windows | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3A70458C-0416-49BD-A371-1CFA85DC6A13",
"versionEndIncluding": "11.0.15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "E91D5928-1453-4359-9F35-46D9A3A9CD91",
"versionEndIncluding": "15.006.30121",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "504D35C5-04CB-4FBD-B9FD-4CBA71A5EC1A",
"versionEndIncluding": "15.010.20060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "A63411C3-E8AE-415D-B1B6-1EA6AA20494A",
"versionEndIncluding": "15.006.30121",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "B33BAE59-1F77-4F21-A5C0-B5D9D1D67F1E",
"versionEndIncluding": "15.010.20060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "15C60A67-A7DE-4B57-BC2B-28D9B546DA3B",
"versionEndIncluding": "11.0.15",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105."
},
{
"lang": "es",
"value": "Adobe Reader y Acrobat en versiones anteriores a 11.0.16, Acrobat y Acrobat Reader DC Classic en versiones anteriores a 15.006.30172 y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 15.016.20039 sobre Windows y OS X permiten a atacantes ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104 y CVE-2016-4105."
}
],
"id": "CVE-2016-1083",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-05-11T10:59:53.737",
"references": [
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-04-12 14:59
Modified
2025-04-20 01:37
Severity ?
Summary
Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have a memory address leak vulnerability in the JPEG 2000 parser, related to the palette box.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| psirt@adobe.com | http://www.securityfocus.com/bid/97554 | Third Party Advisory, VDB Entry | |
| psirt@adobe.com | http://www.securitytracker.com/id/1038228 | ||
| psirt@adobe.com | https://helpx.adobe.com/security/products/acrobat/apsb17-11.html | Vendor Advisory | |
| nvd@nist.gov | http://www.zerodayinitiative.com/advisories/ZDI-17-268/ | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/97554 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1038228 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://helpx.adobe.com/security/products/acrobat/apsb17-11.html | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * | |
| apple | mac_os_x | * | |
| microsoft | windows | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "920C2C98-5D86-4436-BEFF-54D9A41D43C8",
"versionEndIncluding": "11.0.19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "E065F497-3396-4F95-B19F-35628C8AA570",
"versionEndIncluding": "15.006.30280",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "FAC7EE17-469A-45D6-94B1-7C84E8727A06",
"versionEndIncluding": "15.023.20070",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "EF2B91EA-41D3-4054-958C-5F174D2ADDF0",
"versionEndIncluding": "15.006.30280",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "2E18E48C-BDDD-4A01-91F1-C233D53C0978",
"versionEndIncluding": "15.023.20070",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E65E415E-1C3C-472E-9750-3295B65CC6F0",
"versionEndIncluding": "11.0.19",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have a memory address leak vulnerability in the JPEG 2000 parser, related to the palette box."
},
{
"lang": "es",
"value": "Las versiones de Adobe Acrobat Reader 11.0.19 y anteriores, 15.006.30280 y anteriores, 15.023.20070 y anteriores tienen una vulnerabilidad de fuga de direcci\u00f3n de memoria en el analizador JPEG 2000, relacionada con el cuadro de la paleta."
}
],
"id": "CVE-2017-3045",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-04-12T14:59:02.657",
"references": [
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/97554"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1038228"
},
{
"source": "psirt@adobe.com",
"tags": [
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
},
{
"source": "nvd@nist.gov",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-17-268/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/97554"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1038228"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-08-11 19:29
Modified
2025-04-20 01:37
Severity ?
Summary
Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conversion engine when processing Enhanced Metafile Format (EMF) private data representing icons. Successful exploitation could lead to arbitrary code execution.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| psirt@adobe.com | http://www.securityfocus.com/bid/100179 | Third Party Advisory, VDB Entry | |
| psirt@adobe.com | http://www.securitytracker.com/id/1039098 | Third Party Advisory, VDB Entry | |
| psirt@adobe.com | https://helpx.adobe.com/security/products/acrobat/apsb17-24.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/100179 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1039098 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://helpx.adobe.com/security/products/acrobat/apsb17-24.html | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| adobe | acrobat | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * | |
| apple | mac_os_x | * | |
| microsoft | windows | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A30D9514-FE2E-4A9C-9500-16890F53E970",
"versionEndIncluding": "11.0.20",
"versionStartIncluding": "11.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7C9B6745-48B3-47D5-B624-3321E9058FB6",
"versionEndIncluding": "17.011.30066",
"versionStartIncluding": "17.011.00000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "99D08096-DEEA-4409-835A-68479002FF0F",
"versionEndIncluding": "15.006.30306",
"versionStartIncluding": "15.006.30060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "C7A7FA12-9250-4E26-87AE-D5413A1B7D83",
"versionEndIncluding": "17.009.20058",
"versionStartIncluding": "15.007.20033",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "11A0E83A-9D77-4A0B-90DE-386D21D54146",
"versionEndIncluding": "17.011.30066",
"versionStartIncluding": "17.011.00000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "0E4BAFB4-C5F3-4033-9876-AC3CF37206F8",
"versionEndIncluding": "15.006.30306",
"versionStartIncluding": "15.006.30060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "7C578153-11EF-4F8D-9137-4F7AB8024D7E",
"versionEndIncluding": "17.009.20058",
"versionStartIncluding": "15.007.20033",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1F87CC97-6ED7-4AF1-B7B7-F89EA09A68DB",
"versionEndIncluding": "11.0.20",
"versionStartIncluding": "11.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conversion engine when processing Enhanced Metafile Format (EMF) private data representing icons. Successful exploitation could lead to arbitrary code execution."
},
{
"lang": "es",
"value": "Adobe Acrobat Reader 2017.009.20058 y anteriores, 2017.008.30051 y anteriores, 2015.006.30306 y anteriores, y 11.0.20 y anteriores tiene una vulnerabilidad de corrupci\u00f3n de memoria en el motor de conversi\u00f3n de imagen cuando procesa datos privados Enhanced Metafile Format (EMF) que representan iconos. La explotaci\u00f3n con \u00e9xito de esta vulnerabilidad podr\u00eda permitir la ejecuci\u00f3n arbitraria de c\u00f3digo."
}
],
"id": "CVE-2017-11270",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-08-11T19:29:01.867",
"references": [
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/100179"
},
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039098"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/100179"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039098"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-08-11 19:29
Modified
2025-04-20 01:37
Severity ?
Summary
Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conversion engine when processing Enhanced Metafile Format (EMF) private data. Successful exploitation could lead to arbitrary code execution.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| psirt@adobe.com | http://www.securityfocus.com/bid/100179 | Third Party Advisory, VDB Entry | |
| psirt@adobe.com | http://www.securitytracker.com/id/1039098 | Third Party Advisory, VDB Entry | |
| psirt@adobe.com | https://helpx.adobe.com/security/products/acrobat/apsb17-24.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/100179 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1039098 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://helpx.adobe.com/security/products/acrobat/apsb17-24.html | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| adobe | acrobat | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * | |
| apple | mac_os_x | * | |
| microsoft | windows | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A30D9514-FE2E-4A9C-9500-16890F53E970",
"versionEndIncluding": "11.0.20",
"versionStartIncluding": "11.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7C9B6745-48B3-47D5-B624-3321E9058FB6",
"versionEndIncluding": "17.011.30066",
"versionStartIncluding": "17.011.00000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "99D08096-DEEA-4409-835A-68479002FF0F",
"versionEndIncluding": "15.006.30306",
"versionStartIncluding": "15.006.30060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "C7A7FA12-9250-4E26-87AE-D5413A1B7D83",
"versionEndIncluding": "17.009.20058",
"versionStartIncluding": "15.007.20033",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "11A0E83A-9D77-4A0B-90DE-386D21D54146",
"versionEndIncluding": "17.011.30066",
"versionStartIncluding": "17.011.00000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "0E4BAFB4-C5F3-4033-9876-AC3CF37206F8",
"versionEndIncluding": "15.006.30306",
"versionStartIncluding": "15.006.30060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "7C578153-11EF-4F8D-9137-4F7AB8024D7E",
"versionEndIncluding": "17.009.20058",
"versionStartIncluding": "15.007.20033",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1F87CC97-6ED7-4AF1-B7B7-F89EA09A68DB",
"versionEndIncluding": "11.0.20",
"versionStartIncluding": "11.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conversion engine when processing Enhanced Metafile Format (EMF) private data. Successful exploitation could lead to arbitrary code execution."
},
{
"lang": "es",
"value": "Adobe Acrobat Reader 2017.009.20058 y anteriores, 2017.008.30051 y anteriores, 2015.006.30306 y anteriores, y 11.0.20 y anteriores tiene una vulnerabilidad de corrupci\u00f3n de memoria en el motor de conversi\u00f3n de imagen cuando procesa datos privados Enhanced Metafile Format (EMF). La explotaci\u00f3n con \u00e9xito de esta vulnerabilidad podr\u00eda permitir la ejecuci\u00f3n arbitraria de c\u00f3digo."
}
],
"id": "CVE-2017-11259",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-08-11T19:29:01.587",
"references": [
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/100179"
},
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039098"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/100179"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039098"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-05-11 10:59
Modified
2025-04-12 10:46
Severity ?
Summary
Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | mac_os_x | * | |
| microsoft | windows | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3A70458C-0416-49BD-A371-1CFA85DC6A13",
"versionEndIncluding": "11.0.15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "E91D5928-1453-4359-9F35-46D9A3A9CD91",
"versionEndIncluding": "15.006.30121",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "504D35C5-04CB-4FBD-B9FD-4CBA71A5EC1A",
"versionEndIncluding": "15.010.20060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "A63411C3-E8AE-415D-B1B6-1EA6AA20494A",
"versionEndIncluding": "15.006.30121",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "B33BAE59-1F77-4F21-A5C0-B5D9D1D67F1E",
"versionEndIncluding": "15.010.20060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "15C60A67-A7DE-4B57-BC2B-28D9B546DA3B",
"versionEndIncluding": "11.0.15",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105."
},
{
"lang": "es",
"value": "Adobe Reader y Acrobat en versiones anteriores a 11.0.16, Acrobat y Acrobat Reader DC Classic en versiones anteriores a 15.006.30172 y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 15.016.20039 sobre Windows y OS X permiten a atacantes ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104 y CVE-2016-4105."
}
],
"id": "CVE-2016-1076",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-05-11T10:59:45.953",
"references": [
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"source": "psirt@adobe.com",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-324"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-324"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-10-13 19:59
Modified
2025-04-12 10:46
Severity ?
Summary
Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | mac_os_x | * | |
| microsoft | windows | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CE518B7B-656F-42F8-BF38-F74B8D9CF5DE",
"versionEndIncluding": "11.0.17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "56758CE4-B394-41C2-9EF9-A00022DA7257",
"versionEndIncluding": "15.006.30201",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "B3F34EB4-2203-4BA8-9729-C1EB2DEEC334",
"versionEndIncluding": "15.017.20053",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "08EAC1A2-56CE-4375-822A-9B8C43758654",
"versionEndIncluding": "15.006.30201",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "747D8222-B077-49A3-83EB-A210CAF0D094",
"versionEndIncluding": "15.017.20053",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0A07526D-9AD0-4778-B9DC-57815F9F450F",
"versionEndIncluding": "11.0.17",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019."
},
{
"lang": "es",
"value": "Adobe Reader y Acrobat en versiones anteriores a 11.0.18, Acrobat y Acrobat Reader DC Classic en versiones anteriores a 15.006.30243, y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 15.020.20039 en Windows y OS X permiten a atacantes ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018 y CVE-2016-7019."
}
],
"id": "CVE-2016-6975",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-10-13T19:59:47.680",
"references": [
{
"source": "psirt@adobe.com",
"url": "http://www.securityfocus.com/bid/93496"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/93496"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-08-11 19:29
Modified
2025-04-20 01:37
Severity ?
Summary
Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conversion engine when processing TIFF color map data. Successful exploitation could lead to arbitrary code execution.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| psirt@adobe.com | http://www.securityfocus.com/bid/100184 | Third Party Advisory, VDB Entry | |
| psirt@adobe.com | http://www.securitytracker.com/id/1039098 | Third Party Advisory, VDB Entry | |
| psirt@adobe.com | https://helpx.adobe.com/security/products/acrobat/apsb17-24.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/100184 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1039098 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://helpx.adobe.com/security/products/acrobat/apsb17-24.html | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| adobe | acrobat | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * | |
| apple | mac_os_x | * | |
| microsoft | windows | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A30D9514-FE2E-4A9C-9500-16890F53E970",
"versionEndIncluding": "11.0.20",
"versionStartIncluding": "11.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7C9B6745-48B3-47D5-B624-3321E9058FB6",
"versionEndIncluding": "17.011.30066",
"versionStartIncluding": "17.011.00000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "99D08096-DEEA-4409-835A-68479002FF0F",
"versionEndIncluding": "15.006.30306",
"versionStartIncluding": "15.006.30060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "C7A7FA12-9250-4E26-87AE-D5413A1B7D83",
"versionEndIncluding": "17.009.20058",
"versionStartIncluding": "15.007.20033",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "11A0E83A-9D77-4A0B-90DE-386D21D54146",
"versionEndIncluding": "17.011.30066",
"versionStartIncluding": "17.011.00000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "0E4BAFB4-C5F3-4033-9876-AC3CF37206F8",
"versionEndIncluding": "15.006.30306",
"versionStartIncluding": "15.006.30060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "7C578153-11EF-4F8D-9137-4F7AB8024D7E",
"versionEndIncluding": "17.009.20058",
"versionStartIncluding": "15.007.20033",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1F87CC97-6ED7-4AF1-B7B7-F89EA09A68DB",
"versionEndIncluding": "11.0.20",
"versionStartIncluding": "11.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conversion engine when processing TIFF color map data. Successful exploitation could lead to arbitrary code execution."
},
{
"lang": "es",
"value": "Adobe Acrobat Reader 2017.009.20058 y anteriores, 2017.008.30051 y anteriores, 2015.006.30306 y anteriores, y 11.0.20 y anteriores tiene una vulnerabilidad de corrupci\u00f3n de memoria en el motor de conversi\u00f3n de im\u00e1genes cuando procesa datos de mapa de color TIFF. La explotaci\u00f3n con \u00e9xito de esta vulnerabilidad podr\u00eda permitir la ejecuci\u00f3n arbitraria de c\u00f3digo."
}
],
"id": "CVE-2017-11255",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-08-11T19:29:01.460",
"references": [
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/100184"
},
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039098"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/100184"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039098"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-05-11 11:00
Modified
2025-04-12 10:46
Severity ?
Summary
Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| psirt@adobe.com | http://www.securitytracker.com/id/1035828 | Third Party Advisory, VDB Entry | |
| psirt@adobe.com | https://helpx.adobe.com/security/products/acrobat/apsb16-14.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1035828 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://helpx.adobe.com/security/products/acrobat/apsb16-14.html | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | mac_os_x | * | |
| microsoft | windows | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3A70458C-0416-49BD-A371-1CFA85DC6A13",
"versionEndIncluding": "11.0.15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "E91D5928-1453-4359-9F35-46D9A3A9CD91",
"versionEndIncluding": "15.006.30121",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "504D35C5-04CB-4FBD-B9FD-4CBA71A5EC1A",
"versionEndIncluding": "15.010.20060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "A63411C3-E8AE-415D-B1B6-1EA6AA20494A",
"versionEndIncluding": "15.006.30121",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "B33BAE59-1F77-4F21-A5C0-B5D9D1D67F1E",
"versionEndIncluding": "15.010.20060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "15C60A67-A7DE-4B57-BC2B-28D9B546DA3B",
"versionEndIncluding": "11.0.15",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105."
},
{
"lang": "es",
"value": "Adobe Reader y Acrobat en versiones anteriores a 11.0.16, Acrobat y Acrobat Reader DC Classic en versiones anteriores a 15.006.30172 y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 15.016.20039 sobre Windows y OS X permiten a atacantes ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104 y CVE-2016-4105."
}
],
"id": "CVE-2016-4100",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-05-11T11:00:52.217",
"references": [
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1035828"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1035828"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-10-13 19:59
Modified
2025-04-12 10:46
Severity ?
Summary
Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1089, CVE-2016-1091, CVE-2016-6944, CVE-2016-6945, CVE-2016-6946, CVE-2016-6949, CVE-2016-6952, CVE-2016-6953, CVE-2016-6961, CVE-2016-6962, CVE-2016-6963, CVE-2016-6964, CVE-2016-6967, CVE-2016-6968, CVE-2016-6969, CVE-2016-6971, CVE-2016-6979, CVE-2016-6988, and CVE-2016-6993.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | mac_os_x | * | |
| microsoft | windows | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CE518B7B-656F-42F8-BF38-F74B8D9CF5DE",
"versionEndIncluding": "11.0.17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "56758CE4-B394-41C2-9EF9-A00022DA7257",
"versionEndIncluding": "15.006.30201",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "B3F34EB4-2203-4BA8-9729-C1EB2DEEC334",
"versionEndIncluding": "15.017.20053",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "08EAC1A2-56CE-4375-822A-9B8C43758654",
"versionEndIncluding": "15.006.30201",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "747D8222-B077-49A3-83EB-A210CAF0D094",
"versionEndIncluding": "15.017.20053",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0A07526D-9AD0-4778-B9DC-57815F9F450F",
"versionEndIncluding": "11.0.17",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1089, CVE-2016-1091, CVE-2016-6944, CVE-2016-6945, CVE-2016-6946, CVE-2016-6949, CVE-2016-6952, CVE-2016-6953, CVE-2016-6961, CVE-2016-6962, CVE-2016-6963, CVE-2016-6964, CVE-2016-6967, CVE-2016-6968, CVE-2016-6969, CVE-2016-6971, CVE-2016-6979, CVE-2016-6988, and CVE-2016-6993."
},
{
"lang": "es",
"value": "Vulnerabilidad de uso despu\u00e9s de liberaci\u00f3n de memoria en Adobe Reader y Acrobat en versiones anteriores a 11.0.18, Acrobat y Acrobat Reader DC Classic en versiones anteriores a 15.006.30243 y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 15.020.20039 en Windows y OS X permite a atacantes ejecutar c\u00f3digo arbitrario a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-1089, CVE-2016-1091, CVE-2016-6944, CVE-2016-6945, CVE-2016-6946, CVE-2016-6949, CVE-2016-6952, CVE-2016-6953, CVE-2016-6961, CVE-2016-6962, CVE-2016-6963, CVE-2016-6964, CVE-2016-6967, CVE-2016-6968, CVE-2016-6969, CVE-2016-6971, CVE-2016-6979, CVE-2016-6988 y CVE-2016-6993."
}
],
"id": "CVE-2016-6965",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-10-13T19:59:36.600",
"references": [
{
"source": "psirt@adobe.com",
"url": "http://www.securityfocus.com/bid/93491"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/93491"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-416"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-01-24 07:59
Modified
2025-04-20 01:37
Severity ?
Summary
Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable heap overflow vulnerability in the JPEG decoder routine. Successful exploitation could lead to arbitrary code execution.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| psirt@adobe.com | http://www.securityfocus.com/bid/95690 | Third Party Advisory, VDB Entry | |
| psirt@adobe.com | http://www.talosintelligence.com/reports/TALOS-2016-0259/ | ||
| psirt@adobe.com | https://helpx.adobe.com/security/products/acrobat/apsb17-01.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/95690 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.talosintelligence.com/reports/TALOS-2016-0259/ | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://helpx.adobe.com/security/products/acrobat/apsb17-01.html | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * | |
| apple | mac_os_x | * | |
| microsoft | windows | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "591061D5-5A3B-4788-9219-E6A267C7F205",
"versionEndIncluding": "11.0.18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "2DA73DF1-D517-4D01-A901-11C6A410F3F7",
"versionEndIncluding": "15.006.30244",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "1044057B-3C1D-4920-B16E-11E8F43B416D",
"versionEndIncluding": "15.020.20042",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "65AE21B3-AF0D-480B-9D1A-4D64D2F749D2",
"versionEndIncluding": "15.006.30244",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "C032D3A4-80F5-4066-97DC-3AED72D6C15A",
"versionEndIncluding": "15.020.20042",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8D7F2E90-F6DF-41A3-A1DB-26058BEA2A02",
"versionEndIncluding": "11.0.18",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable heap overflow vulnerability in the JPEG decoder routine. Successful exploitation could lead to arbitrary code execution."
},
{
"lang": "es",
"value": "Las versiones de Adobe Acrobat Reader 15.020.20042 y anteriores, 15.006.30244 y anteriores, 11.0.18 y anteriores tienen una vulnerabilidad explotable de desbordamiento de pila en la rutina del decodificador JPEG. Una explotaci\u00f3n exitosa podr\u00eda conducir a la ejecuci\u00f3n de c\u00f3digo arbitrario."
}
],
"id": "CVE-2017-2971",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-01-24T07:59:00.227",
"references": [
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/95690"
},
{
"source": "psirt@adobe.com",
"url": "http://www.talosintelligence.com/reports/TALOS-2016-0259/"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/95690"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.talosintelligence.com/reports/TALOS-2016-0259/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-05-11 10:59
Modified
2025-04-12 10:46
Severity ?
Summary
Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | mac_os_x | * | |
| microsoft | windows | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3A70458C-0416-49BD-A371-1CFA85DC6A13",
"versionEndIncluding": "11.0.15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "E91D5928-1453-4359-9F35-46D9A3A9CD91",
"versionEndIncluding": "15.006.30121",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "504D35C5-04CB-4FBD-B9FD-4CBA71A5EC1A",
"versionEndIncluding": "15.010.20060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "A63411C3-E8AE-415D-B1B6-1EA6AA20494A",
"versionEndIncluding": "15.006.30121",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "B33BAE59-1F77-4F21-A5C0-B5D9D1D67F1E",
"versionEndIncluding": "15.010.20060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "15C60A67-A7DE-4B57-BC2B-28D9B546DA3B",
"versionEndIncluding": "11.0.15",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105."
},
{
"lang": "es",
"value": "Adobe Reader y Acrobat en versiones anteriores a 11.0.16, Acrobat y Acrobat Reader DC Classic en versiones anteriores a 15.006.30172 y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 15.016.20039 sobre Windows y OS X permiten a atacantes ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-1037, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104 y CVE-2016-4105."
}
],
"id": "CVE-2016-1063",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-05-11T10:59:30.237",
"references": [
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"source": "psirt@adobe.com",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-311"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-311"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-08-11 19:29
Modified
2025-04-20 01:37
Severity ?
Summary
Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable type confusion vulnerability in the annotation functionality. Successful exploitation could lead to arbitrary code execution.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| psirt@adobe.com | http://www.securityfocus.com/bid/100181 | Third Party Advisory, VDB Entry | |
| psirt@adobe.com | http://www.securitytracker.com/id/1039098 | Third Party Advisory, VDB Entry | |
| psirt@adobe.com | https://helpx.adobe.com/security/products/acrobat/apsb17-24.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/100181 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1039098 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://helpx.adobe.com/security/products/acrobat/apsb17-24.html | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| adobe | acrobat | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * | |
| apple | mac_os_x | * | |
| microsoft | windows | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A30D9514-FE2E-4A9C-9500-16890F53E970",
"versionEndIncluding": "11.0.20",
"versionStartIncluding": "11.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7C9B6745-48B3-47D5-B624-3321E9058FB6",
"versionEndIncluding": "17.011.30066",
"versionStartIncluding": "17.011.00000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "99D08096-DEEA-4409-835A-68479002FF0F",
"versionEndIncluding": "15.006.30306",
"versionStartIncluding": "15.006.30060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "C7A7FA12-9250-4E26-87AE-D5413A1B7D83",
"versionEndIncluding": "17.009.20058",
"versionStartIncluding": "15.007.20033",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "11A0E83A-9D77-4A0B-90DE-386D21D54146",
"versionEndIncluding": "17.011.30066",
"versionStartIncluding": "17.011.00000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "0E4BAFB4-C5F3-4033-9876-AC3CF37206F8",
"versionEndIncluding": "15.006.30306",
"versionStartIncluding": "15.006.30060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "7C578153-11EF-4F8D-9137-4F7AB8024D7E",
"versionEndIncluding": "17.009.20058",
"versionStartIncluding": "15.007.20033",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1F87CC97-6ED7-4AF1-B7B7-F89EA09A68DB",
"versionEndIncluding": "11.0.20",
"versionStartIncluding": "11.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable type confusion vulnerability in the annotation functionality. Successful exploitation could lead to arbitrary code execution."
},
{
"lang": "es",
"value": "Adobe Acrobat Reader 2017.009.20058 y anteriores, 2017.008.30051 y anteriores, 2015.006.30306 y anteriores, y 11.0.20 y anteriores tiene una vulnerabilidad explotable de confusi\u00f3n de tipo en la funcionalidad de anotaci\u00f3n. La explotaci\u00f3n con \u00e9xito de esta vulnerabilidad podr\u00eda permitir la ejecuci\u00f3n arbitraria de c\u00f3digo."
}
],
"id": "CVE-2017-11221",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-08-11T19:29:00.523",
"references": [
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/100181"
},
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039098"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/100181"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039098"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-704"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-08-26 19:59
Modified
2025-04-12 10:46
Severity ?
Summary
Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4191, CVE-2016-4192, CVE-2016-4193, CVE-2016-4194, CVE-2016-4195, CVE-2016-4196, CVE-2016-4197, CVE-2016-4198, CVE-2016-4199, CVE-2016-4200, CVE-2016-4201, CVE-2016-4202, CVE-2016-4203, CVE-2016-4204, CVE-2016-4205, CVE-2016-4206, CVE-2016-4207, CVE-2016-4208, CVE-2016-4211, CVE-2016-4212, CVE-2016-4213, CVE-2016-4214, CVE-2016-4250, CVE-2016-4251, CVE-2016-4252, CVE-2016-4254, CVE-2016-4266, CVE-2016-4267, CVE-2016-4268, CVE-2016-4269, and CVE-2016-4270.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | mac_os_x | * | |
| microsoft | windows | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "48F7FCE4-6C44-45DA-B1F0-7808F497AA93",
"versionEndIncluding": "11.0.16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "3F3C7F23-77F4-4698-8E74-72917F2A83E9",
"versionEndIncluding": "15.006.30174",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "2E46BF91-F475-46CB-8575-13FE3A57BD55",
"versionEndIncluding": "15.016.20045",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "6D455EA4-9459-471D-8B4E-D7D78C1772F3",
"versionEndIncluding": "15.006.30174",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "79074ABD-9720-4298-A680-0B636FFC6151",
"versionEndIncluding": "15.016.20045",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CD2EDEC-3767-4713-ACD7-D463DAE2D273",
"versionEndIncluding": "11.0.16",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4191, CVE-2016-4192, CVE-2016-4193, CVE-2016-4194, CVE-2016-4195, CVE-2016-4196, CVE-2016-4197, CVE-2016-4198, CVE-2016-4199, CVE-2016-4200, CVE-2016-4201, CVE-2016-4202, CVE-2016-4203, CVE-2016-4204, CVE-2016-4205, CVE-2016-4206, CVE-2016-4207, CVE-2016-4208, CVE-2016-4211, CVE-2016-4212, CVE-2016-4213, CVE-2016-4214, CVE-2016-4250, CVE-2016-4251, CVE-2016-4252, CVE-2016-4254, CVE-2016-4266, CVE-2016-4267, CVE-2016-4268, CVE-2016-4269, and CVE-2016-4270."
},
{
"lang": "es",
"value": "Adobe Reader y Acrobat en versiones anteriores a 11.0.17, Acrobat y Acrobat Reader DC Classic en versiones anteriores a 15.006.30198 y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 15.017.20050 en Windows y OS X permiten a atacantes ejecutar un c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-4191, CVE-2016-4192, CVE-2016-4193, CVE-2016-4194, CVE-2016-4195, CVE-2016-4196, CVE-2016-4197, CVE-2016-4198, CVE-2016-4199, CVE-2016-4200, CVE-2016-4201, CVE-2016-4202, CVE-2016-4203, CVE-2016-4204, CVE-2016-4205, CVE-2016-4206, CVE-2016-4207, CVE-2016-4208, CVE-2016-4211, CVE-2016-4212, CVE-2016-4213, CVE-2016-4214, CVE-2016-4250, CVE-2016-4251, CVE-2016-4252, CVE-2016-4254, CVE-2016-4266, CVE-2016-4267, CVE-2016-4268, CVE-2016-4269, y CVE-2016-4270."
}
],
"id": "CVE-2016-4265",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-08-26T19:59:01.507",
"references": [
{
"source": "psirt@adobe.com",
"url": "http://www.securityfocus.com/bid/92640"
},
{
"source": "psirt@adobe.com",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-488"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/92640"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-488"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2012-01-10 21:55
Modified
2025-04-11 00:51
Severity ?
Summary
Adobe Reader and Acrobat before 9.5, and 10.x before 10.1.2, on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-4372 and CVE-2011-4373.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| psirt@adobe.com | http://www.adobe.com/support/security/bulletins/apsb12-01.html | Patch, Vendor Advisory | |
| psirt@adobe.com | http://www.securityfocus.com/bid/51348 | Broken Link, VDB Entry | |
| psirt@adobe.com | http://www.securitytracker.com/id?1026496 | Broken Link, VDB Entry | |
| psirt@adobe.com | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14801 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.adobe.com/support/security/bulletins/apsb12-01.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/51348 | Broken Link, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id?1026496 | Broken Link, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14801 | Third Party Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A70868B3-F3C5-4DC0-9013-78E77F424109",
"versionEndIncluding": "10.1.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EA1F1816-CFFC-45BF-A193-35F4A07C2EF7",
"versionEndIncluding": "10.1.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4C56F007-5F8E-4BDD-A803-C907BCC0AF55",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E63E65B1-5E44-4ADD-A692-20877FA22057",
"versionEndIncluding": "9.4.6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:9.4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "314014C8-527A-4D6D-B9BF-30084178C9B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "45B31326-A27E-42EA-B8D6-FE7165111A55",
"versionEndIncluding": "9.4.6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:9.4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "F1DE8E04-ACEC-4D43-B65C-C74C8020FB50",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "758BD624-4D03-40C9-8F03-F0F9A7A5DE99",
"versionEndIncluding": "9.4.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:9.4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "0335CEAA-ED55-46AA-98D9-693733CDA68C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BCAF5003-4BF0-4C1B-A153-9FC76D64CB44",
"versionEndIncluding": "9.4.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:9.4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "8C2303F4-5AD9-4863-A42B-FBB618AB73DD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*",
"matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 9.5, and 10.x before 10.1.2, on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-4372 and CVE-2011-4373."
},
{
"lang": "es",
"value": "Adobe Reader y Adobe Acrobat antes de v9.5, y v10.x antes de v10.1.2 para Windows y Mac OS X permiten a los atacantes ejecutar c\u00f3digo de su elecci\u00f3n o causar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados. Se trata de una vulnerabilidad diferente a CVE-2011-4372 y CVE-2011-4373."
}
],
"id": "CVE-2011-4370",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-01-10T21:55:00.790",
"references": [
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.adobe.com/support/security/bulletins/apsb12-01.html"
},
{
"source": "psirt@adobe.com",
"tags": [
"Broken Link",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/51348"
},
{
"source": "psirt@adobe.com",
"tags": [
"Broken Link",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id?1026496"
},
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14801"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.adobe.com/support/security/bulletins/apsb12-01.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/51348"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id?1026496"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14801"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-08-11 19:29
Modified
2025-04-20 01:37
Severity ?
Summary
Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has a security bypass vulnerability when manipulating Forms Data Format (FDF).
References
| ▶ | URL | Tags | |
|---|---|---|---|
| psirt@adobe.com | http://www.securityfocus.com/bid/100186 | Third Party Advisory, VDB Entry | |
| psirt@adobe.com | http://www.securitytracker.com/id/1039098 | Third Party Advisory, VDB Entry | |
| psirt@adobe.com | https://helpx.adobe.com/security/products/acrobat/apsb17-24.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/100186 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1039098 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://helpx.adobe.com/security/products/acrobat/apsb17-24.html | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| adobe | acrobat | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * | |
| apple | mac_os_x | * | |
| microsoft | windows | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A30D9514-FE2E-4A9C-9500-16890F53E970",
"versionEndIncluding": "11.0.20",
"versionStartIncluding": "11.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7C9B6745-48B3-47D5-B624-3321E9058FB6",
"versionEndIncluding": "17.011.30066",
"versionStartIncluding": "17.011.00000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "99D08096-DEEA-4409-835A-68479002FF0F",
"versionEndIncluding": "15.006.30306",
"versionStartIncluding": "15.006.30060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "C7A7FA12-9250-4E26-87AE-D5413A1B7D83",
"versionEndIncluding": "17.009.20058",
"versionStartIncluding": "15.007.20033",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "11A0E83A-9D77-4A0B-90DE-386D21D54146",
"versionEndIncluding": "17.011.30066",
"versionStartIncluding": "17.011.00000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "0E4BAFB4-C5F3-4033-9876-AC3CF37206F8",
"versionEndIncluding": "15.006.30306",
"versionStartIncluding": "15.006.30060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "7C578153-11EF-4F8D-9137-4F7AB8024D7E",
"versionEndIncluding": "17.009.20058",
"versionStartIncluding": "15.007.20033",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1F87CC97-6ED7-4AF1-B7B7-F89EA09A68DB",
"versionEndIncluding": "11.0.20",
"versionStartIncluding": "11.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has a security bypass vulnerability when manipulating Forms Data Format (FDF)."
},
{
"lang": "es",
"value": "Adobe Acrobat Reader 2017.009.20058 y anteriores, 2017.008.30051 y anteriores, 2015.006.30306 y anteriores, y 11.0.20 y anteriores tiene una vulnerabilidad de omisi\u00f3n de seguridad cuando se manipula el formato Forms Data Format (FDF)."
}
],
"id": "CVE-2017-11229",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-08-11T19:29:00.743",
"references": [
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/100186"
},
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039098"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/100186"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039098"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-10-13 20:00
Modified
2025-04-12 10:46
Severity ?
Summary
Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | mac_os_x | * | |
| microsoft | windows | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CE518B7B-656F-42F8-BF38-F74B8D9CF5DE",
"versionEndIncluding": "11.0.17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "56758CE4-B394-41C2-9EF9-A00022DA7257",
"versionEndIncluding": "15.006.30201",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "B3F34EB4-2203-4BA8-9729-C1EB2DEEC334",
"versionEndIncluding": "15.017.20053",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "08EAC1A2-56CE-4375-822A-9B8C43758654",
"versionEndIncluding": "15.006.30201",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "747D8222-B077-49A3-83EB-A210CAF0D094",
"versionEndIncluding": "15.017.20053",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0A07526D-9AD0-4778-B9DC-57815F9F450F",
"versionEndIncluding": "11.0.17",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019."
},
{
"lang": "es",
"value": "Adobe Reader y Acrobat en versiones anteriores a 11.0.18, Acrobat y Acrobat Reader DC Classic en versiones anteriores a 15.006.30243 y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 15.020.20039 en Windows y OS X permiten a atacantes ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018 y CVE-2016-7019."
}
],
"id": "CVE-2016-7009",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-10-13T20:00:46.843",
"references": [
{
"source": "psirt@adobe.com",
"url": "http://www.securityfocus.com/bid/93496"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/93496"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-04-12 14:59
Modified
2025-04-20 01:37
Severity ?
Summary
Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability when handling a malformed PDF file. Successful exploitation could lead to arbitrary code execution.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * | |
| apple | mac_os_x | * | |
| microsoft | windows | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "920C2C98-5D86-4436-BEFF-54D9A41D43C8",
"versionEndIncluding": "11.0.19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "E065F497-3396-4F95-B19F-35628C8AA570",
"versionEndIncluding": "15.006.30280",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "FAC7EE17-469A-45D6-94B1-7C84E8727A06",
"versionEndIncluding": "15.023.20070",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "EF2B91EA-41D3-4054-958C-5F174D2ADDF0",
"versionEndIncluding": "15.006.30280",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "2E18E48C-BDDD-4A01-91F1-C233D53C0978",
"versionEndIncluding": "15.023.20070",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E65E415E-1C3C-472E-9750-3295B65CC6F0",
"versionEndIncluding": "11.0.19",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability when handling a malformed PDF file. Successful exploitation could lead to arbitrary code execution."
},
{
"lang": "es",
"value": "Las versiones de Adobe Acrobat Reader 11.0.19 y anteriores, 15.006.30280 y anteriores, 15.023.20070 y anteriores tienen una vulnerabilidad de corrupci\u00f3n de memoria explotable al manejar un archivo PDF con formato incorrecto. Una explotaci\u00f3n exitosa podr\u00eda conducir a la ejecuci\u00f3n arbitraria de c\u00f3digo."
}
],
"id": "CVE-2017-3017",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-04-12T14:59:01.780",
"references": [
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/97556"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1038228"
},
{
"source": "psirt@adobe.com",
"tags": [
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/97556"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1038228"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-05-11 10:59
Modified
2025-04-12 10:46
Severity ?
Summary
Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | mac_os_x | * | |
| microsoft | windows | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3A70458C-0416-49BD-A371-1CFA85DC6A13",
"versionEndIncluding": "11.0.15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "E91D5928-1453-4359-9F35-46D9A3A9CD91",
"versionEndIncluding": "15.006.30121",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "504D35C5-04CB-4FBD-B9FD-4CBA71A5EC1A",
"versionEndIncluding": "15.010.20060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "A63411C3-E8AE-415D-B1B6-1EA6AA20494A",
"versionEndIncluding": "15.006.30121",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "B33BAE59-1F77-4F21-A5C0-B5D9D1D67F1E",
"versionEndIncluding": "15.010.20060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "15C60A67-A7DE-4B57-BC2B-28D9B546DA3B",
"versionEndIncluding": "11.0.15",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105."
},
{
"lang": "es",
"value": "Adobe Reader y Acrobat en versiones anteriores a 11.0.16, Acrobat y Acrobat Reader DC Classic en versiones anteriores a 15.006.30172 y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 15.016.20039 sobre Windows y OS X permiten a atacantes ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104 y CVE-2016-4105."
}
],
"id": "CVE-2016-1071",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-05-11T10:59:39.673",
"references": [
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"source": "psirt@adobe.com",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-319"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-319"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-05-11 10:59
Modified
2025-04-12 10:46
Severity ?
Summary
Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1045, CVE-2016-1046, CVE-2016-1047, CVE-2016-1048, CVE-2016-1049, CVE-2016-1050, CVE-2016-1051, CVE-2016-1052, CVE-2016-1053, CVE-2016-1054, CVE-2016-1055, CVE-2016-1056, CVE-2016-1057, CVE-2016-1058, CVE-2016-1059, CVE-2016-1060, CVE-2016-1061, CVE-2016-1065, CVE-2016-1066, CVE-2016-1068, CVE-2016-1069, CVE-2016-1070, CVE-2016-1075, CVE-2016-1094, CVE-2016-1121, CVE-2016-1122, CVE-2016-4102, and CVE-2016-4107.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | mac_os_x | * | |
| microsoft | windows | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3A70458C-0416-49BD-A371-1CFA85DC6A13",
"versionEndIncluding": "11.0.15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "E91D5928-1453-4359-9F35-46D9A3A9CD91",
"versionEndIncluding": "15.006.30121",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "504D35C5-04CB-4FBD-B9FD-4CBA71A5EC1A",
"versionEndIncluding": "15.010.20060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "A63411C3-E8AE-415D-B1B6-1EA6AA20494A",
"versionEndIncluding": "15.006.30121",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "B33BAE59-1F77-4F21-A5C0-B5D9D1D67F1E",
"versionEndIncluding": "15.010.20060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "15C60A67-A7DE-4B57-BC2B-28D9B546DA3B",
"versionEndIncluding": "11.0.15",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1045, CVE-2016-1046, CVE-2016-1047, CVE-2016-1048, CVE-2016-1049, CVE-2016-1050, CVE-2016-1051, CVE-2016-1052, CVE-2016-1053, CVE-2016-1054, CVE-2016-1055, CVE-2016-1056, CVE-2016-1057, CVE-2016-1058, CVE-2016-1059, CVE-2016-1060, CVE-2016-1061, CVE-2016-1065, CVE-2016-1066, CVE-2016-1068, CVE-2016-1069, CVE-2016-1070, CVE-2016-1075, CVE-2016-1094, CVE-2016-1121, CVE-2016-1122, CVE-2016-4102, and CVE-2016-4107."
},
{
"lang": "es",
"value": "Vulnerabilidad de uso despu\u00e9s de liberaci\u00f3n de memoria en Adobe Reader y Acrobat en versiones anteriores a 11.0.16, Acrobat y Acrobat Reader DC Classic en versiones anteriores a 15.006.30172 y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 15.016.20039 sobre Windows y OS X permite a atacantes ejecutar c\u00f3digo arbitrario a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-1045, CVE-2016-1046, CVE-2016-1047, CVE-2016-1048, CVE-2016-1049, CVE-2016-1050, CVE-2016-1051, CVE-2016-1052, CVE-2016-1053, CVE-2016-1054, CVE-2016-1055, CVE-2016-1056, CVE-2016-1057, CVE-2016-1058, CVE-2016-1059, CVE-2016-1060, CVE-2016-1061, CVE-2016-1065, CVE-2016-1066, CVE-2016-1068, CVE-2016-1069, CVE-2016-1070, CVE-2016-1075, CVE-2016-1094, CVE-2016-1121, CVE-2016-1122, CVE-2016-4102 y CVE-2016-4107."
}
],
"evaluatorComment": "\u003ca href=\"http://cwe.mitre.org/data/definitions/416.html\"\u003eCWE-416: Use After Free\u003c/a\u003e",
"id": "CVE-2016-1067",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-05-11T10:59:34.690",
"references": [
{
"source": "psirt@adobe.com",
"url": "http://www.securityfocus.com/bid/90512"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"source": "psirt@adobe.com",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-315"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/90512"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-315"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-07-13 02:00
Modified
2025-04-12 10:46
Severity ?
Summary
Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4191, CVE-2016-4192, CVE-2016-4193, CVE-2016-4194, CVE-2016-4195, CVE-2016-4196, CVE-2016-4197, CVE-2016-4198, CVE-2016-4199, CVE-2016-4200, CVE-2016-4201, CVE-2016-4202, CVE-2016-4203, CVE-2016-4204, CVE-2016-4205, CVE-2016-4206, CVE-2016-4208, CVE-2016-4211, CVE-2016-4212, CVE-2016-4213, CVE-2016-4214, CVE-2016-4250, CVE-2016-4251, CVE-2016-4252, and CVE-2016-4254.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | mac_os_x | * | |
| microsoft | windows | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "48F7FCE4-6C44-45DA-B1F0-7808F497AA93",
"versionEndIncluding": "11.0.16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "3F3C7F23-77F4-4698-8E74-72917F2A83E9",
"versionEndIncluding": "15.006.30174",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "2E46BF91-F475-46CB-8575-13FE3A57BD55",
"versionEndIncluding": "15.016.20045",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "6D455EA4-9459-471D-8B4E-D7D78C1772F3",
"versionEndIncluding": "15.006.30174",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "79074ABD-9720-4298-A680-0B636FFC6151",
"versionEndIncluding": "15.016.20045",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CD2EDEC-3767-4713-ACD7-D463DAE2D273",
"versionEndIncluding": "11.0.16",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4191, CVE-2016-4192, CVE-2016-4193, CVE-2016-4194, CVE-2016-4195, CVE-2016-4196, CVE-2016-4197, CVE-2016-4198, CVE-2016-4199, CVE-2016-4200, CVE-2016-4201, CVE-2016-4202, CVE-2016-4203, CVE-2016-4204, CVE-2016-4205, CVE-2016-4206, CVE-2016-4208, CVE-2016-4211, CVE-2016-4212, CVE-2016-4213, CVE-2016-4214, CVE-2016-4250, CVE-2016-4251, CVE-2016-4252, and CVE-2016-4254."
},
{
"lang": "es",
"value": "Adobe Reader y Acrobat en versiones anteriores a 11.0.17, Acrobat y Acrobat Reader DC Classic en versiones anteriores a 15.006.30198 y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 15.017.20050 en Windows y OS X permiten a atacantes ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-4191, CVE-2016-4192, CVE-2016-4193, CVE-2016-4194, CVE-2016-4195, CVE-2016-4196, CVE-2016-4197, CVE-2016-4198, CVE-2016-4199, CVE-2016-4200, CVE-2016-4201, CVE-2016-4202, CVE-2016-4203, CVE-2016-4204, CVE-2016-4205, CVE-2016-4206, CVE-2016-4208, CVE-2016-4211, CVE-2016-4212, CVE-2016-4213, CVE-2016-4214, CVE-2016-4250, CVE-2016-4251, CVE-2016-4252 y CVE-2016-4254."
}
],
"id": "CVE-2016-4207",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-07-13T02:00:16.727",
"references": [
{
"source": "psirt@adobe.com",
"url": "http://www.securityfocus.com/bid/91716"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1036281"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html"
},
{
"source": "psirt@adobe.com",
"url": "https://www.exploit-db.com/exploits/40099/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/91716"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1036281"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.exploit-db.com/exploits/40099/"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-07-13 02:00
Modified
2025-04-12 10:46
Severity ?
Summary
Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4191, CVE-2016-4192, CVE-2016-4193, CVE-2016-4194, CVE-2016-4195, CVE-2016-4196, CVE-2016-4198, CVE-2016-4199, CVE-2016-4200, CVE-2016-4201, CVE-2016-4202, CVE-2016-4203, CVE-2016-4204, CVE-2016-4205, CVE-2016-4206, CVE-2016-4207, CVE-2016-4208, CVE-2016-4211, CVE-2016-4212, CVE-2016-4213, CVE-2016-4214, CVE-2016-4250, CVE-2016-4251, CVE-2016-4252, and CVE-2016-4254.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | mac_os_x | * | |
| microsoft | windows | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "48F7FCE4-6C44-45DA-B1F0-7808F497AA93",
"versionEndIncluding": "11.0.16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "3F3C7F23-77F4-4698-8E74-72917F2A83E9",
"versionEndIncluding": "15.006.30174",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "2E46BF91-F475-46CB-8575-13FE3A57BD55",
"versionEndIncluding": "15.016.20045",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "6D455EA4-9459-471D-8B4E-D7D78C1772F3",
"versionEndIncluding": "15.006.30174",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "79074ABD-9720-4298-A680-0B636FFC6151",
"versionEndIncluding": "15.016.20045",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CD2EDEC-3767-4713-ACD7-D463DAE2D273",
"versionEndIncluding": "11.0.16",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4191, CVE-2016-4192, CVE-2016-4193, CVE-2016-4194, CVE-2016-4195, CVE-2016-4196, CVE-2016-4198, CVE-2016-4199, CVE-2016-4200, CVE-2016-4201, CVE-2016-4202, CVE-2016-4203, CVE-2016-4204, CVE-2016-4205, CVE-2016-4206, CVE-2016-4207, CVE-2016-4208, CVE-2016-4211, CVE-2016-4212, CVE-2016-4213, CVE-2016-4214, CVE-2016-4250, CVE-2016-4251, CVE-2016-4252, and CVE-2016-4254."
},
{
"lang": "es",
"value": "Adobe Reader y Acrobat en versiones anteriores a 11.0.17, Acrobat y Acrobat Reader DC Classic en versiones anteriores a 15.006.30198 y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 15.017.20050 en Windows y OS X permiten a atacantes ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-4191, CVE-2016-4192, CVE-2016-4193, CVE-2016-4194, CVE-2016-4195, CVE-2016-4196, CVE-2016-4198, CVE-2016-4199, CVE-2016-4200, CVE-2016-4201, CVE-2016-4202, CVE-2016-4203, CVE-2016-4204, CVE-2016-4205, CVE-2016-4206, CVE-2016-4207, CVE-2016-4208, CVE-2016-4211, CVE-2016-4212, CVE-2016-4213, CVE-2016-4214, CVE-2016-4250, CVE-2016-4251, CVE-2016-4252 y CVE-2016-4254."
}
],
"id": "CVE-2016-4197",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-07-13T02:00:07.303",
"references": [
{
"source": "psirt@adobe.com",
"url": "http://www.securityfocus.com/bid/91716"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1036281"
},
{
"source": "psirt@adobe.com",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-415"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/91716"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1036281"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-415"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-08-11 19:29
Modified
2025-04-20 01:37
Severity ?
Summary
Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the Adobe Graphics Manager (AGM) module. Successful exploitation could lead to arbitrary code execution.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| psirt@adobe.com | http://www.securityfocus.com/bid/100184 | Third Party Advisory, VDB Entry | |
| psirt@adobe.com | http://www.securitytracker.com/id/1039098 | Third Party Advisory, VDB Entry | |
| psirt@adobe.com | https://helpx.adobe.com/security/products/acrobat/apsb17-24.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/100184 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1039098 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://helpx.adobe.com/security/products/acrobat/apsb17-24.html | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| adobe | acrobat | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * | |
| apple | mac_os_x | * | |
| microsoft | windows | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A30D9514-FE2E-4A9C-9500-16890F53E970",
"versionEndIncluding": "11.0.20",
"versionStartIncluding": "11.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7C9B6745-48B3-47D5-B624-3321E9058FB6",
"versionEndIncluding": "17.011.30066",
"versionStartIncluding": "17.011.00000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "99D08096-DEEA-4409-835A-68479002FF0F",
"versionEndIncluding": "15.006.30306",
"versionStartIncluding": "15.006.30060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "C7A7FA12-9250-4E26-87AE-D5413A1B7D83",
"versionEndIncluding": "17.009.20058",
"versionStartIncluding": "15.007.20033",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "11A0E83A-9D77-4A0B-90DE-386D21D54146",
"versionEndIncluding": "17.011.30066",
"versionStartIncluding": "17.011.00000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "0E4BAFB4-C5F3-4033-9876-AC3CF37206F8",
"versionEndIncluding": "15.006.30306",
"versionStartIncluding": "15.006.30060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "7C578153-11EF-4F8D-9137-4F7AB8024D7E",
"versionEndIncluding": "17.009.20058",
"versionStartIncluding": "15.007.20033",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1F87CC97-6ED7-4AF1-B7B7-F89EA09A68DB",
"versionEndIncluding": "11.0.20",
"versionStartIncluding": "11.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the Adobe Graphics Manager (AGM) module. Successful exploitation could lead to arbitrary code execution."
},
{
"lang": "es",
"value": "Adobe Acrobat Reader 2017.009.20058 y anteriores, 2017.008.30051 y anteriores, 2015.006.30306 y anteriores, y 11.0.20 y anteriores tiene una vulnerabilidad de corrupci\u00f3n de memoria en el m\u00f3dulo Adobe Graphics Manager (AGM). La explotaci\u00f3n con \u00e9xito de esta vulnerabilidad podr\u00eda permitir la ejecuci\u00f3n arbitraria de c\u00f3digo."
}
],
"id": "CVE-2017-11252",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-08-11T19:29:01.397",
"references": [
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/100184"
},
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039098"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/100184"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039098"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-05-11 10:59
Modified
2025-04-12 10:46
Severity ?
Summary
Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1045, CVE-2016-1046, CVE-2016-1047, CVE-2016-1048, CVE-2016-1049, CVE-2016-1050, CVE-2016-1051, CVE-2016-1052, CVE-2016-1053, CVE-2016-1054, CVE-2016-1055, CVE-2016-1057, CVE-2016-1058, CVE-2016-1059, CVE-2016-1060, CVE-2016-1061, CVE-2016-1065, CVE-2016-1066, CVE-2016-1067, CVE-2016-1068, CVE-2016-1069, CVE-2016-1070, CVE-2016-1075, CVE-2016-1094, CVE-2016-1121, CVE-2016-1122, CVE-2016-4102, and CVE-2016-4107.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | mac_os_x | * | |
| microsoft | windows | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3A70458C-0416-49BD-A371-1CFA85DC6A13",
"versionEndIncluding": "11.0.15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "E91D5928-1453-4359-9F35-46D9A3A9CD91",
"versionEndIncluding": "15.006.30121",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "504D35C5-04CB-4FBD-B9FD-4CBA71A5EC1A",
"versionEndIncluding": "15.010.20060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "A63411C3-E8AE-415D-B1B6-1EA6AA20494A",
"versionEndIncluding": "15.006.30121",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "B33BAE59-1F77-4F21-A5C0-B5D9D1D67F1E",
"versionEndIncluding": "15.010.20060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "15C60A67-A7DE-4B57-BC2B-28D9B546DA3B",
"versionEndIncluding": "11.0.15",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1045, CVE-2016-1046, CVE-2016-1047, CVE-2016-1048, CVE-2016-1049, CVE-2016-1050, CVE-2016-1051, CVE-2016-1052, CVE-2016-1053, CVE-2016-1054, CVE-2016-1055, CVE-2016-1057, CVE-2016-1058, CVE-2016-1059, CVE-2016-1060, CVE-2016-1061, CVE-2016-1065, CVE-2016-1066, CVE-2016-1067, CVE-2016-1068, CVE-2016-1069, CVE-2016-1070, CVE-2016-1075, CVE-2016-1094, CVE-2016-1121, CVE-2016-1122, CVE-2016-4102, and CVE-2016-4107."
},
{
"lang": "es",
"value": "Vulnerabilidad de uso despu\u00e9s de liberaci\u00f3n de memoria en Adobe Reader y Acrobat en versiones anteriores a 11.0.16, Acrobat y Acrobat Reader DC Classic en versiones anteriores a 15.006.30172 y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 15.016.20039 sobre Windows y OS X permite a atacantes ejecutar c\u00f3digo arbitrario a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-1045, CVE-2016-1046, CVE-2016-1047, CVE-2016-1048, CVE-2016-1049, CVE-2016-1050, CVE-2016-1051, CVE-2016-1052, CVE-2016-1053, CVE-2016-1054, CVE-2016-1055, CVE-2016-1057, CVE-2016-1058, CVE-2016-1059, CVE-2016-1060, CVE-2016-1061, CVE-2016-1065, CVE-2016-1066, CVE-2016-1067, CVE-2016-1068, CVE-2016-1069, CVE-2016-1070, CVE-2016-1075, CVE-2016-1094, CVE-2016-1121, CVE-2016-1122, CVE-2016-4102 y CVE-2016-4107."
}
],
"evaluatorComment": "\u003ca href=\"http://cwe.mitre.org/data/definitions/416.html\"\u003eCWE-416: Use After Free\u003c/a\u003e",
"id": "CVE-2016-1056",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-05-11T10:59:22.160",
"references": [
{
"source": "psirt@adobe.com",
"url": "http://www.securityfocus.com/bid/90512"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"source": "psirt@adobe.com",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-304"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/90512"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-304"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-08-11 19:29
Modified
2025-04-20 01:37
Severity ?
Summary
Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable heap overflow vulnerability in the plugin that handles links within the PDF. Successful exploitation could lead to arbitrary code execution.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| psirt@adobe.com | http://www.securityfocus.com/bid/100180 | Third Party Advisory, VDB Entry | |
| psirt@adobe.com | http://www.securitytracker.com/id/1039098 | Third Party Advisory, VDB Entry | |
| psirt@adobe.com | https://helpx.adobe.com/security/products/acrobat/apsb17-24.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/100180 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1039098 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://helpx.adobe.com/security/products/acrobat/apsb17-24.html | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * | |
| apple | mac_os_x | * | |
| microsoft | windows | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "841C1E2E-489F-452C-9512-C4976F7951ED",
"versionEndExcluding": "11.0.21",
"versionStartIncluding": "11.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "DD7E48BF-3FFF-4584-A3EF-4C3B671FF3E4",
"versionEndExcluding": "15.006.30355",
"versionStartIncluding": "15.000.0000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "AEAD8344-7386-4468-BD13-F3220B6EBA48",
"versionEndIncluding": "17.011.30066",
"versionStartIncluding": "17.000.0000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "4A939794-0D67-400D-AF40-5B09A747DA3B",
"versionEndExcluding": "17.012.20098",
"versionStartIncluding": "17.000.0000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "84C9A908-2F15-4B64-9627-32029DC93DCD",
"versionEndExcluding": "15.006.30355",
"versionStartIncluding": "15.000.0000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "28BC5560-D81A-4B5F-B38A-5BA6000E2586",
"versionEndExcluding": "17.011.30066",
"versionStartIncluding": "17.000.0000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "ADB953D4-4A78-4D43-BAD9-72BC7F3DF8D8",
"versionEndExcluding": "17.012.20098",
"versionStartIncluding": "17.000.0000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F6E71815-C6E4-465F-B484-C8C87543DEDC",
"versionEndExcluding": "11.0.21",
"versionStartIncluding": "11.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable heap overflow vulnerability in the plugin that handles links within the PDF. Successful exploitation could lead to arbitrary code execution."
},
{
"lang": "es",
"value": "Adobe Acrobat Reader 2017.009.20058 y anteriores, 2017.008.30051 y anteriores, 2015.006.30306 y anteriores, y 11.0.20 y anteriores tiene una vulnerabilidad de desbordamiento de memoria din\u00e1mica en el plugin que gestiona enlaces en el PDF. La explotaci\u00f3n con \u00e9xito de esta vulnerabilidad podr\u00eda permitir la ejecuci\u00f3n arbitraria de c\u00f3digo."
}
],
"id": "CVE-2017-3117",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-08-11T19:29:02.633",
"references": [
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/100180"
},
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039098"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/100180"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039098"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-08-11 19:29
Modified
2025-04-20 01:37
Severity ?
Summary
Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable use after free vulnerability in XFA event management. Successful exploitation could lead to arbitrary code execution.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| psirt@adobe.com | http://www.securityfocus.com/bid/100182 | Third Party Advisory, VDB Entry | |
| psirt@adobe.com | http://www.securitytracker.com/id/1039098 | Third Party Advisory, VDB Entry | |
| psirt@adobe.com | https://helpx.adobe.com/security/products/acrobat/apsb17-24.html | Patch, Vendor Advisory | |
| nvd@nist.gov | http://www.zerodayinitiative.com/advisories/ZDI-17-572/ | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/100182 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1039098 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://helpx.adobe.com/security/products/acrobat/apsb17-24.html | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| adobe | acrobat | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * | |
| apple | mac_os_x | * | |
| microsoft | windows | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A30D9514-FE2E-4A9C-9500-16890F53E970",
"versionEndIncluding": "11.0.20",
"versionStartIncluding": "11.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7C9B6745-48B3-47D5-B624-3321E9058FB6",
"versionEndIncluding": "17.011.30066",
"versionStartIncluding": "17.011.00000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "99D08096-DEEA-4409-835A-68479002FF0F",
"versionEndIncluding": "15.006.30306",
"versionStartIncluding": "15.006.30060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "C7A7FA12-9250-4E26-87AE-D5413A1B7D83",
"versionEndIncluding": "17.009.20058",
"versionStartIncluding": "15.007.20033",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "11A0E83A-9D77-4A0B-90DE-386D21D54146",
"versionEndIncluding": "17.011.30066",
"versionStartIncluding": "17.011.00000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "0E4BAFB4-C5F3-4033-9876-AC3CF37206F8",
"versionEndIncluding": "15.006.30306",
"versionStartIncluding": "15.006.30060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "7C578153-11EF-4F8D-9137-4F7AB8024D7E",
"versionEndIncluding": "17.009.20058",
"versionStartIncluding": "15.007.20033",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1F87CC97-6ED7-4AF1-B7B7-F89EA09A68DB",
"versionEndIncluding": "11.0.20",
"versionStartIncluding": "11.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable use after free vulnerability in XFA event management. Successful exploitation could lead to arbitrary code execution."
},
{
"lang": "es",
"value": "Adobe Acrobat Reader 2017.009.20058 y anteriores, 2017.008.30051 y anteriores, 2015.006.30306 y anteriores, y 11.0.20 y anteriores tiene una vulnerabilidad uso de memoria antes de liberaci\u00f3n (use after free) en la gesti\u00f3n de eventos XFA. La explotaci\u00f3n con \u00e9xito de esta vulnerabilidad podr\u00eda permitir la ejecuci\u00f3n arbitraria de c\u00f3digo."
}
],
"id": "CVE-2017-11218",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-08-11T19:29:00.447",
"references": [
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/100182"
},
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039098"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"source": "nvd@nist.gov",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-17-572/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/100182"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039098"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-416"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-05-11 11:00
Modified
2025-04-12 10:46
Severity ?
Summary
Heap-based buffer overflow in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4091.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| psirt@adobe.com | http://www.securityfocus.com/bid/90508 | Third Party Advisory, VDB Entry | |
| psirt@adobe.com | http://www.securitytracker.com/id/1035828 | Third Party Advisory, VDB Entry | |
| psirt@adobe.com | https://helpx.adobe.com/security/products/acrobat/apsb16-14.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/90508 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1035828 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://helpx.adobe.com/security/products/acrobat/apsb16-14.html | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | mac_os_x | * | |
| microsoft | windows | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3A70458C-0416-49BD-A371-1CFA85DC6A13",
"versionEndIncluding": "11.0.15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "E91D5928-1453-4359-9F35-46D9A3A9CD91",
"versionEndIncluding": "15.006.30121",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "504D35C5-04CB-4FBD-B9FD-4CBA71A5EC1A",
"versionEndIncluding": "15.010.20060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "A63411C3-E8AE-415D-B1B6-1EA6AA20494A",
"versionEndIncluding": "15.006.30121",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "B33BAE59-1F77-4F21-A5C0-B5D9D1D67F1E",
"versionEndIncluding": "15.010.20060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "15C60A67-A7DE-4B57-BC2B-28D9B546DA3B",
"versionEndIncluding": "11.0.15",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4091."
},
{
"lang": "es",
"value": "Desbordamiento de buffer basado en memoria din\u00e1mica en Adobe Reader y Acrobat en versiones anteriores a 11.0.16, Acrobat y Acrobat Reader DC Classic en versiones anteriores a 15.006.30172 y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 15.016.20039 sobre Windows y OS X permite a atacantes ejecutar c\u00f3digo arbitrario a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-4091."
}
],
"id": "CVE-2016-4092",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-05-11T11:00:44.200",
"references": [
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/90508"
},
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1035828"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/90508"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1035828"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2009-10-13 10:30
Modified
2025-04-09 00:30
Severity ?
Summary
Heap-based buffer overflow in Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 allows remote attackers to execute arbitrary code via a crafted PDF file that triggers memory corruption, as exploited in the wild in October 2009. NOTE: some of these details are obtained from third party information.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "84209F08-D75D-4C02-94E4-5942B244E632",
"versionEndIncluding": "9.1.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "465F9134-DD86-4F13-8C39-949BE6E7389A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "BB041EDF-EFF8-4AA6-8D59-411975547534",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4C05F6A5-0FB3-489B-9B8B-64C569C03D7A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:4.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "AABA4FE3-662B-4956-904D-45086E000890",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:4.0.5a:*:*:*:*:*:*:*",
"matchCriteriaId": "998CD79C-458E-46A8-8261-1C40C53D9FA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:4.0.5c:*:*:*:*:*:*:*",
"matchCriteriaId": "0155FB0B-7FAD-4388-96C8-A8543B4FDFD9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "201F059D-33D1-4D9F-9C6F-FC8EB49E4735",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:5.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "B025E795-5713-485E-8A15-EBE4451A1A46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:5.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B453FA1D-0FE9-4324-9644-E167561926C2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:5.0.10:*:*:*:*:*:*:*",
"matchCriteriaId": "FDEA946E-B6D2-463B-89D0-F2F37278089E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "183B5940-2310-4D2E-99F0-9792A801A442",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4F8BB13E-2732-4F9E-A588-EA1C00893C8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:6.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E5FCDCBF-597B-439C-8D8B-2819FC70C567",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:6.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "440B890A-90E9-4456-B92A-856CD17F0C78",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:6.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "79BD9D8D-39DA-403E-915D-E1B6A46A6BAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:6.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "8976A7DC-1314-4C4A-A7C5-AA789D2DAB9C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FECFC942-4F04-420C-A9B4-AE0C0590317F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:7.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F81817F2-1E3A-4A52-88F1-6B614A2A1F0A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:7.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "CFFFFF0D-A80F-4B67-BEE2-86868EF7AA37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:7.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "1DC97A87-2652-4AD6-8E10-419A9AC9C245",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:7.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "3E1F71AE-3591-499E-B09F-AAC4E38F1CF2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:7.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "2D75174C-EBF9-4117-9E66-80E847012853",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:7.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "69B0305A-51D3-4E09-B96C-54B0ED921DA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:7.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "9762FE57-837B-4FFA-9813-AC038450EB2B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:7.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "0055A38C-E421-40A1-8BC7-11856A20B8F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:7.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "758CC9EE-8929-405B-A845-83BAAECCB2AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:7.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "21AC1961-12F7-456F-9CE4-9AAF116CF141",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "26AE76F7-D7F6-4AF2-A5C6-708B5642C288",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "749FFB51-65D4-4A4B-95F3-742440276897",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:8.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C8665E53-EC1E-4B95-9064-2565BC12113E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:8.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "24218FDA-F9DA-465A-B5D5-76A55C7EE04E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:8.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "E2C5F1C5-85CD-47B9-897F-E51D6902AF72",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:8.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "E0E190FF-3EBC-44AB-8072-4D964E843E8A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:8.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B95C0A99-42E4-40A9-BF61-507E4E4DC052",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:9:*:*:*:*:*:*:*",
"matchCriteriaId": "37AF9870-B9F0-42D2-B2D1-4A7E569A4C73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:9.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5FF485FB-3317-4C89-B636-F22FF19B00BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C7EC46E3-77B7-4455-B3E0-A45C6B69B3DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:9.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4F475858-DCE2-4C93-A51A-04718DF17593",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:9.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "88687272-4CD0-42A2-B727-C322ABDE3549",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "840D37C8-F30C-4A91-9B34-39AF1E4E34C8",
"versionEndIncluding": "9.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DA4A65AB-75F1-4F6B-83E4-354E7D1EAE3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5AD49BF0-E8BC-4716-8B13-DF39267D9303",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:4.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "71FC1CDB-DF7C-45FF-973D-8C9310121B0C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:4.0.5a:*:*:*:*:*:*:*",
"matchCriteriaId": "5C8951B8-0DF2-48C9-9EAC-9EDCCD389958",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:4.0.5c:*:*:*:*:*:*:*",
"matchCriteriaId": "DCCCF8E6-2117-4665-AC71-8F05771CDB15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "99E14042-AF3B-4609-8CFE-6E02B3DF5CF2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "822D6CAA-4CF7-41BE-B2AC-E7CBAB6229C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:5.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "73579E5C-BDB2-4F9C-BB87-E3752B9030B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:5.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "8A57B3C8-B127-4A52-AB08-A1B6F7830914",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:5.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "F131F390-EA28-41C2-A054-42E6B070FA8E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:5.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "E26DE5FE-729C-4C3A-80FB-0FAFC90A8BEB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:5.0.10:*:*:*:*:*:*:*",
"matchCriteriaId": "C85609BE-4385-4728-AC7E-4231B45A3CE1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:5.0.11:*:*:*:*:*:*:*",
"matchCriteriaId": "29BDD58D-3200-48C1-AB30-07808E029061",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FC93E153-9E21-4012-BFE0-0168488FFC17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "30D445D4-2B00-451B-8744-CCA9F1E1ADA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "53D60FEC-557F-456B-8F35-170078EC5C6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:6.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "51A7B617-FDB3-4F46-AF1F-F9210FB2793B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:6.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "4B5D145B-FD5B-430E-8E90-929B00271C44",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:6.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "40E8FD46-14E2-4D92-8A99-66EC41F38CF7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:6.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "78BA5B02-F565-4A7F-B9FD-DD08ABF258CE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:7.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7E3F0A07-7021-4D04-A8F2-1BCAB474CD2A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:7.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B4C1C3A0-B0DF-42E4-A8AC-D93FCB6526D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:7.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "B3B5B11C-6E76-4A03-AC05-840EFE2F8504",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:7.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "CFF8D072-305A-40B9-9E89-D98BDD951346",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:7.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "DEF52FAE-B6EF-457D-A61A-95B5E31CEF7D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:7.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "0A7236C5-85F8-47C5-8A24-D5282F94D77D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:7.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "718F2E95-E221-4928-B50F-AB840BBA0E9F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:7.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "123D2B4E-0D05-453C-B598-E41D43FE0E96",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:7.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0109ADA4-6BA0-4299-8043-7CD60DAD6DD7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:7.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "1F00A8EC-10FC-42B6-BB3E-985C903B91DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:8.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "98BCBFB5-72DF-4B8A-8F4C-E958B4FAFB37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:8.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "71EB6E18-5764-4916-9ECA-F4E880672217",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:8.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "61151189-E24C-4AB6-BC60-B9AF720E3D4B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:8.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "1B65F7E5-05A4-45FC-BDC2-670166535721",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "026B1CF8-28A2-415D-A240-C9DF774BF9DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FBE16943-CCD8-4A39-832F-F6ED3CF2936B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:9.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "42A1A800-D0CC-4593-A31A-EE308E63B454",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 allows remote attackers to execute arbitrary code via a crafted PDF file that triggers memory corruption, as exploited in the wild in October 2009. NOTE: some of these details are obtained from third party information."
},
{
"lang": "es",
"value": "Un Desbordamiento de b\u00fafer en la regi\u00f3n heap de la memoria en Adobe Reader y Acrobat versi\u00f3n 7.x anterior a versi\u00f3n 7.1.4, versi\u00f3n 8.x anterior a 8.1.7, y versi\u00f3n 9.x anterior a 9.2, permite a los atacantes remotos ejecutar c\u00f3digo arbitrario por medio de un archivo PDF creado que desencadena la corrupci\u00f3n de memoria, tal y como fue explotado \"in the wild\" en octubre de 2009. NOTA: algunos de estos detalles se obtienen de informaci\u00f3n de terceros."
}
],
"id": "CVE-2009-3459",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2009-10-13T10:30:00.577",
"references": [
{
"source": "psirt@adobe.com",
"tags": [
"Vendor Advisory"
],
"url": "http://blogs.adobe.com/psirt/2009/10/adobe_reader_and_acrobat_issue_1.html"
},
{
"source": "psirt@adobe.com",
"url": "http://isc.sans.org/diary.html?storyid=7300"
},
{
"source": "psirt@adobe.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/36983"
},
{
"source": "psirt@adobe.com",
"url": "http://securitytracker.com/id?1023007"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.adobe.com/support/security/bulletins/apsb09-15.html"
},
{
"source": "psirt@adobe.com",
"url": "http://www.iss.net/threats/348.html"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securityfocus.com/bid/36600"
},
{
"source": "psirt@adobe.com",
"tags": [
"US Government Resource"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA09-286B.html"
},
{
"source": "psirt@adobe.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/2851"
},
{
"source": "psirt@adobe.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/2898"
},
{
"source": "psirt@adobe.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/53691"
},
{
"source": "psirt@adobe.com",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6534"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://blogs.adobe.com/psirt/2009/10/adobe_reader_and_acrobat_issue_1.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://isc.sans.org/diary.html?storyid=7300"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/36983"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1023007"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.adobe.com/support/security/bulletins/apsb09-15.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.iss.net/threats/348.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/36600"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA09-286B.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/2851"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/2898"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/53691"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6534"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-01-11 04:59
Modified
2025-04-20 01:37
Severity ?
Summary
Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable memory corruption vulnerability in the XFA engine related to a form's structure and organization. Successful exploitation could lead to arbitrary code execution.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * | |
| apple | mac_os_x | * | |
| microsoft | windows | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "591061D5-5A3B-4788-9219-E6A267C7F205",
"versionEndIncluding": "11.0.18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "2DA73DF1-D517-4D01-A901-11C6A410F3F7",
"versionEndIncluding": "15.006.30244",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "1044057B-3C1D-4920-B16E-11E8F43B416D",
"versionEndIncluding": "15.020.20042",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "65AE21B3-AF0D-480B-9D1A-4D64D2F749D2",
"versionEndIncluding": "15.006.30244",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "C032D3A4-80F5-4066-97DC-3AED72D6C15A",
"versionEndIncluding": "15.020.20042",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8D7F2E90-F6DF-41A3-A1DB-26058BEA2A02",
"versionEndIncluding": "11.0.18",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable memory corruption vulnerability in the XFA engine related to a form\u0027s structure and organization. Successful exploitation could lead to arbitrary code execution."
},
{
"lang": "es",
"value": "Las versiones de Adobe Acrobat Reader 15.020.20042 y anteriores, 15.006.30244 y anteriores, 11.0.18 y anteriores tienen una vulnerabilidad de corrupci\u00f3n de memoria explotable en el motor XFA relacionado con la estructura y organizaci\u00f3n de un formulario. Una explotaci\u00f3n satisfactoria podr\u00eda conducir a la ejecuci\u00f3n de c\u00f3digo arbitrario."
}
],
"id": "CVE-2017-2967",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-01-11T04:59:02.287",
"references": [
{
"source": "psirt@adobe.com",
"url": "http://www.securityfocus.com/bid/95345"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1037574"
},
{
"source": "psirt@adobe.com",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-17-031"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/95345"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1037574"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-17-031"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-10-13 19:59
Modified
2025-04-12 10:46
Severity ?
Summary
Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to bypass intended access restrictions via unspecified vectors.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | mac_os_x | * | |
| microsoft | windows | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CE518B7B-656F-42F8-BF38-F74B8D9CF5DE",
"versionEndIncluding": "11.0.17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "56758CE4-B394-41C2-9EF9-A00022DA7257",
"versionEndIncluding": "15.006.30201",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "B3F34EB4-2203-4BA8-9729-C1EB2DEEC334",
"versionEndIncluding": "15.017.20053",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "08EAC1A2-56CE-4375-822A-9B8C43758654",
"versionEndIncluding": "15.006.30201",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "747D8222-B077-49A3-83EB-A210CAF0D094",
"versionEndIncluding": "15.017.20053",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0A07526D-9AD0-4778-B9DC-57815F9F450F",
"versionEndIncluding": "11.0.17",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to bypass intended access restrictions via unspecified vectors."
},
{
"lang": "es",
"value": "Adobe Reader y Acrobat en versiones anteriores a 11.0.18, Acrobat y Acrobat Reader DC Classic en versiones anteriores a 15.006.30243 y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 15.020.20039 en Windows y OS X permiten a atacantes eludir las restricciones destinadas al acceso a trav\u00e9s de vectores no especificados."
}
],
"id": "CVE-2016-6958",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-10-13T19:59:29.093",
"references": [
{
"source": "psirt@adobe.com",
"url": "http://www.securityfocus.com/bid/93494"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/93494"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-284"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-07-13 02:00
Modified
2025-04-12 10:46
Severity ?
Summary
Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4191, CVE-2016-4192, CVE-2016-4193, CVE-2016-4194, CVE-2016-4195, CVE-2016-4196, CVE-2016-4197, CVE-2016-4198, CVE-2016-4199, CVE-2016-4200, CVE-2016-4201, CVE-2016-4202, CVE-2016-4203, CVE-2016-4204, CVE-2016-4205, CVE-2016-4207, CVE-2016-4208, CVE-2016-4211, CVE-2016-4212, CVE-2016-4213, CVE-2016-4214, CVE-2016-4250, CVE-2016-4251, CVE-2016-4252, and CVE-2016-4254.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | mac_os_x | * | |
| microsoft | windows | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "48F7FCE4-6C44-45DA-B1F0-7808F497AA93",
"versionEndIncluding": "11.0.16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "3F3C7F23-77F4-4698-8E74-72917F2A83E9",
"versionEndIncluding": "15.006.30174",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "2E46BF91-F475-46CB-8575-13FE3A57BD55",
"versionEndIncluding": "15.016.20045",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "6D455EA4-9459-471D-8B4E-D7D78C1772F3",
"versionEndIncluding": "15.006.30174",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "79074ABD-9720-4298-A680-0B636FFC6151",
"versionEndIncluding": "15.016.20045",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CD2EDEC-3767-4713-ACD7-D463DAE2D273",
"versionEndIncluding": "11.0.16",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4191, CVE-2016-4192, CVE-2016-4193, CVE-2016-4194, CVE-2016-4195, CVE-2016-4196, CVE-2016-4197, CVE-2016-4198, CVE-2016-4199, CVE-2016-4200, CVE-2016-4201, CVE-2016-4202, CVE-2016-4203, CVE-2016-4204, CVE-2016-4205, CVE-2016-4207, CVE-2016-4208, CVE-2016-4211, CVE-2016-4212, CVE-2016-4213, CVE-2016-4214, CVE-2016-4250, CVE-2016-4251, CVE-2016-4252, and CVE-2016-4254."
},
{
"lang": "es",
"value": "Adobe Reader y Acrobat en versiones anteriores a 11.0.17, Acrobat y Acrobat Reader DC Classic en versiones anteriores a 15.006.30198 y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 15.017.20050 en Windows y OS X permiten a atacantes ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-4191, CVE-2016-4192, CVE-2016-4193, CVE-2016-4194, CVE-2016-4195, CVE-2016-4196, CVE-2016-4197, CVE-2016-4198, CVE-2016-4199, CVE-2016-4200, CVE-2016-4201, CVE-2016-4202, CVE-2016-4203, CVE-2016-4204, CVE-2016-4205, CVE-2016-4207, CVE-2016-4208, CVE-2016-4211, CVE-2016-4212, CVE-2016-4213, CVE-2016-4214, CVE-2016-4250, CVE-2016-4251, CVE-2016-4252 y CVE-2016-4254."
}
],
"id": "CVE-2016-4206",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-07-13T02:00:15.853",
"references": [
{
"source": "psirt@adobe.com",
"url": "http://www.securityfocus.com/bid/91716"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1036281"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html"
},
{
"source": "psirt@adobe.com",
"url": "https://www.exploit-db.com/exploits/40100/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/91716"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1036281"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.exploit-db.com/exploits/40100/"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-10-13 19:59
Modified
2025-04-12 10:46
Severity ?
Summary
Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | mac_os_x | * | |
| microsoft | windows | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CE518B7B-656F-42F8-BF38-F74B8D9CF5DE",
"versionEndIncluding": "11.0.17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "56758CE4-B394-41C2-9EF9-A00022DA7257",
"versionEndIncluding": "15.006.30201",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "B3F34EB4-2203-4BA8-9729-C1EB2DEEC334",
"versionEndIncluding": "15.017.20053",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "08EAC1A2-56CE-4375-822A-9B8C43758654",
"versionEndIncluding": "15.006.30201",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "747D8222-B077-49A3-83EB-A210CAF0D094",
"versionEndIncluding": "15.017.20053",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0A07526D-9AD0-4778-B9DC-57815F9F450F",
"versionEndIncluding": "11.0.17",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019."
},
{
"lang": "es",
"value": "Adobe Reader y Acrobat en versiones anteriores a 11.0.18, Acrobat y Acrobat Reader DC Classic en versiones anteriores a 15.006.30243 y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 15.020.20039 en Windows y OS X permiten a atacantes ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018 y CVE-2016-7019."
}
],
"id": "CVE-2016-6948",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-10-13T19:59:18.617",
"references": [
{
"source": "psirt@adobe.com",
"url": "http://www.securityfocus.com/bid/93496"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/93496"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-05-11 11:00
Modified
2025-04-12 10:46
Severity ?
Summary
Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | mac_os_x | * | |
| microsoft | windows | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3A70458C-0416-49BD-A371-1CFA85DC6A13",
"versionEndIncluding": "11.0.15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "E91D5928-1453-4359-9F35-46D9A3A9CD91",
"versionEndIncluding": "15.006.30121",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "504D35C5-04CB-4FBD-B9FD-4CBA71A5EC1A",
"versionEndIncluding": "15.010.20060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "A63411C3-E8AE-415D-B1B6-1EA6AA20494A",
"versionEndIncluding": "15.006.30121",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "B33BAE59-1F77-4F21-A5C0-B5D9D1D67F1E",
"versionEndIncluding": "15.010.20060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "15C60A67-A7DE-4B57-BC2B-28D9B546DA3B",
"versionEndIncluding": "11.0.15",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105."
},
{
"lang": "es",
"value": "Adobe Reader y Acrobat en versiones anteriores a 11.0.16, Acrobat y Acrobat Reader DC Classic en versiones anteriores a 15.006.30172 y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 15.016.20039 sobre Windows y OS X permiten a atacantes ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104 y CVE-2016-4105."
}
],
"id": "CVE-2016-1126",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-05-11T11:00:35.437",
"references": [
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-05-11 11:00
Modified
2025-04-12 10:46
Severity ?
Summary
Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | mac_os_x | * | |
| microsoft | windows | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3A70458C-0416-49BD-A371-1CFA85DC6A13",
"versionEndIncluding": "11.0.15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "E91D5928-1453-4359-9F35-46D9A3A9CD91",
"versionEndIncluding": "15.006.30121",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "504D35C5-04CB-4FBD-B9FD-4CBA71A5EC1A",
"versionEndIncluding": "15.010.20060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "A63411C3-E8AE-415D-B1B6-1EA6AA20494A",
"versionEndIncluding": "15.006.30121",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "B33BAE59-1F77-4F21-A5C0-B5D9D1D67F1E",
"versionEndIncluding": "15.010.20060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "15C60A67-A7DE-4B57-BC2B-28D9B546DA3B",
"versionEndIncluding": "11.0.15",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105."
},
{
"lang": "es",
"value": "Adobe Reader y Acrobat en versiones anteriores a 11.0.16, Acrobat y Acrobat Reader DC Classic en versiones anteriores a 15.006.30172 y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 15.016.20039 sobre Windows y OS X permiten a atacantes ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104 y CVE-2016-4105."
}
],
"id": "CVE-2016-1120",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-05-11T11:00:29.233",
"references": [
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-01-11 04:59
Modified
2025-04-20 01:37
Severity ?
Summary
Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable memory corruption vulnerability when processing a malformed cross-reference table. Successful exploitation could lead to arbitrary code execution.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * | |
| apple | mac_os_x | * | |
| microsoft | windows | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "591061D5-5A3B-4788-9219-E6A267C7F205",
"versionEndIncluding": "11.0.18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "2DA73DF1-D517-4D01-A901-11C6A410F3F7",
"versionEndIncluding": "15.006.30244",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "1044057B-3C1D-4920-B16E-11E8F43B416D",
"versionEndIncluding": "15.020.20042",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "65AE21B3-AF0D-480B-9D1A-4D64D2F749D2",
"versionEndIncluding": "15.006.30244",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "C032D3A4-80F5-4066-97DC-3AED72D6C15A",
"versionEndIncluding": "15.020.20042",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8D7F2E90-F6DF-41A3-A1DB-26058BEA2A02",
"versionEndIncluding": "11.0.18",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable memory corruption vulnerability when processing a malformed cross-reference table. Successful exploitation could lead to arbitrary code execution."
},
{
"lang": "es",
"value": "Las versiones de Adobe Acrobat Reader 15.020.20042 y anteriores, 15.006.30244 y anteriores, 11.0.18 y anteriores tienen una vulnerabilidad de corrupci\u00f3n de memoria explotable cuando se procesa una tabla de referencia cruzada mal formada. Una explotaci\u00f3n satisfactoria podr\u00eda conducir a la ejecuci\u00f3n de c\u00f3digo arbitrario."
}
],
"id": "CVE-2017-2939",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-01-11T04:59:00.740",
"references": [
{
"source": "psirt@adobe.com",
"url": "http://www.securityfocus.com/bid/95345"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1037574"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/95345"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1037574"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-05-11 11:00
Modified
2025-04-12 10:46
Severity ?
Summary
Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| psirt@adobe.com | http://www.securitytracker.com/id/1035828 | Third Party Advisory, VDB Entry | |
| psirt@adobe.com | https://helpx.adobe.com/security/products/acrobat/apsb16-14.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1035828 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://helpx.adobe.com/security/products/acrobat/apsb16-14.html | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | mac_os_x | * | |
| microsoft | windows | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3A70458C-0416-49BD-A371-1CFA85DC6A13",
"versionEndIncluding": "11.0.15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "E91D5928-1453-4359-9F35-46D9A3A9CD91",
"versionEndIncluding": "15.006.30121",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "504D35C5-04CB-4FBD-B9FD-4CBA71A5EC1A",
"versionEndIncluding": "15.010.20060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "A63411C3-E8AE-415D-B1B6-1EA6AA20494A",
"versionEndIncluding": "15.006.30121",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "B33BAE59-1F77-4F21-A5C0-B5D9D1D67F1E",
"versionEndIncluding": "15.010.20060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "15C60A67-A7DE-4B57-BC2B-28D9B546DA3B",
"versionEndIncluding": "11.0.15",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105."
},
{
"lang": "es",
"value": "Adobe Reader y Acrobat en versiones anteriores a 11.0.16, Acrobat y Acrobat Reader DC Classic en versiones anteriores a 15.006.30172 y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 15.016.20039 sobre Windows y OS X permiten a atacantes ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104 y CVE-2016-4105."
}
],
"id": "CVE-2016-4094",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-05-11T11:00:46.653",
"references": [
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1035828"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1035828"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-07-13 02:00
Modified
2025-04-12 10:46
Severity ?
Summary
Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4191, CVE-2016-4192, CVE-2016-4193, CVE-2016-4194, CVE-2016-4196, CVE-2016-4197, CVE-2016-4198, CVE-2016-4199, CVE-2016-4200, CVE-2016-4201, CVE-2016-4202, CVE-2016-4203, CVE-2016-4204, CVE-2016-4205, CVE-2016-4206, CVE-2016-4207, CVE-2016-4208, CVE-2016-4211, CVE-2016-4212, CVE-2016-4213, CVE-2016-4214, CVE-2016-4250, CVE-2016-4251, CVE-2016-4252, and CVE-2016-4254.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | mac_os_x | * | |
| microsoft | windows | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "48F7FCE4-6C44-45DA-B1F0-7808F497AA93",
"versionEndIncluding": "11.0.16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "3F3C7F23-77F4-4698-8E74-72917F2A83E9",
"versionEndIncluding": "15.006.30174",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "2E46BF91-F475-46CB-8575-13FE3A57BD55",
"versionEndIncluding": "15.016.20045",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "6D455EA4-9459-471D-8B4E-D7D78C1772F3",
"versionEndIncluding": "15.006.30174",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "79074ABD-9720-4298-A680-0B636FFC6151",
"versionEndIncluding": "15.016.20045",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CD2EDEC-3767-4713-ACD7-D463DAE2D273",
"versionEndIncluding": "11.0.16",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4191, CVE-2016-4192, CVE-2016-4193, CVE-2016-4194, CVE-2016-4196, CVE-2016-4197, CVE-2016-4198, CVE-2016-4199, CVE-2016-4200, CVE-2016-4201, CVE-2016-4202, CVE-2016-4203, CVE-2016-4204, CVE-2016-4205, CVE-2016-4206, CVE-2016-4207, CVE-2016-4208, CVE-2016-4211, CVE-2016-4212, CVE-2016-4213, CVE-2016-4214, CVE-2016-4250, CVE-2016-4251, CVE-2016-4252, and CVE-2016-4254."
},
{
"lang": "es",
"value": "Adobe Reader y Acrobat en versiones anteriores a 11.0.17, Acrobat y Acrobat Reader DC Classic en versiones anteriores a 15.006.30198 y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 15.017.20050 en Windows y OS X permiten a atacantes ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-4191, CVE-2016-4192, CVE-2016-4193, CVE-2016-4194, CVE-2016-4196, CVE-2016-4197, CVE-2016-4198, CVE-2016-4199, CVE-2016-4200, CVE-2016-4201, CVE-2016-4202, CVE-2016-4203, CVE-2016-4204, CVE-2016-4205, CVE-2016-4206, CVE-2016-4207, CVE-2016-4208, CVE-2016-4211, CVE-2016-4212, CVE-2016-4213, CVE-2016-4214, CVE-2016-4250, CVE-2016-4251, CVE-2016-4252 y CVE-2016-4254."
}
],
"id": "CVE-2016-4195",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-07-13T02:00:05.117",
"references": [
{
"source": "psirt@adobe.com",
"url": "http://www.securityfocus.com/bid/91716"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1036281"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/91716"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1036281"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-08-11 19:29
Modified
2025-04-20 01:37
Severity ?
Summary
Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the MakeAccessible plugin when parsing TrueType font data. Successful exploitation could lead to arbitrary code execution.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| psirt@adobe.com | http://www.securityfocus.com/bid/100179 | Third Party Advisory, VDB Entry | |
| psirt@adobe.com | http://www.securitytracker.com/id/1039098 | Third Party Advisory, VDB Entry | |
| psirt@adobe.com | https://helpx.adobe.com/security/products/acrobat/apsb17-24.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/100179 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1039098 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://helpx.adobe.com/security/products/acrobat/apsb17-24.html | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * | |
| apple | mac_os_x | * | |
| microsoft | windows | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "841C1E2E-489F-452C-9512-C4976F7951ED",
"versionEndExcluding": "11.0.21",
"versionStartIncluding": "11.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "DD7E48BF-3FFF-4584-A3EF-4C3B671FF3E4",
"versionEndExcluding": "15.006.30355",
"versionStartIncluding": "15.000.0000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "AEAD8344-7386-4468-BD13-F3220B6EBA48",
"versionEndIncluding": "17.011.30066",
"versionStartIncluding": "17.000.0000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "4A939794-0D67-400D-AF40-5B09A747DA3B",
"versionEndExcluding": "17.012.20098",
"versionStartIncluding": "17.000.0000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "84C9A908-2F15-4B64-9627-32029DC93DCD",
"versionEndExcluding": "15.006.30355",
"versionStartIncluding": "15.000.0000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "28BC5560-D81A-4B5F-B38A-5BA6000E2586",
"versionEndExcluding": "17.011.30066",
"versionStartIncluding": "17.000.0000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "ADB953D4-4A78-4D43-BAD9-72BC7F3DF8D8",
"versionEndExcluding": "17.012.20098",
"versionStartIncluding": "17.000.0000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F6E71815-C6E4-465F-B484-C8C87543DEDC",
"versionEndExcluding": "11.0.21",
"versionStartIncluding": "11.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the MakeAccessible plugin when parsing TrueType font data. Successful exploitation could lead to arbitrary code execution."
},
{
"lang": "es",
"value": "Adobe Acrobat Reader 2017.009.20058 y anteriores, 2017.008.30051 y anteriores, 2015.006.30306 y anteriores, y 11.0.20 y anteriores tiene una vulnerabilidad de corrupci\u00f3n de memoria en el plugin MakeAccesible cuando parsea datos de fuentes TrueType. La explotaci\u00f3n con \u00e9xito de esta vulnerabilidad podr\u00eda permitir la ejecuci\u00f3n arbitraria de c\u00f3digo."
}
],
"id": "CVE-2017-3116",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-08-11T19:29:02.570",
"references": [
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/100179"
},
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039098"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/100179"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039098"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-10-21 17:59
Modified
2025-04-12 10:46
Severity ?
Summary
Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, CVE-2016-7019, CVE-2016-7853, and CVE-2016-7854.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | mac_os_x | * | |
| microsoft | windows | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CE518B7B-656F-42F8-BF38-F74B8D9CF5DE",
"versionEndIncluding": "11.0.17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "56758CE4-B394-41C2-9EF9-A00022DA7257",
"versionEndIncluding": "15.006.30201",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "B3F34EB4-2203-4BA8-9729-C1EB2DEEC334",
"versionEndIncluding": "15.017.20053",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "08EAC1A2-56CE-4375-822A-9B8C43758654",
"versionEndIncluding": "15.006.30201",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "747D8222-B077-49A3-83EB-A210CAF0D094",
"versionEndIncluding": "15.017.20053",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0A07526D-9AD0-4778-B9DC-57815F9F450F",
"versionEndIncluding": "11.0.17",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, CVE-2016-7019, CVE-2016-7853, and CVE-2016-7854."
},
{
"lang": "es",
"value": "Adobe Reader y Acrobat en versiones anteriores a 11.0.18, Acrobat y Acrobat Reader DC Classic en versiones anteriores a 15.006.30243 y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 15.020.20039 en Windows y OS X permiten a atacantes ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, CVE-2016-7019, CVE-2016-7853 y CVE-2016-7854."
}
],
"id": "CVE-2016-7852",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-10-21T17:59:01.637",
"references": [
{
"source": "psirt@adobe.com",
"url": "http://www.securityfocus.com/bid/93496"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/93496"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-08-11 19:29
Modified
2025-04-20 01:37
Severity ?
Summary
Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the Product Representation Compact (PRC) engine. Successful exploitation could lead to arbitrary code execution.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| psirt@adobe.com | http://www.securityfocus.com/bid/100179 | Third Party Advisory, VDB Entry | |
| psirt@adobe.com | http://www.securitytracker.com/id/1039098 | Third Party Advisory, VDB Entry | |
| psirt@adobe.com | https://helpx.adobe.com/security/products/acrobat/apsb17-24.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/100179 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1039098 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://helpx.adobe.com/security/products/acrobat/apsb17-24.html | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| adobe | acrobat | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * | |
| apple | mac_os_x | * | |
| microsoft | windows | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A30D9514-FE2E-4A9C-9500-16890F53E970",
"versionEndIncluding": "11.0.20",
"versionStartIncluding": "11.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7C9B6745-48B3-47D5-B624-3321E9058FB6",
"versionEndIncluding": "17.011.30066",
"versionStartIncluding": "17.011.00000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "99D08096-DEEA-4409-835A-68479002FF0F",
"versionEndIncluding": "15.006.30306",
"versionStartIncluding": "15.006.30060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "C7A7FA12-9250-4E26-87AE-D5413A1B7D83",
"versionEndIncluding": "17.009.20058",
"versionStartIncluding": "15.007.20033",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "11A0E83A-9D77-4A0B-90DE-386D21D54146",
"versionEndIncluding": "17.011.30066",
"versionStartIncluding": "17.011.00000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "0E4BAFB4-C5F3-4033-9876-AC3CF37206F8",
"versionEndIncluding": "15.006.30306",
"versionStartIncluding": "15.006.30060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "7C578153-11EF-4F8D-9137-4F7AB8024D7E",
"versionEndIncluding": "17.009.20058",
"versionStartIncluding": "15.007.20033",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1F87CC97-6ED7-4AF1-B7B7-F89EA09A68DB",
"versionEndIncluding": "11.0.20",
"versionStartIncluding": "11.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the Product Representation Compact (PRC) engine. Successful exploitation could lead to arbitrary code execution."
},
{
"lang": "es",
"value": "Adobe Acrobat Reader 2017.009.20058 y anteriores, 2017.008.30051 y anteriores, 2015.006.30306 y anteriores, y 11.0.20 y anteriores tiene una vulnerabilidad de corrupci\u00f3n de memoria en el motor Product Representation Compact (PRC). La explotaci\u00f3n con \u00e9xito de esta vulnerabilidad podr\u00eda permitir la ejecuci\u00f3n arbitraria de c\u00f3digo."
}
],
"id": "CVE-2017-11222",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-08-11T19:29:00.553",
"references": [
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/100179"
},
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039098"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/100179"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039098"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-04-12 14:59
Modified
2025-04-20 01:37
Severity ?
Summary
Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable heap overflow vulnerability in the image conversion engine, related to internal tile manipulation in TIFF files. Successful exploitation could lead to arbitrary code execution.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| psirt@adobe.com | http://www.securityfocus.com/bid/97549 | Third Party Advisory, VDB Entry | |
| psirt@adobe.com | http://www.securitytracker.com/id/1038228 | ||
| psirt@adobe.com | https://helpx.adobe.com/security/products/acrobat/apsb17-11.html | Vendor Advisory | |
| nvd@nist.gov | http://www.zerodayinitiative.com/advisories/ZDI-17-273/ | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/97549 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1038228 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://helpx.adobe.com/security/products/acrobat/apsb17-11.html | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * | |
| apple | mac_os_x | * | |
| microsoft | windows | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "920C2C98-5D86-4436-BEFF-54D9A41D43C8",
"versionEndIncluding": "11.0.19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "E065F497-3396-4F95-B19F-35628C8AA570",
"versionEndIncluding": "15.006.30280",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "FAC7EE17-469A-45D6-94B1-7C84E8727A06",
"versionEndIncluding": "15.023.20070",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "EF2B91EA-41D3-4054-958C-5F174D2ADDF0",
"versionEndIncluding": "15.006.30280",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "2E18E48C-BDDD-4A01-91F1-C233D53C0978",
"versionEndIncluding": "15.023.20070",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E65E415E-1C3C-472E-9750-3295B65CC6F0",
"versionEndIncluding": "11.0.19",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable heap overflow vulnerability in the image conversion engine, related to internal tile manipulation in TIFF files. Successful exploitation could lead to arbitrary code execution."
},
{
"lang": "es",
"value": "Las versiones de Adobe Acrobat Reader 11.0.19 y anteriores, 15.006.30280 y anteriores, 15.023.20070 y anteriores tienen una vulnerabilidad explotable de desbordamiento de mont\u00f3n en el motor de conversi\u00f3n de im\u00e1genes, relacionado con la manipulaci\u00f3n interna de mosaicos en archivos TIFF. Una explotaci\u00f3n exitosa podr\u00eda conducir a la ejecuci\u00f3n arbitraria de c\u00f3digo."
}
],
"id": "CVE-2017-3049",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-04-12T14:59:02.780",
"references": [
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/97549"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1038228"
},
{
"source": "psirt@adobe.com",
"tags": [
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
},
{
"source": "nvd@nist.gov",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-17-273/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/97549"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1038228"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-08-11 19:29
Modified
2025-04-20 01:37
Severity ?
Summary
Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conversion engine when processing Enhanced Metafile Format (EMF) image stream data. Successful exploitation could lead to arbitrary code execution.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| psirt@adobe.com | http://www.securityfocus.com/bid/100179 | Third Party Advisory, VDB Entry | |
| psirt@adobe.com | http://www.securitytracker.com/id/1039098 | Third Party Advisory, VDB Entry | |
| psirt@adobe.com | https://helpx.adobe.com/security/products/acrobat/apsb17-24.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/100179 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1039098 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://helpx.adobe.com/security/products/acrobat/apsb17-24.html | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| adobe | acrobat | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * | |
| apple | mac_os_x | * | |
| microsoft | windows | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A30D9514-FE2E-4A9C-9500-16890F53E970",
"versionEndIncluding": "11.0.20",
"versionStartIncluding": "11.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7C9B6745-48B3-47D5-B624-3321E9058FB6",
"versionEndIncluding": "17.011.30066",
"versionStartIncluding": "17.011.00000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "99D08096-DEEA-4409-835A-68479002FF0F",
"versionEndIncluding": "15.006.30306",
"versionStartIncluding": "15.006.30060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "C7A7FA12-9250-4E26-87AE-D5413A1B7D83",
"versionEndIncluding": "17.009.20058",
"versionStartIncluding": "15.007.20033",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "11A0E83A-9D77-4A0B-90DE-386D21D54146",
"versionEndIncluding": "17.011.30066",
"versionStartIncluding": "17.011.00000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "0E4BAFB4-C5F3-4033-9876-AC3CF37206F8",
"versionEndIncluding": "15.006.30306",
"versionStartIncluding": "15.006.30060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "7C578153-11EF-4F8D-9137-4F7AB8024D7E",
"versionEndIncluding": "17.009.20058",
"versionStartIncluding": "15.007.20033",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1F87CC97-6ED7-4AF1-B7B7-F89EA09A68DB",
"versionEndIncluding": "11.0.20",
"versionStartIncluding": "11.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conversion engine when processing Enhanced Metafile Format (EMF) image stream data. Successful exploitation could lead to arbitrary code execution."
},
{
"lang": "es",
"value": "Adobe Acrobat Reader 2017.009.20058 y anteriores, 2017.008.30051 y anteriores, 2015.006.30306 y anteriores, y 11.0.20 y anteriores tiene una vulnerabilidad de corrupci\u00f3n de memoria en el motor de conversi\u00f3n de imagen cuando procesa datos de secuencia de imagen Enhanced Metafile Format (EMF). La explotaci\u00f3n con \u00e9xito de esta vulnerabilidad podr\u00eda permitir la ejecuci\u00f3n arbitraria de c\u00f3digo."
}
],
"id": "CVE-2017-11269",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-08-11T19:29:01.837",
"references": [
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/100179"
},
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039098"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/100179"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039098"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-04-12 14:59
Modified
2025-04-20 01:37
Severity ?
Summary
Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an insecure library loading (DLL hijacking) vulnerability in the OCR plugin.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| psirt@adobe.com | http://www.securityfocus.com/bid/97547 | Third Party Advisory, Vendor Advisory | |
| psirt@adobe.com | http://www.securitytracker.com/id/1038228 | ||
| psirt@adobe.com | https://helpx.adobe.com/security/products/acrobat/apsb17-11.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/97547 | Third Party Advisory, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1038228 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://helpx.adobe.com/security/products/acrobat/apsb17-11.html | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * | |
| apple | mac_os_x | * | |
| microsoft | windows | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "920C2C98-5D86-4436-BEFF-54D9A41D43C8",
"versionEndIncluding": "11.0.19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "E065F497-3396-4F95-B19F-35628C8AA570",
"versionEndIncluding": "15.006.30280",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "FAC7EE17-469A-45D6-94B1-7C84E8727A06",
"versionEndIncluding": "15.023.20070",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "EF2B91EA-41D3-4054-958C-5F174D2ADDF0",
"versionEndIncluding": "15.006.30280",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "2E18E48C-BDDD-4A01-91F1-C233D53C0978",
"versionEndIncluding": "15.023.20070",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E65E415E-1C3C-472E-9750-3295B65CC6F0",
"versionEndIncluding": "11.0.19",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an insecure library loading (DLL hijacking) vulnerability in the OCR plugin."
},
{
"lang": "es",
"value": "Las versiones de Adobe Acrobat Reader 11.0.19 y anteriores, 15.006.30280 y anteriores, 15.023.20070 y anteriores tienen una vulnerabilidad de carga de la biblioteca insegura (secuestro de DLL) en el complemento de OCR."
}
],
"id": "CVE-2017-3012",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-04-12T14:59:01.657",
"references": [
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/97547"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1038228"
},
{
"source": "psirt@adobe.com",
"tags": [
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/97547"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1038228"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-427"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-10-13 19:59
Modified
2025-04-12 10:46
Severity ?
Summary
Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1089, CVE-2016-1091, CVE-2016-6944, CVE-2016-6945, CVE-2016-6946, CVE-2016-6949, CVE-2016-6952, CVE-2016-6953, CVE-2016-6961, CVE-2016-6962, CVE-2016-6963, CVE-2016-6964, CVE-2016-6965, CVE-2016-6967, CVE-2016-6968, CVE-2016-6971, CVE-2016-6979, CVE-2016-6988, and CVE-2016-6993.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | mac_os_x | * | |
| microsoft | windows | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CE518B7B-656F-42F8-BF38-F74B8D9CF5DE",
"versionEndIncluding": "11.0.17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "56758CE4-B394-41C2-9EF9-A00022DA7257",
"versionEndIncluding": "15.006.30201",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "B3F34EB4-2203-4BA8-9729-C1EB2DEEC334",
"versionEndIncluding": "15.017.20053",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "08EAC1A2-56CE-4375-822A-9B8C43758654",
"versionEndIncluding": "15.006.30201",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "747D8222-B077-49A3-83EB-A210CAF0D094",
"versionEndIncluding": "15.017.20053",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0A07526D-9AD0-4778-B9DC-57815F9F450F",
"versionEndIncluding": "11.0.17",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1089, CVE-2016-1091, CVE-2016-6944, CVE-2016-6945, CVE-2016-6946, CVE-2016-6949, CVE-2016-6952, CVE-2016-6953, CVE-2016-6961, CVE-2016-6962, CVE-2016-6963, CVE-2016-6964, CVE-2016-6965, CVE-2016-6967, CVE-2016-6968, CVE-2016-6971, CVE-2016-6979, CVE-2016-6988, and CVE-2016-6993."
},
{
"lang": "es",
"value": "Vulnerabilidad de uso despu\u00e9s de liberaci\u00f3n de memoria en Adobe Reader y Acrobat en versiones anteriores a 11.0.18, Acrobat y Acrobat Reader DC Classic en versiones anteriores a 15.006.30243 y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 15.020.20039 en Windows y OS X permite a atacantes ejecutar c\u00f3digo arbitrario a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-1089, CVE-2016-1091, CVE-2016-6944, CVE-2016-6945, CVE-2016-6946, CVE-2016-6949, CVE-2016-6952, CVE-2016-6953, CVE-2016-6961, CVE-2016-6962, CVE-2016-6963, CVE-2016-6964, CVE-2016-6965, CVE-2016-6967, CVE-2016-6968, CVE-2016-6971, CVE-2016-6979, CVE-2016-6988 y CVE-2016-6993."
}
],
"id": "CVE-2016-6969",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-10-13T19:59:41.097",
"references": [
{
"source": "psirt@adobe.com",
"url": "http://www.securityfocus.com/bid/93491"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/93491"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-416"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-10-13 20:01
Modified
2025-04-12 10:46
Severity ?
Summary
Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, and CVE-2016-7019.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | mac_os_x | * | |
| microsoft | windows | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CE518B7B-656F-42F8-BF38-F74B8D9CF5DE",
"versionEndIncluding": "11.0.17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "56758CE4-B394-41C2-9EF9-A00022DA7257",
"versionEndIncluding": "15.006.30201",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "B3F34EB4-2203-4BA8-9729-C1EB2DEEC334",
"versionEndIncluding": "15.017.20053",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "08EAC1A2-56CE-4375-822A-9B8C43758654",
"versionEndIncluding": "15.006.30201",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "747D8222-B077-49A3-83EB-A210CAF0D094",
"versionEndIncluding": "15.017.20053",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0A07526D-9AD0-4778-B9DC-57815F9F450F",
"versionEndIncluding": "11.0.17",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, and CVE-2016-7019."
},
{
"lang": "es",
"value": "Adobe Reader y Acrobat en versiones anteriores a 11.0.18, Acrobat y Acrobat Reader DC Classic en versiones anteriores a 15.006.30243 y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 15.020.20039 en Windows y OS X permiten a atacantes ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017 y CVE-2016-7019."
}
],
"id": "CVE-2016-7018",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-10-13T20:01:00.920",
"references": [
{
"source": "psirt@adobe.com",
"url": "http://www.securityfocus.com/bid/93496"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/93496"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2012-01-19 19:55
Modified
2025-04-11 00:51
Severity ?
Summary
Integer overflow in Adobe Reader 9.x before 9.4.6 on Linux allows attackers to execute arbitrary code via unspecified vectors.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B3F19177-8A7D-4F6E-8A32-6755EC663F8F",
"versionEndIncluding": "8.3",
"versionStartIncluding": "8.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "44E30DE7-C2CC-4385-AE4E-AAAE18377247",
"versionEndIncluding": "10.1",
"versionStartIncluding": "10.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*",
"matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "03739EC9-1D5F-4266-80B8-CCFDACEFF66E",
"versionEndIncluding": "9.4.5",
"versionStartIncluding": "9.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*",
"matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:opengroup:unix:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6A90CB3A-9BE7-475C-9E75-6ECAD2106302",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5EB6F9A2-7C8D-444A-8BEC-38C24B2A5A67",
"versionEndIncluding": "8.3",
"versionStartIncluding": "8.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CBEF2479-2117-4AF7-8D8E-FBAAE6E9980F",
"versionEndIncluding": "9.4.5",
"versionStartIncluding": "9.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B1B46090-9C68-4394-8286-45C47320DB6C",
"versionEndIncluding": "10.1",
"versionStartIncluding": "10.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*",
"matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Integer overflow in Adobe Reader 9.x before 9.4.6 on Linux allows attackers to execute arbitrary code via unspecified vectors."
},
{
"lang": "es",
"value": "Desbordamiento de entero en Adobe Reader v9.x antes de v9.4.6 en Linux permite a los atacantes ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de vectores no especificados."
}
],
"id": "CVE-2011-4374",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2012-01-19T19:55:01.287",
"references": [
{
"source": "psirt@adobe.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.adobe.com/support/security/bulletins/apsb11-24.html"
},
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14812"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.adobe.com/support/security/bulletins/apsb11-24.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14812"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-190"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-01-11 04:59
Modified
2025-04-20 01:37
Severity ?
Summary
Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable heap overflow vulnerability in the image conversion engine related to parsing malformed TIFF segments. Successful exploitation could lead to arbitrary code execution.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * | |
| apple | mac_os_x | * | |
| microsoft | windows | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "591061D5-5A3B-4788-9219-E6A267C7F205",
"versionEndIncluding": "11.0.18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "2DA73DF1-D517-4D01-A901-11C6A410F3F7",
"versionEndIncluding": "15.006.30244",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "1044057B-3C1D-4920-B16E-11E8F43B416D",
"versionEndIncluding": "15.020.20042",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "65AE21B3-AF0D-480B-9D1A-4D64D2F749D2",
"versionEndIncluding": "15.006.30244",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "C032D3A4-80F5-4066-97DC-3AED72D6C15A",
"versionEndIncluding": "15.020.20042",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8D7F2E90-F6DF-41A3-A1DB-26058BEA2A02",
"versionEndIncluding": "11.0.18",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable heap overflow vulnerability in the image conversion engine related to parsing malformed TIFF segments. Successful exploitation could lead to arbitrary code execution."
},
{
"lang": "es",
"value": "Las versiones de Adobe Acrobat Reader 15.020.20042 y anteriores, 15.006.30244 y anteriores, 11.0.18 y anteriores tienen una vulnerabilidad de desbordamiento de memoria din\u00e1mica explotable en el motor de conversi\u00f3n de im\u00e1genes relacionado con el an\u00e1lisis de segmentos TIFF mal formados. Una explotaci\u00f3n satisfactoria podr\u00eda conducir a la ejecuci\u00f3n de c\u00f3digo arbitrario."
}
],
"id": "CVE-2017-2966",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-01-11T04:59:02.197",
"references": [
{
"source": "psirt@adobe.com",
"url": "http://www.securityfocus.com/bid/95344"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1037574"
},
{
"source": "psirt@adobe.com",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-17-030"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/95344"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1037574"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-17-030"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-08-11 19:29
Modified
2025-04-20 01:37
Severity ?
Summary
Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable use after free vulnerability in Acrobat/Reader rendering engine. Successful exploitation could lead to arbitrary code execution.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| psirt@adobe.com | http://www.securityfocus.com/bid/100182 | Third Party Advisory, VDB Entry | |
| psirt@adobe.com | http://www.securitytracker.com/id/1039098 | Third Party Advisory, VDB Entry | |
| psirt@adobe.com | https://helpx.adobe.com/security/products/acrobat/apsb17-24.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/100182 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1039098 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://helpx.adobe.com/security/products/acrobat/apsb17-24.html | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| adobe | acrobat | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * | |
| apple | mac_os_x | * | |
| microsoft | windows | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A30D9514-FE2E-4A9C-9500-16890F53E970",
"versionEndIncluding": "11.0.20",
"versionStartIncluding": "11.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7C9B6745-48B3-47D5-B624-3321E9058FB6",
"versionEndIncluding": "17.011.30066",
"versionStartIncluding": "17.011.00000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "99D08096-DEEA-4409-835A-68479002FF0F",
"versionEndIncluding": "15.006.30306",
"versionStartIncluding": "15.006.30060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "EF760070-8BFE-49B0-9AFE-082F8D1A7ECA",
"versionEndIncluding": "17.009.20058",
"versionStartIncluding": "15.008.20082",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "11A0E83A-9D77-4A0B-90DE-386D21D54146",
"versionEndIncluding": "17.011.30066",
"versionStartIncluding": "17.011.00000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "0E4BAFB4-C5F3-4033-9876-AC3CF37206F8",
"versionEndIncluding": "15.006.30306",
"versionStartIncluding": "15.006.30060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "EDE53AA2-7D0D-44B2-897F-EA22196D9037",
"versionEndIncluding": "17.009.20058",
"versionStartIncluding": "15.008.20082",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1F87CC97-6ED7-4AF1-B7B7-F89EA09A68DB",
"versionEndIncluding": "11.0.20",
"versionStartIncluding": "11.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable use after free vulnerability in Acrobat/Reader rendering engine. Successful exploitation could lead to arbitrary code execution."
},
{
"lang": "es",
"value": "Adobe Acrobat Reader 2017.009.20058 y anteriores, 2017.008.30051 y anteriores, 2015.006.30306 y anteriores, y 11.0.20 y anteriores tiene una vulnerabilidad de uso de memoria antes de liberaci\u00f3n (use after free) en el motor de renderizado Acrobat/Reader. La explotaci\u00f3n con \u00e9xito de esta vulnerabilidad podr\u00eda permitir la ejecuci\u00f3n arbitraria de c\u00f3digo."
}
],
"id": "CVE-2017-11231",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-08-11T19:29:00.820",
"references": [
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/100182"
},
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039098"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/100182"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039098"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-416"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-10-13 20:00
Modified
2025-04-12 10:46
Severity ?
Summary
Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | mac_os_x | * | |
| microsoft | windows | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CE518B7B-656F-42F8-BF38-F74B8D9CF5DE",
"versionEndIncluding": "11.0.17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "56758CE4-B394-41C2-9EF9-A00022DA7257",
"versionEndIncluding": "15.006.30201",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "B3F34EB4-2203-4BA8-9729-C1EB2DEEC334",
"versionEndIncluding": "15.017.20053",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "08EAC1A2-56CE-4375-822A-9B8C43758654",
"versionEndIncluding": "15.006.30201",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "747D8222-B077-49A3-83EB-A210CAF0D094",
"versionEndIncluding": "15.017.20053",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0A07526D-9AD0-4778-B9DC-57815F9F450F",
"versionEndIncluding": "11.0.17",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019."
},
{
"lang": "es",
"value": "Adobe Reader y Acrobat en versiones anteriores a 11.0.18, Acrobat y Acrobat Reader DC Classic en versiones anteriores a 15.006.30243 y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 15.020.20039 en Windows y OS X permiten a atacantes ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018 y CVE-2016-7019."
}
],
"id": "CVE-2016-7002",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-10-13T20:00:34.447",
"references": [
{
"source": "psirt@adobe.com",
"url": "http://www.securityfocus.com/bid/93496"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/93496"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-05-11 10:59
Modified
2025-04-12 10:46
Severity ?
Summary
Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | mac_os_x | * | |
| microsoft | windows | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3A70458C-0416-49BD-A371-1CFA85DC6A13",
"versionEndIncluding": "11.0.15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "E91D5928-1453-4359-9F35-46D9A3A9CD91",
"versionEndIncluding": "15.006.30121",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "504D35C5-04CB-4FBD-B9FD-4CBA71A5EC1A",
"versionEndIncluding": "15.010.20060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "A63411C3-E8AE-415D-B1B6-1EA6AA20494A",
"versionEndIncluding": "15.006.30121",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "B33BAE59-1F77-4F21-A5C0-B5D9D1D67F1E",
"versionEndIncluding": "15.010.20060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "15C60A67-A7DE-4B57-BC2B-28D9B546DA3B",
"versionEndIncluding": "11.0.15",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105."
},
{
"lang": "es",
"value": "Adobe Reader y Acrobat en versiones anteriores a 11.0.16, Acrobat y Acrobat Reader DC Classic en versiones anteriores a 15.006.30172 y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 15.016.20039 sobre Windows y OS X permiten a atacantes ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104 y CVE-2016-4105."
}
],
"id": "CVE-2016-1073",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-05-11T10:59:41.957",
"references": [
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"source": "psirt@adobe.com",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-321"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-321"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-05-11 11:01
Modified
2025-04-12 10:46
Severity ?
Summary
Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1045, CVE-2016-1046, CVE-2016-1047, CVE-2016-1048, CVE-2016-1049, CVE-2016-1050, CVE-2016-1051, CVE-2016-1052, CVE-2016-1053, CVE-2016-1054, CVE-2016-1055, CVE-2016-1056, CVE-2016-1057, CVE-2016-1058, CVE-2016-1059, CVE-2016-1060, CVE-2016-1061, CVE-2016-1065, CVE-2016-1066, CVE-2016-1067, CVE-2016-1068, CVE-2016-1069, CVE-2016-1070, CVE-2016-1075, CVE-2016-1094, CVE-2016-1121, CVE-2016-1122, and CVE-2016-4102.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| psirt@adobe.com | http://www.securityfocus.com/bid/90512 | Third Party Advisory, VDB Entry | |
| psirt@adobe.com | http://www.securitytracker.com/id/1035828 | Third Party Advisory, VDB Entry | |
| psirt@adobe.com | https://helpx.adobe.com/security/products/acrobat/apsb16-14.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/90512 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1035828 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://helpx.adobe.com/security/products/acrobat/apsb16-14.html | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | mac_os_x | * | |
| microsoft | windows | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3A70458C-0416-49BD-A371-1CFA85DC6A13",
"versionEndIncluding": "11.0.15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "E91D5928-1453-4359-9F35-46D9A3A9CD91",
"versionEndIncluding": "15.006.30121",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "504D35C5-04CB-4FBD-B9FD-4CBA71A5EC1A",
"versionEndIncluding": "15.010.20060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "A63411C3-E8AE-415D-B1B6-1EA6AA20494A",
"versionEndIncluding": "15.006.30121",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "B33BAE59-1F77-4F21-A5C0-B5D9D1D67F1E",
"versionEndIncluding": "15.010.20060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "15C60A67-A7DE-4B57-BC2B-28D9B546DA3B",
"versionEndIncluding": "11.0.15",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1045, CVE-2016-1046, CVE-2016-1047, CVE-2016-1048, CVE-2016-1049, CVE-2016-1050, CVE-2016-1051, CVE-2016-1052, CVE-2016-1053, CVE-2016-1054, CVE-2016-1055, CVE-2016-1056, CVE-2016-1057, CVE-2016-1058, CVE-2016-1059, CVE-2016-1060, CVE-2016-1061, CVE-2016-1065, CVE-2016-1066, CVE-2016-1067, CVE-2016-1068, CVE-2016-1069, CVE-2016-1070, CVE-2016-1075, CVE-2016-1094, CVE-2016-1121, CVE-2016-1122, and CVE-2016-4102."
},
{
"lang": "es",
"value": "Vulnerabilidad de uso despu\u00e9s de liberaci\u00f3n de memoria en Adobe Reader y Acrobat en versiones anteriores a 11.0.16, Acrobat y Acrobat Reader DC Classic en versiones anteriores a 15.006.30172 y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 15.016.20039 sobre Windows y OS X permite a atacantes ejecutar c\u00f3digo arbitrario a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-1045, CVE-2016-1046, CVE-2016-1047, CVE-2016-1048, CVE-2016-1049, CVE-2016-1050, CVE-2016-1051, CVE-2016-1052, CVE-2016-1053, CVE-2016-1054, CVE-2016-1055, CVE-2016-1056, CVE-2016-1057, CVE-2016-1058, CVE-2016-1059, CVE-2016-1060, CVE-2016-1061, CVE-2016-1065, CVE-2016-1066, CVE-2016-1067, CVE-2016-1068, CVE-2016-1069, CVE-2016-1070, CVE-2016-1075, CVE-2016-1094, CVE-2016-1121, CVE-2016-1122 y CVE-2016-4102."
}
],
"evaluatorComment": "\u003ca href=\"http://cwe.mitre.org/data/definitions/416.html\"\u003eCWE-416: Use After Free\u003c/a\u003e",
"id": "CVE-2016-4107",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-05-11T11:01:00.373",
"references": [
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/90512"
},
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1035828"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/90512"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1035828"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-05-11 11:00
Modified
2025-04-12 10:46
Severity ?
Summary
Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | mac_os_x | * | |
| microsoft | windows | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3A70458C-0416-49BD-A371-1CFA85DC6A13",
"versionEndIncluding": "11.0.15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "E91D5928-1453-4359-9F35-46D9A3A9CD91",
"versionEndIncluding": "15.006.30121",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "504D35C5-04CB-4FBD-B9FD-4CBA71A5EC1A",
"versionEndIncluding": "15.010.20060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "A63411C3-E8AE-415D-B1B6-1EA6AA20494A",
"versionEndIncluding": "15.006.30121",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "B33BAE59-1F77-4F21-A5C0-B5D9D1D67F1E",
"versionEndIncluding": "15.010.20060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "15C60A67-A7DE-4B57-BC2B-28D9B546DA3B",
"versionEndIncluding": "11.0.15",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105."
},
{
"lang": "es",
"value": "Adobe Reader y Acrobat en versiones anteriores a 11.0.16, Acrobat y Acrobat Reader DC Classic en versiones anteriores a 15.006.30172 y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 15.016.20039 sobre Windows y OS X permiten a atacantes ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104 y CVE-2016-4105."
}
],
"id": "CVE-2016-1130",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-05-11T11:00:39.343",
"references": [
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-08-11 19:29
Modified
2025-04-20 01:37
Severity ?
Summary
Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conversion engine when processing Enhanced Metafile Format (EMF) data drawing position definition. Successful exploitation could lead to arbitrary code execution.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| psirt@adobe.com | http://www.securityfocus.com/bid/100179 | Third Party Advisory, VDB Entry | |
| psirt@adobe.com | http://www.securitytracker.com/id/1039098 | Third Party Advisory, VDB Entry | |
| psirt@adobe.com | https://helpx.adobe.com/security/products/acrobat/apsb17-24.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/100179 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1039098 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://helpx.adobe.com/security/products/acrobat/apsb17-24.html | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * | |
| apple | mac_os_x | * | |
| microsoft | windows | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "841C1E2E-489F-452C-9512-C4976F7951ED",
"versionEndExcluding": "11.0.21",
"versionStartIncluding": "11.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "DD7E48BF-3FFF-4584-A3EF-4C3B671FF3E4",
"versionEndExcluding": "15.006.30355",
"versionStartIncluding": "15.000.0000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "AEAD8344-7386-4468-BD13-F3220B6EBA48",
"versionEndIncluding": "17.011.30066",
"versionStartIncluding": "17.000.0000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "4A939794-0D67-400D-AF40-5B09A747DA3B",
"versionEndExcluding": "17.012.20098",
"versionStartIncluding": "17.000.0000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "84C9A908-2F15-4B64-9627-32029DC93DCD",
"versionEndExcluding": "15.006.30355",
"versionStartIncluding": "15.000.0000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "28BC5560-D81A-4B5F-B38A-5BA6000E2586",
"versionEndExcluding": "17.011.30066",
"versionStartIncluding": "17.000.0000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "ADB953D4-4A78-4D43-BAD9-72BC7F3DF8D8",
"versionEndExcluding": "17.012.20098",
"versionStartIncluding": "17.000.0000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F6E71815-C6E4-465F-B484-C8C87543DEDC",
"versionEndExcluding": "11.0.21",
"versionStartIncluding": "11.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conversion engine when processing Enhanced Metafile Format (EMF) data drawing position definition. Successful exploitation could lead to arbitrary code execution."
},
{
"lang": "es",
"value": "Adobe Acrobat Reader 2017.009.20058 y anteriores, 2017.008.30051 y anteriores, 2015.006.30306 y anteriores, y 11.0.20 y anteriores tiene una vulnerabilidad de corrupci\u00f3n de memoria en el motor de conversi\u00f3n de imagen cuando procesa datos de definici\u00f3n de posici\u00f3n de dibujo Enhanced Metafile Format (EMF). La explotaci\u00f3n con \u00e9xito de esta vulnerabilidad podr\u00eda permitir la ejecuci\u00f3n arbitraria de c\u00f3digo."
}
],
"id": "CVE-2017-3123",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-08-11T19:29:02.883",
"references": [
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/100179"
},
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039098"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/100179"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039098"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-01-11 04:59
Modified
2025-04-20 01:37
Severity ?
Summary
Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable use after free vulnerability in the JavaScript engine, related to collaboration functionality. Successful exploitation could lead to arbitrary code execution.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * | |
| apple | mac_os_x | * | |
| microsoft | windows | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "591061D5-5A3B-4788-9219-E6A267C7F205",
"versionEndIncluding": "11.0.18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "2DA73DF1-D517-4D01-A901-11C6A410F3F7",
"versionEndIncluding": "15.006.30244",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "1044057B-3C1D-4920-B16E-11E8F43B416D",
"versionEndIncluding": "15.020.20042",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "65AE21B3-AF0D-480B-9D1A-4D64D2F749D2",
"versionEndIncluding": "15.006.30244",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "C032D3A4-80F5-4066-97DC-3AED72D6C15A",
"versionEndIncluding": "15.020.20042",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8D7F2E90-F6DF-41A3-A1DB-26058BEA2A02",
"versionEndIncluding": "11.0.18",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable use after free vulnerability in the JavaScript engine, related to collaboration functionality. Successful exploitation could lead to arbitrary code execution."
},
{
"lang": "es",
"value": "Las versiones de Adobe Acrobat Reader 15.020.20042 y anteriores, 15.006.30244 y anteriores, 11.0.18 y anteriores tienen una vulnerabilidad de uso despu\u00e9s de liberaci\u00f3n de memoria explotable en el motor JavaScript, relacionado con la funcionalidad de colaboraci\u00f3n. Una explotaci\u00f3n satisfactoria podr\u00eda conducir a la ejecuci\u00f3n de c\u00f3digo arbitrario."
}
],
"id": "CVE-2017-2957",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-01-11T04:59:01.710",
"references": [
{
"source": "psirt@adobe.com",
"url": "http://www.securityfocus.com/bid/95343"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1037574"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/95343"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1037574"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-416"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-05-11 10:59
Modified
2025-04-12 10:46
Severity ?
Summary
Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1045, CVE-2016-1046, CVE-2016-1047, CVE-2016-1048, CVE-2016-1049, CVE-2016-1050, CVE-2016-1051, CVE-2016-1052, CVE-2016-1053, CVE-2016-1054, CVE-2016-1055, CVE-2016-1056, CVE-2016-1057, CVE-2016-1058, CVE-2016-1059, CVE-2016-1060, CVE-2016-1061, CVE-2016-1065, CVE-2016-1067, CVE-2016-1068, CVE-2016-1069, CVE-2016-1070, CVE-2016-1075, CVE-2016-1094, CVE-2016-1121, CVE-2016-1122, CVE-2016-4102, and CVE-2016-4107.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | mac_os_x | * | |
| microsoft | windows | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3A70458C-0416-49BD-A371-1CFA85DC6A13",
"versionEndIncluding": "11.0.15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "E91D5928-1453-4359-9F35-46D9A3A9CD91",
"versionEndIncluding": "15.006.30121",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "504D35C5-04CB-4FBD-B9FD-4CBA71A5EC1A",
"versionEndIncluding": "15.010.20060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "A63411C3-E8AE-415D-B1B6-1EA6AA20494A",
"versionEndIncluding": "15.006.30121",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "B33BAE59-1F77-4F21-A5C0-B5D9D1D67F1E",
"versionEndIncluding": "15.010.20060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "15C60A67-A7DE-4B57-BC2B-28D9B546DA3B",
"versionEndIncluding": "11.0.15",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1045, CVE-2016-1046, CVE-2016-1047, CVE-2016-1048, CVE-2016-1049, CVE-2016-1050, CVE-2016-1051, CVE-2016-1052, CVE-2016-1053, CVE-2016-1054, CVE-2016-1055, CVE-2016-1056, CVE-2016-1057, CVE-2016-1058, CVE-2016-1059, CVE-2016-1060, CVE-2016-1061, CVE-2016-1065, CVE-2016-1067, CVE-2016-1068, CVE-2016-1069, CVE-2016-1070, CVE-2016-1075, CVE-2016-1094, CVE-2016-1121, CVE-2016-1122, CVE-2016-4102, and CVE-2016-4107."
},
{
"lang": "es",
"value": "Vulnerabilidad de uso despu\u00e9s de liberaci\u00f3n de memoria en Adobe Reader y Acrobat en versiones anteriores a 11.0.16, Acrobat y Acrobat Reader DC Classic en versiones anteriores a 15.006.30172 y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 15.016.20039 sobre Windows y OS X permite a atacantes ejecutar c\u00f3digo arbitrario a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-1045, CVE-2016-1046, CVE-2016-1047, CVE-2016-1048, CVE-2016-1049, CVE-2016-1050, CVE-2016-1051, CVE-2016-1052, CVE-2016-1053, CVE-2016-1054, CVE-2016-1055, CVE-2016-1056, CVE-2016-1057, CVE-2016-1058, CVE-2016-1059, CVE-2016-1060, CVE-2016-1061, CVE-2016-1065, CVE-2016-1067, CVE-2016-1068, CVE-2016-1069, CVE-2016-1070, CVE-2016-1075, CVE-2016-1094, CVE-2016-1121, CVE-2016-1122, CVE-2016-4102 y CVE-2016-4107."
}
],
"evaluatorComment": "\u003ca href=\"http://cwe.mitre.org/data/definitions/416.html\"\u003eCWE-416: Use After Free\u003c/a\u003e",
"id": "CVE-2016-1066",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-05-11T10:59:33.580",
"references": [
{
"source": "psirt@adobe.com",
"url": "http://www.securityfocus.com/bid/90512"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"source": "psirt@adobe.com",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-313"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/90512"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-313"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-05-11 10:59
Modified
2025-04-12 10:46
Severity ?
Summary
Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | mac_os_x | * | |
| microsoft | windows | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3A70458C-0416-49BD-A371-1CFA85DC6A13",
"versionEndIncluding": "11.0.15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "E91D5928-1453-4359-9F35-46D9A3A9CD91",
"versionEndIncluding": "15.006.30121",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "504D35C5-04CB-4FBD-B9FD-4CBA71A5EC1A",
"versionEndIncluding": "15.010.20060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "A63411C3-E8AE-415D-B1B6-1EA6AA20494A",
"versionEndIncluding": "15.006.30121",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "B33BAE59-1F77-4F21-A5C0-B5D9D1D67F1E",
"versionEndIncluding": "15.010.20060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "15C60A67-A7DE-4B57-BC2B-28D9B546DA3B",
"versionEndIncluding": "11.0.15",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105."
},
{
"lang": "es",
"value": "Adobe Reader y Acrobat en versiones anteriores a 11.0.16, Acrobat y Acrobat Reader DC Classic en versiones anteriores a 15.006.30172 y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 15.016.20039 sobre Windows y OS X permiten a atacantes ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104 y CVE-2016-4105."
}
],
"id": "CVE-2016-1080",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-05-11T10:59:50.110",
"references": [
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"source": "psirt@adobe.com",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-327"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-327"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-10-13 19:59
Modified
2025-04-12 10:46
Severity ?
Summary
Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | mac_os_x | * | |
| microsoft | windows | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CE518B7B-656F-42F8-BF38-F74B8D9CF5DE",
"versionEndIncluding": "11.0.17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "56758CE4-B394-41C2-9EF9-A00022DA7257",
"versionEndIncluding": "15.006.30201",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "B3F34EB4-2203-4BA8-9729-C1EB2DEEC334",
"versionEndIncluding": "15.017.20053",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "08EAC1A2-56CE-4375-822A-9B8C43758654",
"versionEndIncluding": "15.006.30201",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "747D8222-B077-49A3-83EB-A210CAF0D094",
"versionEndIncluding": "15.017.20053",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0A07526D-9AD0-4778-B9DC-57815F9F450F",
"versionEndIncluding": "11.0.17",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019."
},
{
"lang": "es",
"value": "Adobe Reader y Acrobat en versiones anteriores a 11.0.18, Acrobat y Acrobat Reader DC Classic en versiones anteriores a 15.006.30243 y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 15.020.20039 en Windows y OS X permiten a atacantes ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018 y CVE-2016-7019."
}
],
"id": "CVE-2016-6955",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-10-13T19:59:26.003",
"references": [
{
"source": "psirt@adobe.com",
"url": "http://www.securityfocus.com/bid/93496"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/93496"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-01-11 04:59
Modified
2025-04-20 01:37
Severity ?
Summary
Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable memory corruption vulnerability when parsing crafted TIFF image files. Successful exploitation could lead to arbitrary code execution.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * | |
| apple | mac_os_x | * | |
| microsoft | windows | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "591061D5-5A3B-4788-9219-E6A267C7F205",
"versionEndIncluding": "11.0.18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "2DA73DF1-D517-4D01-A901-11C6A410F3F7",
"versionEndIncluding": "15.006.30244",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "1044057B-3C1D-4920-B16E-11E8F43B416D",
"versionEndIncluding": "15.020.20042",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "65AE21B3-AF0D-480B-9D1A-4D64D2F749D2",
"versionEndIncluding": "15.006.30244",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "C032D3A4-80F5-4066-97DC-3AED72D6C15A",
"versionEndIncluding": "15.020.20042",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8D7F2E90-F6DF-41A3-A1DB-26058BEA2A02",
"versionEndIncluding": "11.0.18",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable memory corruption vulnerability when parsing crafted TIFF image files. Successful exploitation could lead to arbitrary code execution."
},
{
"lang": "es",
"value": "Las versiones de Adobe Acrobat Reader 15.020.20042 y anteriores, 15.006.30244 y anteriores, 11.0.18 y anteriores tienen una vulnerabilidad de corrupci\u00f3n de memoria explotable al analizar archivos de imagen TIFF manipulados. Una explotaci\u00f3n satisfactoria podr\u00eda conducir a la ejecuci\u00f3n de c\u00f3digo arbitrario."
}
],
"id": "CVE-2017-2944",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-01-11T04:59:00.960",
"references": [
{
"source": "psirt@adobe.com",
"url": "http://www.securityfocus.com/bid/95345"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1037574"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/95345"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1037574"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-04-12 14:59
Modified
2025-04-20 01:37
Severity ?
Summary
Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability in the JavaScript engine. Successful exploitation could lead to arbitrary code execution.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * | |
| apple | mac_os_x | * | |
| microsoft | windows | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "920C2C98-5D86-4436-BEFF-54D9A41D43C8",
"versionEndIncluding": "11.0.19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "E065F497-3396-4F95-B19F-35628C8AA570",
"versionEndIncluding": "15.006.30280",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "FAC7EE17-469A-45D6-94B1-7C84E8727A06",
"versionEndIncluding": "15.023.20070",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "EF2B91EA-41D3-4054-958C-5F174D2ADDF0",
"versionEndIncluding": "15.006.30280",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "2E18E48C-BDDD-4A01-91F1-C233D53C0978",
"versionEndIncluding": "15.023.20070",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E65E415E-1C3C-472E-9750-3295B65CC6F0",
"versionEndIncluding": "11.0.19",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability in the JavaScript engine. Successful exploitation could lead to arbitrary code execution."
},
{
"lang": "es",
"value": "Las versiones de Adobe Acrobat Reader 11.0.19 y anteriores, 15.006.30280 y anteriores, 15.023.20070 y anteriores tienen una vulnerabilidad de corrupci\u00f3n de memoria explotable en el motor de JavaScript. Una explotaci\u00f3n exitosa podr\u00eda conducir a la ejecuci\u00f3n arbitraria de c\u00f3digo."
}
],
"id": "CVE-2017-3037",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-04-12T14:59:02.407",
"references": [
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/97556"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1038228"
},
{
"source": "psirt@adobe.com",
"tags": [
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/97556"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1038228"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-10-13 20:00
Modified
2025-04-12 10:46
Severity ?
Summary
Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | mac_os_x | * | |
| microsoft | windows | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CE518B7B-656F-42F8-BF38-F74B8D9CF5DE",
"versionEndIncluding": "11.0.17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "56758CE4-B394-41C2-9EF9-A00022DA7257",
"versionEndIncluding": "15.006.30201",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "B3F34EB4-2203-4BA8-9729-C1EB2DEEC334",
"versionEndIncluding": "15.017.20053",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "08EAC1A2-56CE-4375-822A-9B8C43758654",
"versionEndIncluding": "15.006.30201",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "747D8222-B077-49A3-83EB-A210CAF0D094",
"versionEndIncluding": "15.017.20053",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0A07526D-9AD0-4778-B9DC-57815F9F450F",
"versionEndIncluding": "11.0.17",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019."
},
{
"lang": "es",
"value": "Adobe Reader y Acrobat en versiones anteriores a 11.0.18, Acrobat y Acrobat Reader DC Classic en versiones anteriores a 15.006.30243 y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 15.020.20039 en Windows y OS X permiten a atacantes ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018 y CVE-2016-7019."
}
],
"id": "CVE-2016-6995",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-10-13T20:00:17.790",
"references": [
{
"source": "psirt@adobe.com",
"url": "http://www.securityfocus.com/bid/93496"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/93496"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-08-26 19:59
Modified
2025-04-12 10:46
Severity ?
Summary
Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4191, CVE-2016-4192, CVE-2016-4193, CVE-2016-4194, CVE-2016-4195, CVE-2016-4196, CVE-2016-4197, CVE-2016-4198, CVE-2016-4199, CVE-2016-4200, CVE-2016-4201, CVE-2016-4202, CVE-2016-4203, CVE-2016-4204, CVE-2016-4205, CVE-2016-4206, CVE-2016-4207, CVE-2016-4208, CVE-2016-4211, CVE-2016-4212, CVE-2016-4213, CVE-2016-4214, CVE-2016-4250, CVE-2016-4251, CVE-2016-4252, CVE-2016-4254, CVE-2016-4265, CVE-2016-4266, CVE-2016-4267, CVE-2016-4268, and CVE-2016-4269.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | mac_os_x | * | |
| microsoft | windows | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "48F7FCE4-6C44-45DA-B1F0-7808F497AA93",
"versionEndIncluding": "11.0.16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "3F3C7F23-77F4-4698-8E74-72917F2A83E9",
"versionEndIncluding": "15.006.30174",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "2E46BF91-F475-46CB-8575-13FE3A57BD55",
"versionEndIncluding": "15.016.20045",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "6D455EA4-9459-471D-8B4E-D7D78C1772F3",
"versionEndIncluding": "15.006.30174",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "79074ABD-9720-4298-A680-0B636FFC6151",
"versionEndIncluding": "15.016.20045",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CD2EDEC-3767-4713-ACD7-D463DAE2D273",
"versionEndIncluding": "11.0.16",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4191, CVE-2016-4192, CVE-2016-4193, CVE-2016-4194, CVE-2016-4195, CVE-2016-4196, CVE-2016-4197, CVE-2016-4198, CVE-2016-4199, CVE-2016-4200, CVE-2016-4201, CVE-2016-4202, CVE-2016-4203, CVE-2016-4204, CVE-2016-4205, CVE-2016-4206, CVE-2016-4207, CVE-2016-4208, CVE-2016-4211, CVE-2016-4212, CVE-2016-4213, CVE-2016-4214, CVE-2016-4250, CVE-2016-4251, CVE-2016-4252, CVE-2016-4254, CVE-2016-4265, CVE-2016-4266, CVE-2016-4267, CVE-2016-4268, and CVE-2016-4269."
},
{
"lang": "es",
"value": "Adobe Reader y Acrobat en versiones anteriores a 11.0.17, Acrobat y Acrobat Reader DC Classic en versiones anteriores a 15.006.30198 y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 15.017.20050 en Windows y OS X permiten a atacantes remotos ejecutar un c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-4191, CVE-2016-4192, CVE-2016-4193, CVE-2016-4194, CVE-2016-4195, CVE-2016-4196, CVE-2016-4197, CVE-2016-4198, CVE-2016-4199, CVE-2016-4200, CVE-2016-4201, CVE-2016-4202, CVE-2016-4203, CVE-2016-4204, CVE-2016-4205, CVE-2016-4206, CVE-2016-4207, CVE-2016-4208, CVE-2016-4211, CVE-2016-4212, CVE-2016-4213, CVE-2016-4214, CVE-2016-4250, CVE-2016-4251, CVE-2016-4252, CVE-2016-4254, CVE-2016-4265, CVE-2016-4266, CVE-2016-4267, CVE-2016-4268, and CVE-2016-4269."
}
],
"id": "CVE-2016-4270",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-08-26T19:59:06.867",
"references": [
{
"source": "psirt@adobe.com",
"url": "http://www.securityfocus.com/bid/92635"
},
{
"source": "psirt@adobe.com",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-493"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/92635"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-493"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-05-11 11:00
Modified
2025-04-12 10:46
Severity ?
Summary
Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | mac_os_x | * | |
| microsoft | windows | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3A70458C-0416-49BD-A371-1CFA85DC6A13",
"versionEndIncluding": "11.0.15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "E91D5928-1453-4359-9F35-46D9A3A9CD91",
"versionEndIncluding": "15.006.30121",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "504D35C5-04CB-4FBD-B9FD-4CBA71A5EC1A",
"versionEndIncluding": "15.010.20060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "A63411C3-E8AE-415D-B1B6-1EA6AA20494A",
"versionEndIncluding": "15.006.30121",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "B33BAE59-1F77-4F21-A5C0-B5D9D1D67F1E",
"versionEndIncluding": "15.010.20060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "15C60A67-A7DE-4B57-BC2B-28D9B546DA3B",
"versionEndIncluding": "11.0.15",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105."
},
{
"lang": "es",
"value": "Adobe Reader y Acrobat en versiones anteriores a 11.0.16, Acrobat y Acrobat Reader DC Classic en versiones anteriores a 15.006.30172 y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 15.016.20039 sobre Windows y OS X permiten a atacantes ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104 y CVE-2016-4105."
}
],
"id": "CVE-2016-1128",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-05-11T11:00:37.297",
"references": [
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-04-12 14:59
Modified
2025-04-20 01:37
Severity ?
Summary
Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability in the image conversion module, related to processing of TIFF files. Successful exploitation could lead to arbitrary code execution.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| psirt@adobe.com | http://www.securityfocus.com/bid/97556 | Third Party Advisory, VDB Entry | |
| psirt@adobe.com | http://www.securitytracker.com/id/1038228 | ||
| psirt@adobe.com | https://helpx.adobe.com/security/products/acrobat/apsb17-11.html | Vendor Advisory | |
| nvd@nist.gov | http://www.zerodayinitiative.com/advisories/ZDI-17-254/ | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/97556 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1038228 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://helpx.adobe.com/security/products/acrobat/apsb17-11.html | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * | |
| apple | mac_os_x | * | |
| microsoft | windows | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "920C2C98-5D86-4436-BEFF-54D9A41D43C8",
"versionEndIncluding": "11.0.19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "E065F497-3396-4F95-B19F-35628C8AA570",
"versionEndIncluding": "15.006.30280",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "FAC7EE17-469A-45D6-94B1-7C84E8727A06",
"versionEndIncluding": "15.023.20070",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "EF2B91EA-41D3-4054-958C-5F174D2ADDF0",
"versionEndIncluding": "15.006.30280",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "2E18E48C-BDDD-4A01-91F1-C233D53C0978",
"versionEndIncluding": "15.023.20070",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E65E415E-1C3C-472E-9750-3295B65CC6F0",
"versionEndIncluding": "11.0.19",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability in the image conversion module, related to processing of TIFF files. Successful exploitation could lead to arbitrary code execution."
},
{
"lang": "es",
"value": "Las versiones de Adobe Acrobat Reader 11.0.19 y anteriores, 15.006.30280 y anteriores, 15.023.20070 y anteriores tienen una vulnerabilidad de corrupci\u00f3n de memoria explotable en el m\u00f3dulo de conversi\u00f3n de im\u00e1genes, relacionada con el procesamiento de archivos TIFF. Una explotaci\u00f3n exitosa podr\u00eda conducir a la ejecuci\u00f3n arbitraria de c\u00f3digo."
}
],
"id": "CVE-2017-3028",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-04-12T14:59:02.123",
"references": [
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/97556"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1038228"
},
{
"source": "psirt@adobe.com",
"tags": [
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
},
{
"source": "nvd@nist.gov",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-17-254/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/97556"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1038228"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-05-11 10:59
Modified
2025-04-12 10:46
Severity ?
Summary
Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to bypass JavaScript API execution restrictions via unspecified vectors, a different vulnerability than CVE-2016-1038, CVE-2016-1039, CVE-2016-1040, CVE-2016-1042, CVE-2016-1044, CVE-2016-1062, and CVE-2016-1117.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | mac_os_x | * | |
| microsoft | windows | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3A70458C-0416-49BD-A371-1CFA85DC6A13",
"versionEndIncluding": "11.0.15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "E91D5928-1453-4359-9F35-46D9A3A9CD91",
"versionEndIncluding": "15.006.30121",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "504D35C5-04CB-4FBD-B9FD-4CBA71A5EC1A",
"versionEndIncluding": "15.010.20060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "A63411C3-E8AE-415D-B1B6-1EA6AA20494A",
"versionEndIncluding": "15.006.30121",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "B33BAE59-1F77-4F21-A5C0-B5D9D1D67F1E",
"versionEndIncluding": "15.010.20060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "15C60A67-A7DE-4B57-BC2B-28D9B546DA3B",
"versionEndIncluding": "11.0.15",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to bypass JavaScript API execution restrictions via unspecified vectors, a different vulnerability than CVE-2016-1038, CVE-2016-1039, CVE-2016-1040, CVE-2016-1042, CVE-2016-1044, CVE-2016-1062, and CVE-2016-1117."
},
{
"lang": "es",
"value": "Adobe Reader y Acrobat en versiones anteriores a 11.0.16, Acrobat y Acrobat Reader DC Classic en versiones anteriores a 15.006.30172 y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 15.016.20039 sobre Windows y OS X permiten a atacantes eludir restricciones de ejecuci\u00f3n de la API JavaScript a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-1038, CVE-2016-1039, CVE-2016-1040, CVE-2016-1042, CVE-2016-1044, CVE-2016-1062 y CVE-2016-1117."
}
],
"id": "CVE-2016-1041",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 10.0,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.0,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-05-11T10:59:05.347",
"references": [
{
"source": "psirt@adobe.com",
"url": "http://www.securityfocus.com/bid/90517"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"source": "psirt@adobe.com",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-288"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/90517"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-288"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-284"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-05-11 11:00
Modified
2025-04-12 10:46
Severity ?
Summary
Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | mac_os_x | * | |
| microsoft | windows | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3A70458C-0416-49BD-A371-1CFA85DC6A13",
"versionEndIncluding": "11.0.15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "E91D5928-1453-4359-9F35-46D9A3A9CD91",
"versionEndIncluding": "15.006.30121",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "504D35C5-04CB-4FBD-B9FD-4CBA71A5EC1A",
"versionEndIncluding": "15.010.20060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "A63411C3-E8AE-415D-B1B6-1EA6AA20494A",
"versionEndIncluding": "15.006.30121",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "B33BAE59-1F77-4F21-A5C0-B5D9D1D67F1E",
"versionEndIncluding": "15.010.20060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "15C60A67-A7DE-4B57-BC2B-28D9B546DA3B",
"versionEndIncluding": "11.0.15",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105."
},
{
"lang": "es",
"value": "Adobe Reader y Acrobat en versiones anteriores a 11.0.16, Acrobat y Acrobat Reader DC Classic en versiones anteriores a 15.006.30172 y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 15.016.20039 sobre Windows y OS X permiten a atacantes ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104 y CVE-2016-4105."
}
],
"id": "CVE-2016-1093",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-05-11T11:00:03.093",
"references": [
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-05-11 11:00
Modified
2025-04-12 10:46
Severity ?
Summary
Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | mac_os_x | * | |
| microsoft | windows | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3A70458C-0416-49BD-A371-1CFA85DC6A13",
"versionEndIncluding": "11.0.15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "E91D5928-1453-4359-9F35-46D9A3A9CD91",
"versionEndIncluding": "15.006.30121",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "504D35C5-04CB-4FBD-B9FD-4CBA71A5EC1A",
"versionEndIncluding": "15.010.20060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "A63411C3-E8AE-415D-B1B6-1EA6AA20494A",
"versionEndIncluding": "15.006.30121",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "B33BAE59-1F77-4F21-A5C0-B5D9D1D67F1E",
"versionEndIncluding": "15.010.20060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "15C60A67-A7DE-4B57-BC2B-28D9B546DA3B",
"versionEndIncluding": "11.0.15",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105."
},
{
"lang": "es",
"value": "Adobe Reader y Acrobat en versiones anteriores a 11.0.16, Acrobat y Acrobat Reader DC Classic en versiones anteriores a 15.006.30172 y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 15.016.20039 sobre Windows y OS X permiten a atacantes ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104 y CVE-2016-4105."
}
],
"id": "CVE-2016-1125",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-05-11T11:00:34.343",
"references": [
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-05-11 10:59
Modified
2025-04-12 10:46
Severity ?
Summary
Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1045, CVE-2016-1046, CVE-2016-1047, CVE-2016-1048, CVE-2016-1049, CVE-2016-1050, CVE-2016-1051, CVE-2016-1052, CVE-2016-1053, CVE-2016-1054, CVE-2016-1055, CVE-2016-1056, CVE-2016-1057, CVE-2016-1058, CVE-2016-1060, CVE-2016-1061, CVE-2016-1065, CVE-2016-1066, CVE-2016-1067, CVE-2016-1068, CVE-2016-1069, CVE-2016-1070, CVE-2016-1075, CVE-2016-1094, CVE-2016-1121, CVE-2016-1122, CVE-2016-4102, and CVE-2016-4107.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | mac_os_x | * | |
| microsoft | windows | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3A70458C-0416-49BD-A371-1CFA85DC6A13",
"versionEndIncluding": "11.0.15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "E91D5928-1453-4359-9F35-46D9A3A9CD91",
"versionEndIncluding": "15.006.30121",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "504D35C5-04CB-4FBD-B9FD-4CBA71A5EC1A",
"versionEndIncluding": "15.010.20060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "A63411C3-E8AE-415D-B1B6-1EA6AA20494A",
"versionEndIncluding": "15.006.30121",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "B33BAE59-1F77-4F21-A5C0-B5D9D1D67F1E",
"versionEndIncluding": "15.010.20060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "15C60A67-A7DE-4B57-BC2B-28D9B546DA3B",
"versionEndIncluding": "11.0.15",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1045, CVE-2016-1046, CVE-2016-1047, CVE-2016-1048, CVE-2016-1049, CVE-2016-1050, CVE-2016-1051, CVE-2016-1052, CVE-2016-1053, CVE-2016-1054, CVE-2016-1055, CVE-2016-1056, CVE-2016-1057, CVE-2016-1058, CVE-2016-1060, CVE-2016-1061, CVE-2016-1065, CVE-2016-1066, CVE-2016-1067, CVE-2016-1068, CVE-2016-1069, CVE-2016-1070, CVE-2016-1075, CVE-2016-1094, CVE-2016-1121, CVE-2016-1122, CVE-2016-4102, and CVE-2016-4107."
},
{
"lang": "es",
"value": "Vulnerabilidad de uso despu\u00e9s de liberaci\u00f3n de memoria en Adobe Reader y Acrobat en versiones anteriores a 11.0.16, Acrobat y Acrobat Reader DC Classic en versiones anteriores a 15.006.30172 y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 15.016.20039 sobre Windows y OS X permite a atacantes ejecutar c\u00f3digo arbitrario a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-1045, CVE-2016-1046, CVE-2016-1047, CVE-2016-1048, CVE-2016-1049, CVE-2016-1050, CVE-2016-1051, CVE-2016-1052, CVE-2016-1053, CVE-2016-1054, CVE-2016-1055, CVE-2016-1056, CVE-2016-1057, CVE-2016-1058, CVE-2016-1060, CVE-2016-1061, CVE-2016-1065, CVE-2016-1066, CVE-2016-1067, CVE-2016-1068, CVE-2016-1069, CVE-2016-1070, CVE-2016-1075, CVE-2016-1094, CVE-2016-1121, CVE-2016-1122, CVE-2016-4102 y CVE-2016-4107."
}
],
"evaluatorComment": "\u003ca href=\"http://cwe.mitre.org/data/definitions/416.html\"\u003eCWE-416: Use After Free\u003c/a\u003e",
"id": "CVE-2016-1059",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-05-11T10:59:25.533",
"references": [
{
"source": "psirt@adobe.com",
"url": "http://www.securityfocus.com/bid/90512"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"source": "psirt@adobe.com",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-307"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/90512"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-307"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-04-12 14:59
Modified
2025-04-20 01:37
Severity ?
Summary
Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability when parsing font data in the MakeAccessible plugin. Successful exploitation could lead to arbitrary code execution.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * | |
| apple | mac_os_x | * | |
| microsoft | windows | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "920C2C98-5D86-4436-BEFF-54D9A41D43C8",
"versionEndIncluding": "11.0.19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "E065F497-3396-4F95-B19F-35628C8AA570",
"versionEndIncluding": "15.006.30280",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "FAC7EE17-469A-45D6-94B1-7C84E8727A06",
"versionEndIncluding": "15.023.20070",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "EF2B91EA-41D3-4054-958C-5F174D2ADDF0",
"versionEndIncluding": "15.006.30280",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "2E18E48C-BDDD-4A01-91F1-C233D53C0978",
"versionEndIncluding": "15.023.20070",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E65E415E-1C3C-472E-9750-3295B65CC6F0",
"versionEndIncluding": "11.0.19",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability when parsing font data in the MakeAccessible plugin. Successful exploitation could lead to arbitrary code execution."
},
{
"lang": "es",
"value": "Las versiones de Adobe Acrobat Reader 11.0.19 y anteriores, 15.006.30280 y anteriores, 15.023.20070 y anteriores tienen una vulnerabilidad de corrupci\u00f3n de memoria explotable al analizar datos de fuentes en el complemento MakeAccessible. Una explotaci\u00f3n exitosa podr\u00eda conducir a la ejecuci\u00f3n arbitraria de c\u00f3digo."
}
],
"id": "CVE-2017-3041",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-04-12T14:59:02.530",
"references": [
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/97556"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1038228"
},
{
"source": "psirt@adobe.com",
"tags": [
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/97556"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1038228"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-04-12 14:59
Modified
2025-04-20 01:37
Severity ?
Summary
Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have a memory address leak vulnerability in the image conversion engine, related to parsing of EMF - enhanced meta file format.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| psirt@adobe.com | http://www.securityfocus.com/bid/97554 | Third Party Advisory, VDB Entry | |
| psirt@adobe.com | http://www.securitytracker.com/id/1038228 | ||
| psirt@adobe.com | https://helpx.adobe.com/security/products/acrobat/apsb17-11.html | Vendor Advisory | |
| nvd@nist.gov | http://www.zerodayinitiative.com/advisories/ZDI-17-276/ | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/97554 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1038228 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://helpx.adobe.com/security/products/acrobat/apsb17-11.html | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * | |
| apple | mac_os_x | * | |
| microsoft | windows | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "920C2C98-5D86-4436-BEFF-54D9A41D43C8",
"versionEndIncluding": "11.0.19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "E065F497-3396-4F95-B19F-35628C8AA570",
"versionEndIncluding": "15.006.30280",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "FAC7EE17-469A-45D6-94B1-7C84E8727A06",
"versionEndIncluding": "15.023.20070",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "EF2B91EA-41D3-4054-958C-5F174D2ADDF0",
"versionEndIncluding": "15.006.30280",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "2E18E48C-BDDD-4A01-91F1-C233D53C0978",
"versionEndIncluding": "15.023.20070",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E65E415E-1C3C-472E-9750-3295B65CC6F0",
"versionEndIncluding": "11.0.19",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have a memory address leak vulnerability in the image conversion engine, related to parsing of EMF - enhanced meta file format."
},
{
"lang": "es",
"value": "Las versiones de Adobe Acrobat Reader 11.0.19 y anteriores, 15.006.30280 y anteriores, 15.023.20070 y anteriores tienen una vulnerabilidad de fuga de direcci\u00f3n de memoria en el motor de conversi\u00f3n de im\u00e1genes, relacionado con el an\u00e1lisis del formato de archivo de meta-archivo mejorado EMF."
}
],
"id": "CVE-2017-3052",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-04-12T14:59:02.873",
"references": [
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/97554"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1038228"
},
{
"source": "psirt@adobe.com",
"tags": [
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
},
{
"source": "nvd@nist.gov",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-17-276/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/97554"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1038228"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-08-26 19:59
Modified
2025-04-12 10:46
Severity ?
Summary
Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4191, CVE-2016-4192, CVE-2016-4193, CVE-2016-4194, CVE-2016-4195, CVE-2016-4196, CVE-2016-4197, CVE-2016-4198, CVE-2016-4199, CVE-2016-4200, CVE-2016-4201, CVE-2016-4202, CVE-2016-4203, CVE-2016-4204, CVE-2016-4205, CVE-2016-4206, CVE-2016-4207, CVE-2016-4208, CVE-2016-4211, CVE-2016-4212, CVE-2016-4213, CVE-2016-4214, CVE-2016-4250, CVE-2016-4251, CVE-2016-4252, CVE-2016-4254, CVE-2016-4265, CVE-2016-4267, CVE-2016-4268, CVE-2016-4269, and CVE-2016-4270.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | mac_os_x | * | |
| microsoft | windows | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "48F7FCE4-6C44-45DA-B1F0-7808F497AA93",
"versionEndIncluding": "11.0.16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "3F3C7F23-77F4-4698-8E74-72917F2A83E9",
"versionEndIncluding": "15.006.30174",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "2E46BF91-F475-46CB-8575-13FE3A57BD55",
"versionEndIncluding": "15.016.20045",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "6D455EA4-9459-471D-8B4E-D7D78C1772F3",
"versionEndIncluding": "15.006.30174",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "79074ABD-9720-4298-A680-0B636FFC6151",
"versionEndIncluding": "15.016.20045",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CD2EDEC-3767-4713-ACD7-D463DAE2D273",
"versionEndIncluding": "11.0.16",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4191, CVE-2016-4192, CVE-2016-4193, CVE-2016-4194, CVE-2016-4195, CVE-2016-4196, CVE-2016-4197, CVE-2016-4198, CVE-2016-4199, CVE-2016-4200, CVE-2016-4201, CVE-2016-4202, CVE-2016-4203, CVE-2016-4204, CVE-2016-4205, CVE-2016-4206, CVE-2016-4207, CVE-2016-4208, CVE-2016-4211, CVE-2016-4212, CVE-2016-4213, CVE-2016-4214, CVE-2016-4250, CVE-2016-4251, CVE-2016-4252, CVE-2016-4254, CVE-2016-4265, CVE-2016-4267, CVE-2016-4268, CVE-2016-4269, and CVE-2016-4270."
},
{
"lang": "es",
"value": "Adobe Reader y Acrobat en versiones anteriores a 11.0.17, Acrobat y Acrobat Reader DC Classic en versiones anteriores a 15.006.30198 y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 15.017.20050 en Windows y OS X permiten a atacantes remotos ejecutar un c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-4191, CVE-2016-4192, CVE-2016-4193, CVE-2016-4194, CVE-2016-4195, CVE-2016-4196, CVE-2016-4197, CVE-2016-4198, CVE-2016-4199, CVE-2016-4200, CVE-2016-4201, CVE-2016-4202, CVE-2016-4203, CVE-2016-4204, CVE-2016-4205, CVE-2016-4206, CVE-2016-4207, CVE-2016-4208, CVE-2016-4211, CVE-2016-4212, CVE-2016-4213, CVE-2016-4214, CVE-2016-4250, CVE-2016-4251, CVE-2016-4252, CVE-2016-4254, CVE-2016-4265, CVE-2016-4267, CVE-2016-4268, CVE-2016-4269 y CVE-2016-4270."
}
],
"id": "CVE-2016-4266",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-08-26T19:59:02.600",
"references": [
{
"source": "psirt@adobe.com",
"url": "http://www.securityfocus.com/bid/92636"
},
{
"source": "psirt@adobe.com",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-489"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/92636"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-489"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-10-13 20:00
Modified
2025-04-12 10:46
Severity ?
Summary
Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | mac_os_x | * | |
| microsoft | windows | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CE518B7B-656F-42F8-BF38-F74B8D9CF5DE",
"versionEndIncluding": "11.0.17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "56758CE4-B394-41C2-9EF9-A00022DA7257",
"versionEndIncluding": "15.006.30201",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "B3F34EB4-2203-4BA8-9729-C1EB2DEEC334",
"versionEndIncluding": "15.017.20053",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "08EAC1A2-56CE-4375-822A-9B8C43758654",
"versionEndIncluding": "15.006.30201",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "747D8222-B077-49A3-83EB-A210CAF0D094",
"versionEndIncluding": "15.017.20053",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0A07526D-9AD0-4778-B9DC-57815F9F450F",
"versionEndIncluding": "11.0.17",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019."
},
{
"lang": "es",
"value": "Adobe Reader y Acrobat en versiones anteriores a 11.0.18, Acrobat y Acrobat Reader DC Classic en versiones anteriores a 15.006.30243 y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 15.020.20039 en Windows y OS X permiten a atacantes ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018 y CVE-2016-7019."
}
],
"id": "CVE-2016-7007",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-10-13T20:00:44.017",
"references": [
{
"source": "psirt@adobe.com",
"url": "http://www.securityfocus.com/bid/93496"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/93496"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-05-11 10:59
Modified
2025-04-12 10:46
Severity ?
Summary
Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | mac_os_x | * | |
| microsoft | windows | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3A70458C-0416-49BD-A371-1CFA85DC6A13",
"versionEndIncluding": "11.0.15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "E91D5928-1453-4359-9F35-46D9A3A9CD91",
"versionEndIncluding": "15.006.30121",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "504D35C5-04CB-4FBD-B9FD-4CBA71A5EC1A",
"versionEndIncluding": "15.010.20060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "A63411C3-E8AE-415D-B1B6-1EA6AA20494A",
"versionEndIncluding": "15.006.30121",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "B33BAE59-1F77-4F21-A5C0-B5D9D1D67F1E",
"versionEndIncluding": "15.010.20060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "15C60A67-A7DE-4B57-BC2B-28D9B546DA3B",
"versionEndIncluding": "11.0.15",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105."
},
{
"lang": "es",
"value": "Adobe Reader y Acrobat en versiones anteriores a 11.0.16, Acrobat y Acrobat Reader DC Classic en versiones anteriores a 15.006.30172 y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 15.016.20039 sobre Windows y OS X permiten a atacantes ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104 y CVE-2016-4105."
}
],
"id": "CVE-2016-1078",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-05-11T10:59:47.987",
"references": [
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"source": "psirt@adobe.com",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-325"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-325"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-04-12 14:59
Modified
2025-04-20 01:37
Severity ?
Summary
Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable integer overflow vulnerability in the CCITT fax PDF filter. Successful exploitation could lead to arbitrary code execution.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * | |
| apple | mac_os_x | * | |
| microsoft | windows | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "920C2C98-5D86-4436-BEFF-54D9A41D43C8",
"versionEndIncluding": "11.0.19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "E065F497-3396-4F95-B19F-35628C8AA570",
"versionEndIncluding": "15.006.30280",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "FAC7EE17-469A-45D6-94B1-7C84E8727A06",
"versionEndIncluding": "15.023.20070",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "EF2B91EA-41D3-4054-958C-5F174D2ADDF0",
"versionEndIncluding": "15.006.30280",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "2E18E48C-BDDD-4A01-91F1-C233D53C0978",
"versionEndIncluding": "15.023.20070",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E65E415E-1C3C-472E-9750-3295B65CC6F0",
"versionEndIncluding": "11.0.19",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable integer overflow vulnerability in the CCITT fax PDF filter. Successful exploitation could lead to arbitrary code execution."
},
{
"lang": "es",
"value": "Las versiones de Adobe Acrobat Reader 11.0.19 y anteriores, 15.006.30280 y anteriores, 15.023.20070 y anteriores tienen una vulnerabilidad de desbordamiento entero explotable en el filtro CCITT fax PDF. Una explotaci\u00f3n exitosa podr\u00eda conducir a la ejecuci\u00f3n arbitraria de c\u00f3digo."
}
],
"id": "CVE-2017-3011",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-04-12T14:59:01.623",
"references": [
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/97548"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1038228"
},
{
"source": "psirt@adobe.com",
"tags": [
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/97548"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1038228"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-190"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-10-13 20:00
Modified
2025-04-12 10:46
Severity ?
Summary
Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | mac_os_x | * | |
| microsoft | windows | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CE518B7B-656F-42F8-BF38-F74B8D9CF5DE",
"versionEndIncluding": "11.0.17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "56758CE4-B394-41C2-9EF9-A00022DA7257",
"versionEndIncluding": "15.006.30201",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "B3F34EB4-2203-4BA8-9729-C1EB2DEEC334",
"versionEndIncluding": "15.017.20053",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "08EAC1A2-56CE-4375-822A-9B8C43758654",
"versionEndIncluding": "15.006.30201",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "747D8222-B077-49A3-83EB-A210CAF0D094",
"versionEndIncluding": "15.017.20053",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0A07526D-9AD0-4778-B9DC-57815F9F450F",
"versionEndIncluding": "11.0.17",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019."
},
{
"lang": "es",
"value": "Adobe Reader y Acrobat en versiones anteriores a 11.0.18, Acrobat y Acrobat Reader DC Classic en versiones anteriores a 15.006.30243 y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 15.020.20039 en Windows y OS X permiten a atacantes ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018 y CVE-2016-7019."
}
],
"id": "CVE-2016-7010",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-10-13T20:00:48.350",
"references": [
{
"source": "psirt@adobe.com",
"url": "http://www.securityfocus.com/bid/93496"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/93496"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-05-11 11:00
Modified
2025-04-12 10:46
Severity ?
Summary
Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to bypass JavaScript API execution restrictions via unspecified vectors, a different vulnerability than CVE-2016-1038, CVE-2016-1039, CVE-2016-1040, CVE-2016-1041, CVE-2016-1042, CVE-2016-1044, and CVE-2016-1062.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | mac_os_x | * | |
| microsoft | windows | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3A70458C-0416-49BD-A371-1CFA85DC6A13",
"versionEndIncluding": "11.0.15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "E91D5928-1453-4359-9F35-46D9A3A9CD91",
"versionEndIncluding": "15.006.30121",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "504D35C5-04CB-4FBD-B9FD-4CBA71A5EC1A",
"versionEndIncluding": "15.010.20060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "A63411C3-E8AE-415D-B1B6-1EA6AA20494A",
"versionEndIncluding": "15.006.30121",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "B33BAE59-1F77-4F21-A5C0-B5D9D1D67F1E",
"versionEndIncluding": "15.010.20060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "15C60A67-A7DE-4B57-BC2B-28D9B546DA3B",
"versionEndIncluding": "11.0.15",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to bypass JavaScript API execution restrictions via unspecified vectors, a different vulnerability than CVE-2016-1038, CVE-2016-1039, CVE-2016-1040, CVE-2016-1041, CVE-2016-1042, CVE-2016-1044, and CVE-2016-1062."
},
{
"lang": "es",
"value": "Adobe Reader y Acrobat en versiones anteriores a 11.0.16, Acrobat y Acrobat Reader DC Classic en versiones anteriores a 15.006.30172 y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 15.016.20039 sobre Windows y OS X permiten a atacantes eludir restricciones de ejecuci\u00f3n de la API JavaScript a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-1038, CVE-2016-1039, CVE-2016-1040, CVE-2016-1041, CVE-2016-1042, CVE-2016-1044 y CVE-2016-1062."
}
],
"id": "CVE-2016-1117",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-05-11T11:00:25.810",
"references": [
{
"source": "psirt@adobe.com",
"url": "http://www.securityfocus.com/bid/90517"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"source": "psirt@adobe.com",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-285"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/90517"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-285"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-284"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-04-12 14:59
Modified
2025-04-20 01:37
Severity ?
Summary
Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability in the PPKLite security handler. Successful exploitation could lead to arbitrary code execution.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * | |
| apple | mac_os_x | * | |
| microsoft | windows | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "920C2C98-5D86-4436-BEFF-54D9A41D43C8",
"versionEndIncluding": "11.0.19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "E065F497-3396-4F95-B19F-35628C8AA570",
"versionEndIncluding": "15.006.30280",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "FAC7EE17-469A-45D6-94B1-7C84E8727A06",
"versionEndIncluding": "15.023.20070",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "EF2B91EA-41D3-4054-958C-5F174D2ADDF0",
"versionEndIncluding": "15.006.30280",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "2E18E48C-BDDD-4A01-91F1-C233D53C0978",
"versionEndIncluding": "15.023.20070",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E65E415E-1C3C-472E-9750-3295B65CC6F0",
"versionEndIncluding": "11.0.19",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability in the PPKLite security handler. Successful exploitation could lead to arbitrary code execution."
},
{
"lang": "es",
"value": "Las versiones de Adobe Acrobat Reader 11.0.19 y anteriores, 15.006.30280 y anteriores, 15.023.20070 y anteriores tienen una vulnerabilidad de corrupci\u00f3n de memoria explotable en el controlador de seguridad PPKLite. Una explotaci\u00f3n exitosa podr\u00eda conducir a la ejecuci\u00f3n arbitraria de c\u00f3digo."
}
],
"id": "CVE-2017-3039",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-04-12T14:59:02.467",
"references": [
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/97556"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1038228"
},
{
"source": "psirt@adobe.com",
"tags": [
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/97556"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1038228"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-08-11 19:29
Modified
2025-04-20 01:37
Severity ?
Summary
Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conversion engine when processing Enhanced Metafile Format (EMF) private data. Successful exploitation could lead to arbitrary code execution.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| psirt@adobe.com | http://www.securityfocus.com/bid/100179 | Third Party Advisory, VDB Entry | |
| psirt@adobe.com | http://www.securitytracker.com/id/1039098 | Third Party Advisory, VDB Entry | |
| psirt@adobe.com | https://helpx.adobe.com/security/products/acrobat/apsb17-24.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/100179 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1039098 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://helpx.adobe.com/security/products/acrobat/apsb17-24.html | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| adobe | acrobat | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * | |
| apple | mac_os_x | * | |
| microsoft | windows | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A30D9514-FE2E-4A9C-9500-16890F53E970",
"versionEndIncluding": "11.0.20",
"versionStartIncluding": "11.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7C9B6745-48B3-47D5-B624-3321E9058FB6",
"versionEndIncluding": "17.011.30066",
"versionStartIncluding": "17.011.00000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "99D08096-DEEA-4409-835A-68479002FF0F",
"versionEndIncluding": "15.006.30306",
"versionStartIncluding": "15.006.30060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "C7A7FA12-9250-4E26-87AE-D5413A1B7D83",
"versionEndIncluding": "17.009.20058",
"versionStartIncluding": "15.007.20033",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "11A0E83A-9D77-4A0B-90DE-386D21D54146",
"versionEndIncluding": "17.011.30066",
"versionStartIncluding": "17.011.00000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "0E4BAFB4-C5F3-4033-9876-AC3CF37206F8",
"versionEndIncluding": "15.006.30306",
"versionStartIncluding": "15.006.30060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "7C578153-11EF-4F8D-9137-4F7AB8024D7E",
"versionEndIncluding": "17.009.20058",
"versionStartIncluding": "15.007.20033",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1F87CC97-6ED7-4AF1-B7B7-F89EA09A68DB",
"versionEndIncluding": "11.0.20",
"versionStartIncluding": "11.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conversion engine when processing Enhanced Metafile Format (EMF) private data. Successful exploitation could lead to arbitrary code execution."
},
{
"lang": "es",
"value": "Adobe Acrobat Reader 2017.009.20058 y anteriores, 2017.008.30051 y anteriores, 2015.006.30306 y anteriores, y 11.0.20 y anteriores tiene una vulnerabilidad de corrupci\u00f3n de memoria en el motor de conversi\u00f3n de imagen cuando procesa datos privados Enhanced Metafile Format (EMF). La explotaci\u00f3n con \u00e9xito de esta vulnerabilidad podr\u00eda permitir la ejecuci\u00f3n arbitraria de c\u00f3digo."
}
],
"id": "CVE-2017-11227",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-08-11T19:29:00.680",
"references": [
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/100179"
},
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039098"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/100179"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039098"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-04-12 14:59
Modified
2025-04-20 01:37
Severity ?
Summary
Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have a memory address leak vulnerability when parsing the header of a JPEG 2000 file.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| psirt@adobe.com | http://www.securityfocus.com/bid/97554 | Third Party Advisory, VDB Entry | |
| psirt@adobe.com | http://www.securitytracker.com/id/1038228 | ||
| psirt@adobe.com | https://helpx.adobe.com/security/products/acrobat/apsb17-11.html | Vendor Advisory | |
| nvd@nist.gov | http://www.zerodayinitiative.com/advisories/ZDI-17-257/ | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/97554 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1038228 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://helpx.adobe.com/security/products/acrobat/apsb17-11.html | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * | |
| apple | mac_os_x | * | |
| microsoft | windows | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "920C2C98-5D86-4436-BEFF-54D9A41D43C8",
"versionEndIncluding": "11.0.19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "E065F497-3396-4F95-B19F-35628C8AA570",
"versionEndIncluding": "15.006.30280",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "FAC7EE17-469A-45D6-94B1-7C84E8727A06",
"versionEndIncluding": "15.023.20070",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "EF2B91EA-41D3-4054-958C-5F174D2ADDF0",
"versionEndIncluding": "15.006.30280",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "2E18E48C-BDDD-4A01-91F1-C233D53C0978",
"versionEndIncluding": "15.023.20070",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E65E415E-1C3C-472E-9750-3295B65CC6F0",
"versionEndIncluding": "11.0.19",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have a memory address leak vulnerability when parsing the header of a JPEG 2000 file."
},
{
"lang": "es",
"value": "Las versiones de Adobe Acrobat Reader 11.0.19 y anteriores, 15.006.30280 y anteriores, 15.023.20070 y anteriores tienen una vulnerabilidad de fuga de direcci\u00f3n de memoria al analizar el encabezado de un archivo JPEG 2000."
}
],
"id": "CVE-2017-3022",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-04-12T14:59:01.920",
"references": [
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/97554"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1038228"
},
{
"source": "psirt@adobe.com",
"tags": [
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
},
{
"source": "nvd@nist.gov",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-17-257/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/97554"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1038228"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-04-12 14:59
Modified
2025-04-20 01:37
Severity ?
Summary
Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability in the image conversion engine, related to parsing of JPEG files. Successful exploitation could lead to arbitrary code execution.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| psirt@adobe.com | http://www.securityfocus.com/bid/97556 | Third Party Advisory, VDB Entry | |
| psirt@adobe.com | http://www.securitytracker.com/id/1038228 | ||
| psirt@adobe.com | https://helpx.adobe.com/security/products/acrobat/apsb17-11.html | Vendor Advisory | |
| nvd@nist.gov | http://www.zerodayinitiative.com/advisories/ZDI-17-275/ | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/97556 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1038228 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://helpx.adobe.com/security/products/acrobat/apsb17-11.html | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * | |
| apple | mac_os_x | * | |
| microsoft | windows | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "920C2C98-5D86-4436-BEFF-54D9A41D43C8",
"versionEndIncluding": "11.0.19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "E065F497-3396-4F95-B19F-35628C8AA570",
"versionEndIncluding": "15.006.30280",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "FAC7EE17-469A-45D6-94B1-7C84E8727A06",
"versionEndIncluding": "15.023.20070",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "EF2B91EA-41D3-4054-958C-5F174D2ADDF0",
"versionEndIncluding": "15.006.30280",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "2E18E48C-BDDD-4A01-91F1-C233D53C0978",
"versionEndIncluding": "15.023.20070",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E65E415E-1C3C-472E-9750-3295B65CC6F0",
"versionEndIncluding": "11.0.19",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability in the image conversion engine, related to parsing of JPEG files. Successful exploitation could lead to arbitrary code execution."
},
{
"lang": "es",
"value": "Las versiones de Adobe Acrobat Reader 11.0.19 y anteriores, 15.006.30280 y anteriores, 15.023.20070 y anteriores tienen una vulnerabilidad de corrupci\u00f3n de memoria explotable en el motor de conversi\u00f3n de im\u00e1genes, relacionada con el an\u00e1lisis de archivos JPEG. Una explotaci\u00f3n exitosa podr\u00eda conducir a la ejecuci\u00f3n arbitraria de c\u00f3digo."
}
],
"id": "CVE-2017-3051",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-04-12T14:59:02.860",
"references": [
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/97556"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1038228"
},
{
"source": "psirt@adobe.com",
"tags": [
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
},
{
"source": "nvd@nist.gov",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-17-275/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/97556"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1038228"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-08-11 19:29
Modified
2025-04-20 01:37
Severity ?
Summary
Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable use after free vulnerability in the XFA rendering engine. Successful exploitation could lead to arbitrary code execution.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| psirt@adobe.com | http://www.securityfocus.com/bid/100182 | Third Party Advisory, VDB Entry | |
| psirt@adobe.com | http://www.securitytracker.com/id/1039098 | Third Party Advisory, VDB Entry | |
| psirt@adobe.com | https://helpx.adobe.com/security/products/acrobat/apsb17-24.html | Patch, Vendor Advisory | |
| nvd@nist.gov | http://www.zerodayinitiative.com/advisories/ZDI-17-585/ | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/100182 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1039098 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://helpx.adobe.com/security/products/acrobat/apsb17-24.html | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| adobe | acrobat | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * | |
| apple | mac_os_x | * | |
| microsoft | windows | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A30D9514-FE2E-4A9C-9500-16890F53E970",
"versionEndIncluding": "11.0.20",
"versionStartIncluding": "11.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7C9B6745-48B3-47D5-B624-3321E9058FB6",
"versionEndIncluding": "17.011.30066",
"versionStartIncluding": "17.011.00000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "99D08096-DEEA-4409-835A-68479002FF0F",
"versionEndIncluding": "15.006.30306",
"versionStartIncluding": "15.006.30060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "C7A7FA12-9250-4E26-87AE-D5413A1B7D83",
"versionEndIncluding": "17.009.20058",
"versionStartIncluding": "15.007.20033",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "11A0E83A-9D77-4A0B-90DE-386D21D54146",
"versionEndIncluding": "17.011.30066",
"versionStartIncluding": "17.011.00000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "0E4BAFB4-C5F3-4033-9876-AC3CF37206F8",
"versionEndIncluding": "15.006.30306",
"versionStartIncluding": "15.006.30060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "7C578153-11EF-4F8D-9137-4F7AB8024D7E",
"versionEndIncluding": "17.009.20058",
"versionStartIncluding": "15.007.20033",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1F87CC97-6ED7-4AF1-B7B7-F89EA09A68DB",
"versionEndIncluding": "11.0.20",
"versionStartIncluding": "11.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable use after free vulnerability in the XFA rendering engine. Successful exploitation could lead to arbitrary code execution."
},
{
"lang": "es",
"value": "Adobe Acrobat Reader 2017.009.20058 y anteriores, 2017.008.30051 y anteriores, 2015.006.30306 y anteriores, y 11.0.20 y anteriores tiene una vulnerabilidad de uso de memoria antes de liberaci\u00f3n (use after free) en el motor de renderizado XFA. La explotaci\u00f3n con \u00e9xito de esta vulnerabilidad podr\u00eda permitir la ejecuci\u00f3n arbitraria de c\u00f3digo."
}
],
"id": "CVE-2017-11219",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-08-11T19:29:00.477",
"references": [
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/100182"
},
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039098"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"source": "nvd@nist.gov",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-17-585/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/100182"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039098"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-416"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-04-12 14:59
Modified
2025-04-20 01:37
Severity ?
Summary
Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability in the image conversion engine, related to manipulation of EMF files. Successful exploitation could lead to arbitrary code execution.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * | |
| apple | mac_os_x | * | |
| microsoft | windows | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "920C2C98-5D86-4436-BEFF-54D9A41D43C8",
"versionEndIncluding": "11.0.19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "E065F497-3396-4F95-B19F-35628C8AA570",
"versionEndIncluding": "15.006.30280",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "FAC7EE17-469A-45D6-94B1-7C84E8727A06",
"versionEndIncluding": "15.023.20070",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "EF2B91EA-41D3-4054-958C-5F174D2ADDF0",
"versionEndIncluding": "15.006.30280",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "2E18E48C-BDDD-4A01-91F1-C233D53C0978",
"versionEndIncluding": "15.023.20070",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E65E415E-1C3C-472E-9750-3295B65CC6F0",
"versionEndIncluding": "11.0.19",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability in the image conversion engine, related to manipulation of EMF files. Successful exploitation could lead to arbitrary code execution."
},
{
"lang": "es",
"value": "Las versiones de Adobe Acrobat Reader 11.0.19 y anteriores, 15.006.30280 y anteriores, 15.023.20070 y anteriores tienen una vulnerabilidad de corrupci\u00f3n de memoria explotable en el motor de conversi\u00f3n de im\u00e1genes, relacionada con la manipulaci\u00f3n de archivos EMF. Una explotaci\u00f3n exitosa podr\u00eda conducir a la ejecuci\u00f3n arbitraria de c\u00f3digo."
}
],
"id": "CVE-2017-3054",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-04-12T14:59:02.920",
"references": [
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/97556"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1038228"
},
{
"source": "psirt@adobe.com",
"tags": [
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/97556"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1038228"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-08-11 19:29
Modified
2025-04-20 01:37
Severity ?
Summary
Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conversion engine when processing Enhanced Metafile Format (EMF) private data and the embedded GIF image. Successful exploitation could lead to arbitrary code execution.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| psirt@adobe.com | http://www.securityfocus.com/bid/100184 | Third Party Advisory, VDB Entry | |
| psirt@adobe.com | http://www.securitytracker.com/id/1039098 | Third Party Advisory, VDB Entry | |
| psirt@adobe.com | https://helpx.adobe.com/security/products/acrobat/apsb17-24.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/100184 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1039098 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://helpx.adobe.com/security/products/acrobat/apsb17-24.html | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| adobe | acrobat | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * | |
| apple | mac_os_x | * | |
| microsoft | windows | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A30D9514-FE2E-4A9C-9500-16890F53E970",
"versionEndIncluding": "11.0.20",
"versionStartIncluding": "11.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7C9B6745-48B3-47D5-B624-3321E9058FB6",
"versionEndIncluding": "17.011.30066",
"versionStartIncluding": "17.011.00000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "99D08096-DEEA-4409-835A-68479002FF0F",
"versionEndIncluding": "15.006.30306",
"versionStartIncluding": "15.006.30060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "C7A7FA12-9250-4E26-87AE-D5413A1B7D83",
"versionEndIncluding": "17.009.20058",
"versionStartIncluding": "15.007.20033",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "11A0E83A-9D77-4A0B-90DE-386D21D54146",
"versionEndIncluding": "17.011.30066",
"versionStartIncluding": "17.011.00000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "0E4BAFB4-C5F3-4033-9876-AC3CF37206F8",
"versionEndIncluding": "15.006.30306",
"versionStartIncluding": "15.006.30060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "7C578153-11EF-4F8D-9137-4F7AB8024D7E",
"versionEndIncluding": "17.009.20058",
"versionStartIncluding": "15.007.20033",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1F87CC97-6ED7-4AF1-B7B7-F89EA09A68DB",
"versionEndIncluding": "11.0.20",
"versionStartIncluding": "11.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conversion engine when processing Enhanced Metafile Format (EMF) private data and the embedded GIF image. Successful exploitation could lead to arbitrary code execution."
},
{
"lang": "es",
"value": "Adobe Acrobat Reader 2017.009.20058 y anteriores, 2017.008.30051 y anteriores, 2015.006.30306 y anteriores, y 11.0.20 y anteriores tiene una vulnerabilidad de corrupci\u00f3n de memoria en el motor de conversi\u00f3n de imagen cuando procesa datos privados Enhanced Metafile Format (EMF) y la imagen GIF embebida. La explotaci\u00f3n con \u00e9xito de esta vulnerabilidad podr\u00eda permitir la ejecuci\u00f3n arbitraria de c\u00f3digo."
}
],
"id": "CVE-2017-11258",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-08-11T19:29:01.553",
"references": [
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/100184"
},
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039098"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/100184"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039098"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-05-11 11:00
Modified
2025-04-12 10:46
Severity ?
Summary
Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | mac_os_x | * | |
| microsoft | windows | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3A70458C-0416-49BD-A371-1CFA85DC6A13",
"versionEndIncluding": "11.0.15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "E91D5928-1453-4359-9F35-46D9A3A9CD91",
"versionEndIncluding": "15.006.30121",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "504D35C5-04CB-4FBD-B9FD-4CBA71A5EC1A",
"versionEndIncluding": "15.010.20060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "A63411C3-E8AE-415D-B1B6-1EA6AA20494A",
"versionEndIncluding": "15.006.30121",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "B33BAE59-1F77-4F21-A5C0-B5D9D1D67F1E",
"versionEndIncluding": "15.010.20060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "15C60A67-A7DE-4B57-BC2B-28D9B546DA3B",
"versionEndIncluding": "11.0.15",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105."
},
{
"lang": "es",
"value": "Adobe Reader y Acrobat en versiones anteriores a 11.0.16, Acrobat y Acrobat Reader DC Classic en versiones anteriores a 15.006.30172 y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 15.016.20039 sobre Windows y OS X permiten a atacantes ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104 y CVE-2016-4105."
}
],
"id": "CVE-2016-1124",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-05-11T11:00:33.437",
"references": [
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-10-13 19:59
Modified
2025-04-12 10:46
Severity ?
Summary
Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | mac_os_x | * | |
| microsoft | windows | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CE518B7B-656F-42F8-BF38-F74B8D9CF5DE",
"versionEndIncluding": "11.0.17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "56758CE4-B394-41C2-9EF9-A00022DA7257",
"versionEndIncluding": "15.006.30201",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "B3F34EB4-2203-4BA8-9729-C1EB2DEEC334",
"versionEndIncluding": "15.017.20053",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "08EAC1A2-56CE-4375-822A-9B8C43758654",
"versionEndIncluding": "15.006.30201",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "747D8222-B077-49A3-83EB-A210CAF0D094",
"versionEndIncluding": "15.017.20053",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0A07526D-9AD0-4778-B9DC-57815F9F450F",
"versionEndIncluding": "11.0.17",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019."
},
{
"lang": "es",
"value": "Adobe Reader y Acrobat en versiones anteriores a 11.0.18, Acrobat y Acrobat Reader DC Classic en versiones anteriores a 15.006.30243 y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 15.020.20039 en Windows y OS X permiten a atacantes ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018 y CVE-2016-7019."
}
],
"id": "CVE-2016-6954",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-10-13T19:59:24.707",
"references": [
{
"source": "psirt@adobe.com",
"url": "http://www.securityfocus.com/bid/93496"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/93496"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-08-11 19:29
Modified
2025-04-20 01:37
Severity ?
Summary
Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the internal handling of UTF-16 literal strings. Successful exploitation could lead to arbitrary code execution.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| psirt@adobe.com | http://www.securityfocus.com/bid/100184 | Third Party Advisory, VDB Entry | |
| psirt@adobe.com | http://www.securitytracker.com/id/1039098 | Third Party Advisory, VDB Entry | |
| psirt@adobe.com | https://helpx.adobe.com/security/products/acrobat/apsb17-24.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/100184 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1039098 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://helpx.adobe.com/security/products/acrobat/apsb17-24.html | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| adobe | acrobat | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * | |
| apple | mac_os_x | * | |
| microsoft | windows | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A30D9514-FE2E-4A9C-9500-16890F53E970",
"versionEndIncluding": "11.0.20",
"versionStartIncluding": "11.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7C9B6745-48B3-47D5-B624-3321E9058FB6",
"versionEndIncluding": "17.011.30066",
"versionStartIncluding": "17.011.00000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "99D08096-DEEA-4409-835A-68479002FF0F",
"versionEndIncluding": "15.006.30306",
"versionStartIncluding": "15.006.30060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "C7A7FA12-9250-4E26-87AE-D5413A1B7D83",
"versionEndIncluding": "17.009.20058",
"versionStartIncluding": "15.007.20033",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "11A0E83A-9D77-4A0B-90DE-386D21D54146",
"versionEndIncluding": "17.011.30066",
"versionStartIncluding": "17.011.00000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "0E4BAFB4-C5F3-4033-9876-AC3CF37206F8",
"versionEndIncluding": "15.006.30306",
"versionStartIncluding": "15.006.30060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "7C578153-11EF-4F8D-9137-4F7AB8024D7E",
"versionEndIncluding": "17.009.20058",
"versionStartIncluding": "15.007.20033",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1F87CC97-6ED7-4AF1-B7B7-F89EA09A68DB",
"versionEndIncluding": "11.0.20",
"versionStartIncluding": "11.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the internal handling of UTF-16 literal strings. Successful exploitation could lead to arbitrary code execution."
},
{
"lang": "es",
"value": "Adobe Acrobat Reader 2017.009.20058 y anteriores, 2017.008.30051 y anteriores, 2015.006.30306 y anteriores, y 11.0.20 y anteriores tiene una vulnerabilidad de corrupci\u00f3n de memoria en la gesti\u00f3n interna de cadenas literales UTF-16. La explotaci\u00f3n con \u00e9xito de esta vulnerabilidad podr\u00eda permitir la ejecuci\u00f3n arbitraria de c\u00f3digo."
}
],
"id": "CVE-2017-11236",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-08-11T19:29:00.977",
"references": [
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/100184"
},
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039098"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/100184"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039098"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-04-12 14:59
Modified
2025-04-20 01:37
Severity ?
Summary
Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable heap overflow vulnerability in the image conversion engine, related to internal scan line representation in TIFF files. Successful exploitation could lead to arbitrary code execution.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * | |
| apple | mac_os_x | * | |
| microsoft | windows | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "920C2C98-5D86-4436-BEFF-54D9A41D43C8",
"versionEndIncluding": "11.0.19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "E065F497-3396-4F95-B19F-35628C8AA570",
"versionEndIncluding": "15.006.30280",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "FAC7EE17-469A-45D6-94B1-7C84E8727A06",
"versionEndIncluding": "15.023.20070",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "EF2B91EA-41D3-4054-958C-5F174D2ADDF0",
"versionEndIncluding": "15.006.30280",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "2E18E48C-BDDD-4A01-91F1-C233D53C0978",
"versionEndIncluding": "15.023.20070",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E65E415E-1C3C-472E-9750-3295B65CC6F0",
"versionEndIncluding": "11.0.19",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable heap overflow vulnerability in the image conversion engine, related to internal scan line representation in TIFF files. Successful exploitation could lead to arbitrary code execution."
},
{
"lang": "es",
"value": "Las versiones de Adobe Acrobat Reader 11.0.19 y anteriores, 15.006.30280 y anteriores, 15.023.20070 y anteriores tienen una vulnerabilidad explotable de desbordamiento de mont\u00f3n en el motor de conversi\u00f3n de im\u00e1genes, relacionado con la representaci\u00f3n de l\u00ednea de exploraci\u00f3n interna en archivos TIFF. Una explotaci\u00f3n exitosa podr\u00eda conducir a la ejecuci\u00f3n arbitraria de c\u00f3digo."
}
],
"id": "CVE-2017-3048",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-04-12T14:59:02.750",
"references": [
{
"source": "psirt@adobe.com",
"url": "http://www.securityfocus.com/bid/97549"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1038228"
},
{
"source": "psirt@adobe.com",
"tags": [
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
},
{
"source": "nvd@nist.gov",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-17-272/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/97549"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1038228"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-01-11 04:59
Modified
2025-04-20 01:37
Severity ?
Summary
Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable heap overflow vulnerability when parsing TIFF image files. Successful exploitation could lead to arbitrary code execution.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * | |
| apple | mac_os_x | * | |
| microsoft | windows | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "591061D5-5A3B-4788-9219-E6A267C7F205",
"versionEndIncluding": "11.0.18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "2DA73DF1-D517-4D01-A901-11C6A410F3F7",
"versionEndIncluding": "15.006.30244",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "1044057B-3C1D-4920-B16E-11E8F43B416D",
"versionEndIncluding": "15.020.20042",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "65AE21B3-AF0D-480B-9D1A-4D64D2F749D2",
"versionEndIncluding": "15.006.30244",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "C032D3A4-80F5-4066-97DC-3AED72D6C15A",
"versionEndIncluding": "15.020.20042",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8D7F2E90-F6DF-41A3-A1DB-26058BEA2A02",
"versionEndIncluding": "11.0.18",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable heap overflow vulnerability when parsing TIFF image files. Successful exploitation could lead to arbitrary code execution."
},
{
"lang": "es",
"value": "Las versiones de Adobe Acrobat Reader 15.020.20042 y anteriores, 15.006.30244 y anteriores, 11.0.18 y anteriores tienen una vulnerabilidad de desbordamiento de memoria din\u00e1mica explotable al analizar archivos de imagen TIFF. Una explotaci\u00f3n satisfactoria podr\u00eda conducir a la ejecuci\u00f3n de c\u00f3digo arbitrario."
}
],
"id": "CVE-2017-2945",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-01-11T04:59:01.007",
"references": [
{
"source": "psirt@adobe.com",
"url": "http://www.securityfocus.com/bid/95344"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1037574"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/95344"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1037574"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-01-11 04:59
Modified
2025-04-20 01:37
Severity ?
Summary
Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable buffer overflow / underflow vulnerability in the image conversion module related to parsing tags in TIFF files. Successful exploitation could lead to arbitrary code execution.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * | |
| apple | mac_os_x | * | |
| microsoft | windows | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "591061D5-5A3B-4788-9219-E6A267C7F205",
"versionEndIncluding": "11.0.18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "2DA73DF1-D517-4D01-A901-11C6A410F3F7",
"versionEndIncluding": "15.006.30244",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "1044057B-3C1D-4920-B16E-11E8F43B416D",
"versionEndIncluding": "15.020.20042",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "65AE21B3-AF0D-480B-9D1A-4D64D2F749D2",
"versionEndIncluding": "15.006.30244",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "C032D3A4-80F5-4066-97DC-3AED72D6C15A",
"versionEndIncluding": "15.020.20042",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8D7F2E90-F6DF-41A3-A1DB-26058BEA2A02",
"versionEndIncluding": "11.0.18",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable buffer overflow / underflow vulnerability in the image conversion module related to parsing tags in TIFF files. Successful exploitation could lead to arbitrary code execution."
},
{
"lang": "es",
"value": "Las versiones de Adobe Acrobat Reader 15.020.20042 y anteriores, 15.006.30244 y anteriores, 11.0.18 y anteriores tienen una vulnerabilidad de desbordamiento/desbordamiento inferior de b\u00fafer explotable en el m\u00f3dulo de conversi\u00f3n de imagen relacionado con el an\u00e1lisis de etiquetas en archivos TIFF. Una explotaci\u00f3n satisfactoria podr\u00eda conducir a la ejecuci\u00f3n de c\u00f3digo arbitrario."
}
],
"id": "CVE-2017-2952",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-01-11T04:59:01.460",
"references": [
{
"source": "psirt@adobe.com",
"url": "http://www.securityfocus.com/bid/95346"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1037574"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/95346"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1037574"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-08-11 19:29
Modified
2025-04-20 01:37
Severity ?
Summary
Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable heap overflow vulnerability in the image conversion engine when processing Enhanced Metafile Format (EMF) data related to polygons. Successful exploitation could lead to arbitrary code execution.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| psirt@adobe.com | http://www.securityfocus.com/bid/100180 | Third Party Advisory, VDB Entry | |
| psirt@adobe.com | http://www.securitytracker.com/id/1039098 | Third Party Advisory, VDB Entry | |
| psirt@adobe.com | https://helpx.adobe.com/security/products/acrobat/apsb17-24.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/100180 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1039098 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://helpx.adobe.com/security/products/acrobat/apsb17-24.html | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| adobe | acrobat | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * | |
| apple | mac_os_x | * | |
| microsoft | windows | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A30D9514-FE2E-4A9C-9500-16890F53E970",
"versionEndIncluding": "11.0.20",
"versionStartIncluding": "11.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7C9B6745-48B3-47D5-B624-3321E9058FB6",
"versionEndIncluding": "17.011.30066",
"versionStartIncluding": "17.011.00000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "99D08096-DEEA-4409-835A-68479002FF0F",
"versionEndIncluding": "15.006.30306",
"versionStartIncluding": "15.006.30060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "C7A7FA12-9250-4E26-87AE-D5413A1B7D83",
"versionEndIncluding": "17.009.20058",
"versionStartIncluding": "15.007.20033",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "11A0E83A-9D77-4A0B-90DE-386D21D54146",
"versionEndIncluding": "17.011.30066",
"versionStartIncluding": "17.011.00000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "0E4BAFB4-C5F3-4033-9876-AC3CF37206F8",
"versionEndIncluding": "15.006.30306",
"versionStartIncluding": "15.006.30060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "7C578153-11EF-4F8D-9137-4F7AB8024D7E",
"versionEndIncluding": "17.009.20058",
"versionStartIncluding": "15.007.20033",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1F87CC97-6ED7-4AF1-B7B7-F89EA09A68DB",
"versionEndIncluding": "11.0.20",
"versionStartIncluding": "11.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable heap overflow vulnerability in the image conversion engine when processing Enhanced Metafile Format (EMF) data related to polygons. Successful exploitation could lead to arbitrary code execution."
},
{
"lang": "es",
"value": "Adobe Acrobat Reader 2017.009.20058 y anteriores, 2017.008.30051 y anteriores, 2015.006.30306 y anteriores, y 11.0.20 y anteriores tiene una vulnerabilidad de desbordamiento de memoria din\u00e1mica en el motor de conversi\u00f3n de imagen cuando procesa datos Enhanced Metafile Format (EMF) relacionados con los pol\u00edgonos. La explotaci\u00f3n con \u00e9xito de esta vulnerabilidad podr\u00eda permitir la ejecuci\u00f3n arbitraria de c\u00f3digo."
}
],
"id": "CVE-2017-11241",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-08-11T19:29:01.100",
"references": [
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/100180"
},
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039098"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/100180"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039098"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-04-12 14:59
Modified
2025-04-20 01:37
Severity ?
Summary
Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability in the JBIG2 parsing functionality. Successful exploitation could lead to arbitrary code execution.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * | |
| apple | mac_os_x | * | |
| microsoft | windows | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "920C2C98-5D86-4436-BEFF-54D9A41D43C8",
"versionEndIncluding": "11.0.19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "E065F497-3396-4F95-B19F-35628C8AA570",
"versionEndIncluding": "15.006.30280",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "FAC7EE17-469A-45D6-94B1-7C84E8727A06",
"versionEndIncluding": "15.023.20070",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "EF2B91EA-41D3-4054-958C-5F174D2ADDF0",
"versionEndIncluding": "15.006.30280",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "2E18E48C-BDDD-4A01-91F1-C233D53C0978",
"versionEndIncluding": "15.023.20070",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E65E415E-1C3C-472E-9750-3295B65CC6F0",
"versionEndIncluding": "11.0.19",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability in the JBIG2 parsing functionality. Successful exploitation could lead to arbitrary code execution."
},
{
"lang": "es",
"value": "Las versiones de Adobe Acrobat Reader 11.0.19 y anteriores, 15.006.30280 y anteriores, 15.023.20070 y anteriores tienen una vulnerabilidad de corrupci\u00f3n de memoria explotable en la funcionalidad de an\u00e1lisis de JBIG2. Una explotaci\u00f3n exitosa podr\u00eda conducir a la ejecuci\u00f3n arbitraria de c\u00f3digo."
}
],
"id": "CVE-2017-3015",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-04-12T14:59:01.767",
"references": [
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/97556"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1038228"
},
{
"source": "psirt@adobe.com",
"tags": [
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/97556"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1038228"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-04-12 14:59
Modified
2025-04-20 01:37
Severity ?
Summary
Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable use after free vulnerability in the JavaScript API related to the collaboration functionality. Successful exploitation could lead to arbitrary code execution.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| psirt@adobe.com | http://www.securityfocus.com/bid/97550 | Third Party Advisory, VDB Entry | |
| psirt@adobe.com | http://www.securitytracker.com/id/1038228 | ||
| psirt@adobe.com | https://helpx.adobe.com/security/products/acrobat/apsb17-11.html | Vendor Advisory | |
| nvd@nist.gov | http://www.zerodayinitiative.com/advisories/ZDI-17-282/ | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/97550 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1038228 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://helpx.adobe.com/security/products/acrobat/apsb17-11.html | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * | |
| apple | mac_os_x | * | |
| microsoft | windows | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "920C2C98-5D86-4436-BEFF-54D9A41D43C8",
"versionEndIncluding": "11.0.19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "E065F497-3396-4F95-B19F-35628C8AA570",
"versionEndIncluding": "15.006.30280",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "FAC7EE17-469A-45D6-94B1-7C84E8727A06",
"versionEndIncluding": "15.023.20070",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "EF2B91EA-41D3-4054-958C-5F174D2ADDF0",
"versionEndIncluding": "15.006.30280",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "2E18E48C-BDDD-4A01-91F1-C233D53C0978",
"versionEndIncluding": "15.023.20070",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E65E415E-1C3C-472E-9750-3295B65CC6F0",
"versionEndIncluding": "11.0.19",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable use after free vulnerability in the JavaScript API related to the collaboration functionality. Successful exploitation could lead to arbitrary code execution."
},
{
"lang": "es",
"value": "Las versiones de Adobe Acrobat Reader 11.0.19 y anteriores, 15.006.30280 y anteriores, 15.023.20070 y anteriores tienen un uso explotable despu\u00e9s de la vulnerabilidad gratuita en la API de JavaScript relacionada con la funcionalidad de colaboraci\u00f3n. Una explotaci\u00f3n exitosa podr\u00eda conducir a la ejecuci\u00f3n arbitraria de c\u00f3digo."
}
],
"id": "CVE-2017-3057",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-04-12T14:59:03.017",
"references": [
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/97550"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1038228"
},
{
"source": "psirt@adobe.com",
"tags": [
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
},
{
"source": "nvd@nist.gov",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-17-282/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/97550"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1038228"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-416"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-10-13 19:59
Modified
2025-04-12 10:46
Severity ?
Summary
Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1089, CVE-2016-1091, CVE-2016-6944, CVE-2016-6945, CVE-2016-6946, CVE-2016-6949, CVE-2016-6952, CVE-2016-6953, CVE-2016-6961, CVE-2016-6962, CVE-2016-6963, CVE-2016-6965, CVE-2016-6967, CVE-2016-6968, CVE-2016-6969, CVE-2016-6971, CVE-2016-6979, CVE-2016-6988, and CVE-2016-6993.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | mac_os_x | * | |
| microsoft | windows | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CE518B7B-656F-42F8-BF38-F74B8D9CF5DE",
"versionEndIncluding": "11.0.17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "56758CE4-B394-41C2-9EF9-A00022DA7257",
"versionEndIncluding": "15.006.30201",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "B3F34EB4-2203-4BA8-9729-C1EB2DEEC334",
"versionEndIncluding": "15.017.20053",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "08EAC1A2-56CE-4375-822A-9B8C43758654",
"versionEndIncluding": "15.006.30201",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "747D8222-B077-49A3-83EB-A210CAF0D094",
"versionEndIncluding": "15.017.20053",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0A07526D-9AD0-4778-B9DC-57815F9F450F",
"versionEndIncluding": "11.0.17",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1089, CVE-2016-1091, CVE-2016-6944, CVE-2016-6945, CVE-2016-6946, CVE-2016-6949, CVE-2016-6952, CVE-2016-6953, CVE-2016-6961, CVE-2016-6962, CVE-2016-6963, CVE-2016-6965, CVE-2016-6967, CVE-2016-6968, CVE-2016-6969, CVE-2016-6971, CVE-2016-6979, CVE-2016-6988, and CVE-2016-6993."
},
{
"lang": "es",
"value": "Vulnerabilidad de uso despu\u00e9s de liberaci\u00f3n de memoria en Adobe Reader y Acrobat en versiones anteriores a 11.0.18, Acrobat y Acrobat Reader DC Classic en versiones anteriores a 15.006.30243 y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 15.020.20039 en Windows y OS X permite a atacantes ejecutar c\u00f3digo arbitrario a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-1089, CVE-2016-1091, CVE-2016-6944, CVE-2016-6945, CVE-2016-6946, CVE-2016-6949, CVE-2016-6952, CVE-2016-6953, CVE-2016-6961, CVE-2016-6962, CVE-2016-6963, CVE-2016-6965, CVE-2016-6967, CVE-2016-6968, CVE-2016-6969, CVE-2016-6971, CVE-2016-6979, CVE-2016-6988 y CVE-2016-6993."
}
],
"id": "CVE-2016-6964",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-10-13T19:59:35.627",
"references": [
{
"source": "psirt@adobe.com",
"url": "http://www.securityfocus.com/bid/93491"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/93491"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-416"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-08-11 19:29
Modified
2025-04-20 01:37
Severity ?
Summary
Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conversion engine when processing Enhanced Metafile Format (EMF) data related to text output. Successful exploitation could lead to arbitrary code execution.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| psirt@adobe.com | http://www.securityfocus.com/bid/100179 | Third Party Advisory, VDB Entry | |
| psirt@adobe.com | http://www.securitytracker.com/id/1039098 | Third Party Advisory, VDB Entry | |
| psirt@adobe.com | https://helpx.adobe.com/security/products/acrobat/apsb17-24.html | Patch, Vendor Advisory | |
| nvd@nist.gov | http://www.zerodayinitiative.com/advisories/ZDI-17-580/ | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/100179 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1039098 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://helpx.adobe.com/security/products/acrobat/apsb17-24.html | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| adobe | acrobat | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * | |
| apple | mac_os_x | * | |
| microsoft | windows | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A30D9514-FE2E-4A9C-9500-16890F53E970",
"versionEndIncluding": "11.0.20",
"versionStartIncluding": "11.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7C9B6745-48B3-47D5-B624-3321E9058FB6",
"versionEndIncluding": "17.011.30066",
"versionStartIncluding": "17.011.00000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "99D08096-DEEA-4409-835A-68479002FF0F",
"versionEndIncluding": "15.006.30306",
"versionStartIncluding": "15.006.30060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "C7A7FA12-9250-4E26-87AE-D5413A1B7D83",
"versionEndIncluding": "17.009.20058",
"versionStartIncluding": "15.007.20033",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "11A0E83A-9D77-4A0B-90DE-386D21D54146",
"versionEndIncluding": "17.011.30066",
"versionStartIncluding": "17.011.00000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "0E4BAFB4-C5F3-4033-9876-AC3CF37206F8",
"versionEndIncluding": "15.006.30306",
"versionStartIncluding": "15.006.30060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "7C578153-11EF-4F8D-9137-4F7AB8024D7E",
"versionEndIncluding": "17.009.20058",
"versionStartIncluding": "15.007.20033",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1F87CC97-6ED7-4AF1-B7B7-F89EA09A68DB",
"versionEndIncluding": "11.0.20",
"versionStartIncluding": "11.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conversion engine when processing Enhanced Metafile Format (EMF) data related to text output. Successful exploitation could lead to arbitrary code execution."
},
{
"lang": "es",
"value": "Adobe Acrobat Reader 2017.009.20058 y anteriores, 2017.008.30051 y anteriores, 2015.006.30306 y anteriores, y 11.0.20 y anteriores tiene una vulnerabilidad de corrupci\u00f3n de memoria en el motor de conversi\u00f3n de imagen cuando procesa datos Enhanced Metafile Format (EMF) relacionados con la salida de texto. La explotaci\u00f3n con \u00e9xito de esta vulnerabilidad podr\u00eda permitir la ejecuci\u00f3n arbitraria de c\u00f3digo."
}
],
"id": "CVE-2017-11212",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-08-11T19:29:00.320",
"references": [
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/100179"
},
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039098"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"source": "nvd@nist.gov",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-17-580/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/100179"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039098"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-05-11 11:00
Modified
2025-04-12 10:46
Severity ?
Summary
Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| psirt@adobe.com | http://www.securitytracker.com/id/1035828 | Third Party Advisory, VDB Entry | |
| psirt@adobe.com | https://helpx.adobe.com/security/products/acrobat/apsb16-14.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1035828 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://helpx.adobe.com/security/products/acrobat/apsb16-14.html | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | mac_os_x | * | |
| microsoft | windows | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3A70458C-0416-49BD-A371-1CFA85DC6A13",
"versionEndIncluding": "11.0.15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "E91D5928-1453-4359-9F35-46D9A3A9CD91",
"versionEndIncluding": "15.006.30121",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "504D35C5-04CB-4FBD-B9FD-4CBA71A5EC1A",
"versionEndIncluding": "15.010.20060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "A63411C3-E8AE-415D-B1B6-1EA6AA20494A",
"versionEndIncluding": "15.006.30121",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "B33BAE59-1F77-4F21-A5C0-B5D9D1D67F1E",
"versionEndIncluding": "15.010.20060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "15C60A67-A7DE-4B57-BC2B-28D9B546DA3B",
"versionEndIncluding": "11.0.15",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105."
},
{
"lang": "es",
"value": "Adobe Reader y Acrobat en versiones anteriores a 11.0.16, Acrobat y Acrobat Reader DC Classic en versiones anteriores a 15.006.30172 y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 15.016.20039 sobre Windows y OS X permiten a atacantes ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104 y CVE-2016-4105."
}
],
"id": "CVE-2016-4099",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-05-11T11:00:51.277",
"references": [
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1035828"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1035828"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-10-13 19:59
Modified
2025-04-12 10:46
Severity ?
Summary
Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | mac_os_x | * | |
| microsoft | windows | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CE518B7B-656F-42F8-BF38-F74B8D9CF5DE",
"versionEndIncluding": "11.0.17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "56758CE4-B394-41C2-9EF9-A00022DA7257",
"versionEndIncluding": "15.006.30201",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "B3F34EB4-2203-4BA8-9729-C1EB2DEEC334",
"versionEndIncluding": "15.017.20053",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "08EAC1A2-56CE-4375-822A-9B8C43758654",
"versionEndIncluding": "15.006.30201",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "747D8222-B077-49A3-83EB-A210CAF0D094",
"versionEndIncluding": "15.017.20053",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0A07526D-9AD0-4778-B9DC-57815F9F450F",
"versionEndIncluding": "11.0.17",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019."
},
{
"lang": "es",
"value": "Adobe Reader y Acrobat en versiones anteriores a 11.0.18, Acrobat y Acrobat Reader DC Classic en versiones anteriores a 15.006.30243 y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 15.020.20039 en Windows y OS X permiten a atacantes ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018 y CVE-2016-7019."
}
],
"id": "CVE-2016-6951",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-10-13T19:59:21.537",
"references": [
{
"source": "psirt@adobe.com",
"url": "http://www.securityfocus.com/bid/93496"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/93496"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-07-13 02:00
Modified
2025-04-12 10:46
Severity ?
Summary
Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4191, CVE-2016-4192, CVE-2016-4193, CVE-2016-4194, CVE-2016-4195, CVE-2016-4196, CVE-2016-4197, CVE-2016-4198, CVE-2016-4199, CVE-2016-4200, CVE-2016-4201, CVE-2016-4202, CVE-2016-4203, CVE-2016-4204, CVE-2016-4205, CVE-2016-4206, CVE-2016-4207, CVE-2016-4208, CVE-2016-4212, CVE-2016-4213, CVE-2016-4214, CVE-2016-4250, CVE-2016-4251, CVE-2016-4252, and CVE-2016-4254.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | mac_os_x | * | |
| microsoft | windows | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "48F7FCE4-6C44-45DA-B1F0-7808F497AA93",
"versionEndIncluding": "11.0.16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "3F3C7F23-77F4-4698-8E74-72917F2A83E9",
"versionEndIncluding": "15.006.30174",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "2E46BF91-F475-46CB-8575-13FE3A57BD55",
"versionEndIncluding": "15.016.20045",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "6D455EA4-9459-471D-8B4E-D7D78C1772F3",
"versionEndIncluding": "15.006.30174",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "79074ABD-9720-4298-A680-0B636FFC6151",
"versionEndIncluding": "15.016.20045",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CD2EDEC-3767-4713-ACD7-D463DAE2D273",
"versionEndIncluding": "11.0.16",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4191, CVE-2016-4192, CVE-2016-4193, CVE-2016-4194, CVE-2016-4195, CVE-2016-4196, CVE-2016-4197, CVE-2016-4198, CVE-2016-4199, CVE-2016-4200, CVE-2016-4201, CVE-2016-4202, CVE-2016-4203, CVE-2016-4204, CVE-2016-4205, CVE-2016-4206, CVE-2016-4207, CVE-2016-4208, CVE-2016-4212, CVE-2016-4213, CVE-2016-4214, CVE-2016-4250, CVE-2016-4251, CVE-2016-4252, and CVE-2016-4254."
},
{
"lang": "es",
"value": "Adobe Reader y Acrobat en versiones anteriores a 11.0.17, Acrobat y Acrobat Reader DC Classic en versiones anteriores a 15.006.30198 y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 15.017.20050 en Windows y OS X permiten a atacantes ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-4191, CVE-2016-4192, CVE-2016-4193, CVE-2016-4194, CVE-2016-4195, CVE-2016-4196, CVE-2016-4197, CVE-2016-4198, CVE-2016-4199, CVE-2016-4200, CVE-2016-4201, CVE-2016-4202, CVE-2016-4203, CVE-2016-4204, CVE-2016-4205, CVE-2016-4206, CVE-2016-4207, CVE-2016-4208, CVE-2016-4212, CVE-2016-4213, CVE-2016-4214, CVE-2016-4250, CVE-2016-4251, CVE-2016-4252 y CVE-2016-4254."
}
],
"id": "CVE-2016-4211",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-07-13T02:00:20.323",
"references": [
{
"source": "psirt@adobe.com",
"url": "http://www.securityfocus.com/bid/91716"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1036281"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/91716"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1036281"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-04-12 14:59
Modified
2025-04-20 01:37
Severity ?
Summary
Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability in the font manipulation functionality. Successful exploitation could lead to arbitrary code execution.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * | |
| apple | mac_os_x | * | |
| microsoft | windows | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "920C2C98-5D86-4436-BEFF-54D9A41D43C8",
"versionEndIncluding": "11.0.19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "E065F497-3396-4F95-B19F-35628C8AA570",
"versionEndIncluding": "15.006.30280",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "FAC7EE17-469A-45D6-94B1-7C84E8727A06",
"versionEndIncluding": "15.023.20070",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "EF2B91EA-41D3-4054-958C-5F174D2ADDF0",
"versionEndIncluding": "15.006.30280",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "2E18E48C-BDDD-4A01-91F1-C233D53C0978",
"versionEndIncluding": "15.023.20070",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E65E415E-1C3C-472E-9750-3295B65CC6F0",
"versionEndIncluding": "11.0.19",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability in the font manipulation functionality. Successful exploitation could lead to arbitrary code execution."
},
{
"lang": "es",
"value": "Las versiones de Adobe Acrobat Reader 11.0.19 y anteriores, 15.006.30280 y anteriores, 15.023.20070 y anteriores tienen una vulnerabilidad de corrupci\u00f3n de memoria explotable en la funcionalidad de manipulaci\u00f3n de fuentes. Una explotaci\u00f3n exitosa podr\u00eda conducir a la ejecuci\u00f3n arbitraria de c\u00f3digo."
}
],
"id": "CVE-2017-3065",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-04-12T14:59:03.280",
"references": [
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/97556"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1038228"
},
{
"source": "psirt@adobe.com",
"tags": [
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/97556"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1038228"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-04-12 14:59
Modified
2025-04-20 01:37
Severity ?
Summary
Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have a memory address leak vulnerability in the JPEG 2000 parser, related to contiguous code-stream parsing.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| psirt@adobe.com | http://www.securityfocus.com/bid/97554 | Third Party Advisory, VDB Entry | |
| psirt@adobe.com | http://www.securitytracker.com/id/1038228 | ||
| psirt@adobe.com | https://helpx.adobe.com/security/products/acrobat/apsb17-11.html | Vendor Advisory | |
| nvd@nist.gov | http://www.zerodayinitiative.com/advisories/ZDI-17-270/ | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/97554 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1038228 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://helpx.adobe.com/security/products/acrobat/apsb17-11.html | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * | |
| apple | mac_os_x | * | |
| microsoft | windows | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "920C2C98-5D86-4436-BEFF-54D9A41D43C8",
"versionEndIncluding": "11.0.19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "E065F497-3396-4F95-B19F-35628C8AA570",
"versionEndIncluding": "15.006.30280",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "FAC7EE17-469A-45D6-94B1-7C84E8727A06",
"versionEndIncluding": "15.023.20070",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "EF2B91EA-41D3-4054-958C-5F174D2ADDF0",
"versionEndIncluding": "15.006.30280",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "2E18E48C-BDDD-4A01-91F1-C233D53C0978",
"versionEndIncluding": "15.023.20070",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E65E415E-1C3C-472E-9750-3295B65CC6F0",
"versionEndIncluding": "11.0.19",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have a memory address leak vulnerability in the JPEG 2000 parser, related to contiguous code-stream parsing."
},
{
"lang": "es",
"value": "Las versiones de Adobe Acrobat Reader 11.0.19 y anteriores, 15.006.30280 y anteriores, 15.023.20070 y anteriores tienen una vulnerabilidad de fuga de direcci\u00f3n de memoria en el analizador JPEG 2000, relacionada con el an\u00e1lisis de flujo de c\u00f3digo contiguo."
}
],
"id": "CVE-2017-3046",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-04-12T14:59:02.687",
"references": [
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/97554"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1038228"
},
{
"source": "psirt@adobe.com",
"tags": [
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
},
{
"source": "nvd@nist.gov",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-17-270/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/97554"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1038228"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-09-17 02:59
Modified
2025-04-12 10:46
Severity ?
Summary
Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4255.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| psirt@adobe.com | http://www.securityfocus.com/bid/93016 | Third Party Advisory, VDB Entry | |
| psirt@adobe.com | http://www.zerodayinitiative.com/advisories/ZDI-16-591 | Third Party Advisory, VDB Entry | |
| psirt@adobe.com | https://helpx.adobe.com/security/products/acrobat/apsb16-26.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/93016 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.zerodayinitiative.com/advisories/ZDI-16-591 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://helpx.adobe.com/security/products/acrobat/apsb16-26.html | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | mac_os_x | * | |
| microsoft | windows | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "48F7FCE4-6C44-45DA-B1F0-7808F497AA93",
"versionEndIncluding": "11.0.16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "3F3C7F23-77F4-4698-8E74-72917F2A83E9",
"versionEndIncluding": "15.006.30174",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "2E46BF91-F475-46CB-8575-13FE3A57BD55",
"versionEndIncluding": "15.016.20045",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "6D455EA4-9459-471D-8B4E-D7D78C1772F3",
"versionEndIncluding": "15.006.30174",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "79074ABD-9720-4298-A680-0B636FFC6151",
"versionEndIncluding": "15.016.20045",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CD2EDEC-3767-4713-ACD7-D463DAE2D273",
"versionEndIncluding": "11.0.16",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4255."
},
{
"lang": "es",
"value": "Vulnerabilidad de uso despu\u00e9s de liberaci\u00f3n de memoria en Adobe Reader y Acrobat en versiones anteriores a 11.0.17, Acrobat y Acrobat Reader DC Classic en versiones anteriores a 15.006.30198 y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 15.017.20050 en Windows y OS X permite a atacantes ejecutar c\u00f3digo arbitrario a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-4255."
}
],
"id": "CVE-2016-6938",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-09-17T02:59:04.617",
"references": [
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/93016"
},
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-591"
},
{
"source": "psirt@adobe.com",
"tags": [
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/93016"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-591"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-416"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-08-11 19:29
Modified
2025-04-20 01:37
Severity ?
Summary
Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conversion engine when processing Enhanced Metafile Format (EMF) data related to curve drawing. Successful exploitation could lead to arbitrary code execution.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| psirt@adobe.com | http://www.securityfocus.com/bid/100184 | Third Party Advisory, VDB Entry | |
| psirt@adobe.com | http://www.securitytracker.com/id/1039098 | Third Party Advisory, VDB Entry | |
| psirt@adobe.com | https://helpx.adobe.com/security/products/acrobat/apsb17-24.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/100184 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1039098 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://helpx.adobe.com/security/products/acrobat/apsb17-24.html | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| adobe | acrobat | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * | |
| apple | mac_os_x | * | |
| microsoft | windows | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A30D9514-FE2E-4A9C-9500-16890F53E970",
"versionEndIncluding": "11.0.20",
"versionStartIncluding": "11.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7C9B6745-48B3-47D5-B624-3321E9058FB6",
"versionEndIncluding": "17.011.30066",
"versionStartIncluding": "17.011.00000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "99D08096-DEEA-4409-835A-68479002FF0F",
"versionEndIncluding": "15.006.30306",
"versionStartIncluding": "15.006.30060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "C7A7FA12-9250-4E26-87AE-D5413A1B7D83",
"versionEndIncluding": "17.009.20058",
"versionStartIncluding": "15.007.20033",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "11A0E83A-9D77-4A0B-90DE-386D21D54146",
"versionEndIncluding": "17.011.30066",
"versionStartIncluding": "17.011.00000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "0E4BAFB4-C5F3-4033-9876-AC3CF37206F8",
"versionEndIncluding": "15.006.30306",
"versionStartIncluding": "15.006.30060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "7C578153-11EF-4F8D-9137-4F7AB8024D7E",
"versionEndIncluding": "17.009.20058",
"versionStartIncluding": "15.007.20033",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1F87CC97-6ED7-4AF1-B7B7-F89EA09A68DB",
"versionEndIncluding": "11.0.20",
"versionStartIncluding": "11.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conversion engine when processing Enhanced Metafile Format (EMF) data related to curve drawing. Successful exploitation could lead to arbitrary code execution."
},
{
"lang": "es",
"value": "Adobe Acrobat Reader 2017.009.20058 y anteriores, 2017.008.30051 y anteriores, 2015.006.30306 y anteriores, y 11.0.20 y anteriores tiene una vulnerabilidad de corrupci\u00f3n de memoria en el motor de conversi\u00f3n de imagen cuando procesa datos Enhanced Metafile Format (EMF) relacionados con el dibujo de curvas. La explotaci\u00f3n con \u00e9xito de esta vulnerabilidad podr\u00eda permitir la ejecuci\u00f3n arbitraria de c\u00f3digo."
}
],
"id": "CVE-2017-11238",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-08-11T19:29:01.023",
"references": [
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/100184"
},
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039098"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/100184"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039098"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-10-13 20:00
Modified
2025-04-12 10:46
Severity ?
Summary
Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | mac_os_x | * | |
| microsoft | windows | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CE518B7B-656F-42F8-BF38-F74B8D9CF5DE",
"versionEndIncluding": "11.0.17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "56758CE4-B394-41C2-9EF9-A00022DA7257",
"versionEndIncluding": "15.006.30201",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "B3F34EB4-2203-4BA8-9729-C1EB2DEEC334",
"versionEndIncluding": "15.017.20053",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "08EAC1A2-56CE-4375-822A-9B8C43758654",
"versionEndIncluding": "15.006.30201",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "747D8222-B077-49A3-83EB-A210CAF0D094",
"versionEndIncluding": "15.017.20053",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0A07526D-9AD0-4778-B9DC-57815F9F450F",
"versionEndIncluding": "11.0.17",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019."
},
{
"lang": "es",
"value": "Adobe Reader y Acrobat en versiones anteriores a 11.0.18, Acrobat y Acrobat Reader DC Classic en versiones anteriores a 15.006.30243 y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 15.020.20039 en Windows y OS X permiten a atacantes ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018 y CVE-2016-7019."
}
],
"id": "CVE-2016-7013",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-10-13T20:00:53.167",
"references": [
{
"source": "psirt@adobe.com",
"url": "http://www.securityfocus.com/bid/93496"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/93496"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-10-13 19:59
Modified
2025-04-12 10:46
Severity ?
Summary
Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | mac_os_x | * | |
| microsoft | windows | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CE518B7B-656F-42F8-BF38-F74B8D9CF5DE",
"versionEndIncluding": "11.0.17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "56758CE4-B394-41C2-9EF9-A00022DA7257",
"versionEndIncluding": "15.006.30201",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "B3F34EB4-2203-4BA8-9729-C1EB2DEEC334",
"versionEndIncluding": "15.017.20053",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "08EAC1A2-56CE-4375-822A-9B8C43758654",
"versionEndIncluding": "15.006.30201",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "747D8222-B077-49A3-83EB-A210CAF0D094",
"versionEndIncluding": "15.017.20053",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0A07526D-9AD0-4778-B9DC-57815F9F450F",
"versionEndIncluding": "11.0.17",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019."
},
{
"lang": "es",
"value": "Adobe Reader y Acrobat en versiones anteriores a 11.0.18, Acrobat y Acrobat Reader DC Classic en versiones anteriores a 15.006.30243 y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 15.020.20039 en Windows y OS X permiten a atacantes ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018 y CVE-2016-7019."
}
],
"id": "CVE-2016-6966",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-10-13T19:59:37.587",
"references": [
{
"source": "psirt@adobe.com",
"url": "http://www.securityfocus.com/bid/93496"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/93496"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-08-11 19:29
Modified
2025-04-20 01:37
Severity ?
Summary
Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the Adobe Graphics Manager module. Successful exploitation could lead to arbitrary code execution.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| psirt@adobe.com | http://www.securityfocus.com/bid/100184 | Third Party Advisory, VDB Entry | |
| psirt@adobe.com | http://www.securitytracker.com/id/1039098 | Third Party Advisory, VDB Entry | |
| psirt@adobe.com | https://helpx.adobe.com/security/products/acrobat/apsb17-24.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/100184 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1039098 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://helpx.adobe.com/security/products/acrobat/apsb17-24.html | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| adobe | acrobat | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * | |
| apple | mac_os_x | * | |
| microsoft | windows | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A30D9514-FE2E-4A9C-9500-16890F53E970",
"versionEndIncluding": "11.0.20",
"versionStartIncluding": "11.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7C9B6745-48B3-47D5-B624-3321E9058FB6",
"versionEndIncluding": "17.011.30066",
"versionStartIncluding": "17.011.00000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "99D08096-DEEA-4409-835A-68479002FF0F",
"versionEndIncluding": "15.006.30306",
"versionStartIncluding": "15.006.30060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "C7A7FA12-9250-4E26-87AE-D5413A1B7D83",
"versionEndIncluding": "17.009.20058",
"versionStartIncluding": "15.007.20033",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "11A0E83A-9D77-4A0B-90DE-386D21D54146",
"versionEndIncluding": "17.011.30066",
"versionStartIncluding": "17.011.00000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "0E4BAFB4-C5F3-4033-9876-AC3CF37206F8",
"versionEndIncluding": "15.006.30306",
"versionStartIncluding": "15.006.30060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "7C578153-11EF-4F8D-9137-4F7AB8024D7E",
"versionEndIncluding": "17.009.20058",
"versionStartIncluding": "15.007.20033",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1F87CC97-6ED7-4AF1-B7B7-F89EA09A68DB",
"versionEndIncluding": "11.0.20",
"versionStartIncluding": "11.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the Adobe Graphics Manager module. Successful exploitation could lead to arbitrary code execution."
},
{
"lang": "es",
"value": "Adobe Acrobat Reader 2017.009.20058 y anteriores, 2017.008.30051 y anteriores, 2015.006.30306 y anteriores, y 11.0.20 y anteriores tiene una vulnerabilidad de corrupci\u00f3n de memoria en el m\u00f3dulo Adobe Graphics Manager. La explotaci\u00f3n con \u00e9xito de esta vulnerabilidad podr\u00eda permitir la ejecuci\u00f3n arbitraria de c\u00f3digo."
}
],
"id": "CVE-2017-11265",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-08-11T19:29:01.743",
"references": [
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/100184"
},
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039098"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/100184"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039098"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-01-11 04:59
Modified
2025-04-20 01:37
Severity ?
Summary
Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable memory corruption vulnerability when processing tags in TIFF images. Successful exploitation could lead to arbitrary code execution.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * | |
| apple | mac_os_x | * | |
| microsoft | windows | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "591061D5-5A3B-4788-9219-E6A267C7F205",
"versionEndIncluding": "11.0.18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "2DA73DF1-D517-4D01-A901-11C6A410F3F7",
"versionEndIncluding": "15.006.30244",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "1044057B-3C1D-4920-B16E-11E8F43B416D",
"versionEndIncluding": "15.020.20042",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "65AE21B3-AF0D-480B-9D1A-4D64D2F749D2",
"versionEndIncluding": "15.006.30244",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "C032D3A4-80F5-4066-97DC-3AED72D6C15A",
"versionEndIncluding": "15.020.20042",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8D7F2E90-F6DF-41A3-A1DB-26058BEA2A02",
"versionEndIncluding": "11.0.18",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable memory corruption vulnerability when processing tags in TIFF images. Successful exploitation could lead to arbitrary code execution."
},
{
"lang": "es",
"value": "Las versiones de Adobe Acrobat Reader 15.020.20042 y anteriores, 15.006.30244 y anteriores, 11.0.18 y anteriores tienen una vulnerabilidad de corrupci\u00f3n de memoria explotable cuando procesa etiquetas en im\u00e1genes TIFF. Una explotaci\u00f3n satisfactoria podr\u00eda conducir a la ejecuci\u00f3n de c\u00f3digo arbitrario."
}
],
"id": "CVE-2017-2943",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-01-11T04:59:00.913",
"references": [
{
"source": "psirt@adobe.com",
"url": "http://www.securityfocus.com/bid/95345"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1037574"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/95345"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1037574"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-01-11 04:59
Modified
2025-04-20 01:37
Severity ?
Summary
Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable memory corruption vulnerability in the image conversion module when processing a TIFF image. Successful exploitation could lead to arbitrary code execution.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * | |
| apple | mac_os_x | * | |
| microsoft | windows | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "591061D5-5A3B-4788-9219-E6A267C7F205",
"versionEndIncluding": "11.0.18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "2DA73DF1-D517-4D01-A901-11C6A410F3F7",
"versionEndIncluding": "15.006.30244",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "1044057B-3C1D-4920-B16E-11E8F43B416D",
"versionEndIncluding": "15.020.20042",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "65AE21B3-AF0D-480B-9D1A-4D64D2F749D2",
"versionEndIncluding": "15.006.30244",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "C032D3A4-80F5-4066-97DC-3AED72D6C15A",
"versionEndIncluding": "15.020.20042",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8D7F2E90-F6DF-41A3-A1DB-26058BEA2A02",
"versionEndIncluding": "11.0.18",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable memory corruption vulnerability in the image conversion module when processing a TIFF image. Successful exploitation could lead to arbitrary code execution."
},
{
"lang": "es",
"value": "Las versiones de Adobe Acrobat Reader 15.020.20042 y anteriores, 15.006.30244 y anteriores, 11.0.18 y anteriores tienen una vulnerabilidad de corrupci\u00f3n de memoria explotable en el m\u00f3dulo de conversi\u00f3n de im\u00e1genes cuando procesan una imagen TIFF. Una explotaci\u00f3n satisfactoria podr\u00eda conducir a la ejecuci\u00f3n de c\u00f3digo arbitrario."
}
],
"id": "CVE-2017-2953",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-01-11T04:59:01.523",
"references": [
{
"source": "psirt@adobe.com",
"url": "http://www.securityfocus.com/bid/95345"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1037574"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/95345"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1037574"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-04-12 14:59
Modified
2025-04-20 01:37
Severity ?
Summary
Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability in the Product Representation Compact (PRC) format parser. Successful exploitation could lead to arbitrary code execution.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * | |
| apple | mac_os_x | * | |
| microsoft | windows | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "920C2C98-5D86-4436-BEFF-54D9A41D43C8",
"versionEndIncluding": "11.0.19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "E065F497-3396-4F95-B19F-35628C8AA570",
"versionEndIncluding": "15.006.30280",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "FAC7EE17-469A-45D6-94B1-7C84E8727A06",
"versionEndIncluding": "15.023.20070",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "EF2B91EA-41D3-4054-958C-5F174D2ADDF0",
"versionEndIncluding": "15.006.30280",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "2E18E48C-BDDD-4A01-91F1-C233D53C0978",
"versionEndIncluding": "15.023.20070",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E65E415E-1C3C-472E-9750-3295B65CC6F0",
"versionEndIncluding": "11.0.19",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability in the Product Representation Compact (PRC) format parser. Successful exploitation could lead to arbitrary code execution."
},
{
"lang": "es",
"value": "Las versiones de Adobe Acrobat Reader 11.0.19 y anteriores, 15.006.30280 y anteriores, 15.023.20070 y anteriores tienen una vulnerabilidad de corrupci\u00f3n de memoria explotable en el analizador de formato de representaci\u00f3n de producto (PRC). Una explotaci\u00f3n exitosa podr\u00eda conducir a la ejecuci\u00f3n de c\u00f3digo arbitrario."
}
],
"id": "CVE-2017-3019",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-04-12T14:59:01.827",
"references": [
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/97556"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1038228"
},
{
"source": "psirt@adobe.com",
"tags": [
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/97556"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1038228"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-07-13 02:00
Modified
2025-04-12 10:46
Severity ?
Summary
Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4191, CVE-2016-4192, CVE-2016-4193, CVE-2016-4194, CVE-2016-4195, CVE-2016-4196, CVE-2016-4197, CVE-2016-4198, CVE-2016-4199, CVE-2016-4200, CVE-2016-4201, CVE-2016-4202, CVE-2016-4203, CVE-2016-4204, CVE-2016-4205, CVE-2016-4206, CVE-2016-4207, CVE-2016-4208, CVE-2016-4211, CVE-2016-4212, CVE-2016-4214, CVE-2016-4250, CVE-2016-4251, CVE-2016-4252, and CVE-2016-4254.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | mac_os_x | * | |
| microsoft | windows | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "48F7FCE4-6C44-45DA-B1F0-7808F497AA93",
"versionEndIncluding": "11.0.16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "3F3C7F23-77F4-4698-8E74-72917F2A83E9",
"versionEndIncluding": "15.006.30174",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "2E46BF91-F475-46CB-8575-13FE3A57BD55",
"versionEndIncluding": "15.016.20045",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "6D455EA4-9459-471D-8B4E-D7D78C1772F3",
"versionEndIncluding": "15.006.30174",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "79074ABD-9720-4298-A680-0B636FFC6151",
"versionEndIncluding": "15.016.20045",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CD2EDEC-3767-4713-ACD7-D463DAE2D273",
"versionEndIncluding": "11.0.16",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4191, CVE-2016-4192, CVE-2016-4193, CVE-2016-4194, CVE-2016-4195, CVE-2016-4196, CVE-2016-4197, CVE-2016-4198, CVE-2016-4199, CVE-2016-4200, CVE-2016-4201, CVE-2016-4202, CVE-2016-4203, CVE-2016-4204, CVE-2016-4205, CVE-2016-4206, CVE-2016-4207, CVE-2016-4208, CVE-2016-4211, CVE-2016-4212, CVE-2016-4214, CVE-2016-4250, CVE-2016-4251, CVE-2016-4252, and CVE-2016-4254."
},
{
"lang": "es",
"value": "Adobe Reader y Acrobat en versiones anteriores a 11.0.17, Acrobat y Acrobat Reader DC Classic en versiones anteriores a 15.006.30198, y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 15.017.20050 en Windows y OS X permiten a atacantes ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-4191, CVE-2016-4192, CVE-2016-4193, CVE-2016-4194, CVE-2016-4195, CVE-2016-4196, CVE-2016-4197, CVE-2016-4198, CVE-2016-4199, CVE-2016-4200, CVE-2016-4201, CVE-2016-4202, CVE-2016-4203, CVE-2016-4204, CVE-2016-4205, CVE-2016-4206, CVE-2016-4207, CVE-2016-4208, CVE-2016-4211, CVE-2016-4212, CVE-2016-4214, CVE-2016-4250, CVE-2016-4251, CVE-2016-4252 y CVE-2016-4254."
}
],
"id": "CVE-2016-4213",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-07-13T02:00:22.057",
"references": [
{
"source": "psirt@adobe.com",
"url": "http://www.securityfocus.com/bid/91716"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1036281"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/91716"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1036281"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-05-11 10:59
Modified
2025-04-12 10:46
Severity ?
Summary
Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | mac_os_x | * | |
| microsoft | windows | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3A70458C-0416-49BD-A371-1CFA85DC6A13",
"versionEndIncluding": "11.0.15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "E91D5928-1453-4359-9F35-46D9A3A9CD91",
"versionEndIncluding": "15.006.30121",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "504D35C5-04CB-4FBD-B9FD-4CBA71A5EC1A",
"versionEndIncluding": "15.010.20060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "A63411C3-E8AE-415D-B1B6-1EA6AA20494A",
"versionEndIncluding": "15.006.30121",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "B33BAE59-1F77-4F21-A5C0-B5D9D1D67F1E",
"versionEndIncluding": "15.010.20060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "15C60A67-A7DE-4B57-BC2B-28D9B546DA3B",
"versionEndIncluding": "11.0.15",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105."
},
{
"lang": "es",
"value": "Adobe Reader y Acrobat en versiones anteriores a 11.0.16, Acrobat y Acrobat Reader DC Classic en versiones anteriores a 15.006.30172 y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 15.016.20039 sobre Windows y OS X permiten a atacantes ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104 y CVE-2016-4105."
}
],
"id": "CVE-2016-1086",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-05-11T10:59:57.000",
"references": [
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-08-11 19:29
Modified
2025-04-20 01:37
Severity ?
Summary
Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| psirt@adobe.com | http://www.securityfocus.com/bid/100179 | Third Party Advisory, VDB Entry | |
| psirt@adobe.com | http://www.securitytracker.com/id/1039098 | Third Party Advisory, VDB Entry | |
| psirt@adobe.com | https://helpx.adobe.com/security/products/acrobat/apsb17-24.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/100179 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1039098 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://helpx.adobe.com/security/products/acrobat/apsb17-24.html | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * | |
| apple | mac_os_x | * | |
| microsoft | windows | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "841C1E2E-489F-452C-9512-C4976F7951ED",
"versionEndExcluding": "11.0.21",
"versionStartIncluding": "11.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "DD7E48BF-3FFF-4584-A3EF-4C3B671FF3E4",
"versionEndExcluding": "15.006.30355",
"versionStartIncluding": "15.000.0000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "AEAD8344-7386-4468-BD13-F3220B6EBA48",
"versionEndIncluding": "17.011.30066",
"versionStartIncluding": "17.000.0000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "4A939794-0D67-400D-AF40-5B09A747DA3B",
"versionEndExcluding": "17.012.20098",
"versionStartIncluding": "17.000.0000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "84C9A908-2F15-4B64-9627-32029DC93DCD",
"versionEndExcluding": "15.006.30355",
"versionStartIncluding": "15.000.0000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "28BC5560-D81A-4B5F-B38A-5BA6000E2586",
"versionEndExcluding": "17.011.30066",
"versionStartIncluding": "17.000.0000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "ADB953D4-4A78-4D43-BAD9-72BC7F3DF8D8",
"versionEndExcluding": "17.012.20098",
"versionStartIncluding": "17.000.0000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F6E71815-C6E4-465F-B484-C8C87543DEDC",
"versionEndExcluding": "11.0.21",
"versionStartIncluding": "11.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution."
},
{
"lang": "es",
"value": "Adobe Acrobat Reader 2017.009.20058 y anteriores, 2017.008.30051 y anteriores, 2015.006.30306 y anteriores, y 11.0.20 y anteriores tiene una vulnerabilidad de corrupci\u00f3n de memoria. La explotaci\u00f3n con \u00e9xito de esta vulnerabilidad podr\u00eda permitir la ejecuci\u00f3n arbitraria de c\u00f3digo."
}
],
"id": "CVE-2017-3016",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-08-11T19:29:02.180",
"references": [
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/100179"
},
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039098"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/100179"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039098"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2012-01-10 21:55
Modified
2025-04-11 00:51
Severity ?
Summary
Adobe Reader and Acrobat before 9.5, and 10.x before 10.1.2, on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-4370 and CVE-2011-4373.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| psirt@adobe.com | http://www.adobe.com/support/security/bulletins/apsb12-01.html | Patch, Vendor Advisory | |
| psirt@adobe.com | http://www.securityfocus.com/bid/51349 | Broken Link, VDB Entry | |
| psirt@adobe.com | http://www.securitytracker.com/id?1026496 | Broken Link, VDB Entry | |
| psirt@adobe.com | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14857 | Tool Signature | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.adobe.com/support/security/bulletins/apsb12-01.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/51349 | Broken Link, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id?1026496 | Broken Link, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14857 | Tool Signature |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A70868B3-F3C5-4DC0-9013-78E77F424109",
"versionEndIncluding": "10.1.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EA1F1816-CFFC-45BF-A193-35F4A07C2EF7",
"versionEndIncluding": "10.1.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4C56F007-5F8E-4BDD-A803-C907BCC0AF55",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E63E65B1-5E44-4ADD-A692-20877FA22057",
"versionEndIncluding": "9.4.6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:9.4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "314014C8-527A-4D6D-B9BF-30084178C9B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "45B31326-A27E-42EA-B8D6-FE7165111A55",
"versionEndIncluding": "9.4.6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:9.4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "F1DE8E04-ACEC-4D43-B65C-C74C8020FB50",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "758BD624-4D03-40C9-8F03-F0F9A7A5DE99",
"versionEndIncluding": "9.4.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:9.4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "0335CEAA-ED55-46AA-98D9-693733CDA68C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BCAF5003-4BF0-4C1B-A153-9FC76D64CB44",
"versionEndIncluding": "9.4.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:9.4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "8C2303F4-5AD9-4863-A42B-FBB618AB73DD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*",
"matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 9.5, and 10.x before 10.1.2, on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-4370 and CVE-2011-4373."
},
{
"lang": "es",
"value": "Adobe Reader y Adobe Acrobat antes de v9.5, y v10.x antes de v10.1.2, bajo Windows y Mac OS X permiten a los atacantes ejecutar c\u00f3digo de su elecci\u00f3n o causar una denegaci\u00f3n de servicio (por corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados. Se trata de una vulnerabilidad diferente a CVE-2011-4370 y CVE-2011-4373."
}
],
"id": "CVE-2011-4372",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2012-01-10T21:55:03.603",
"references": [
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.adobe.com/support/security/bulletins/apsb12-01.html"
},
{
"source": "psirt@adobe.com",
"tags": [
"Broken Link",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/51349"
},
{
"source": "psirt@adobe.com",
"tags": [
"Broken Link",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id?1026496"
},
{
"source": "psirt@adobe.com",
"tags": [
"Tool Signature"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14857"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.adobe.com/support/security/bulletins/apsb12-01.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/51349"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id?1026496"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Tool Signature"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14857"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-05-11 11:00
Modified
2025-04-12 10:46
Severity ?
Summary
Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| psirt@adobe.com | http://www.securitytracker.com/id/1035828 | Third Party Advisory, VDB Entry | |
| psirt@adobe.com | https://helpx.adobe.com/security/products/acrobat/apsb16-14.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1035828 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://helpx.adobe.com/security/products/acrobat/apsb16-14.html | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | mac_os_x | * | |
| microsoft | windows | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3A70458C-0416-49BD-A371-1CFA85DC6A13",
"versionEndIncluding": "11.0.15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "E91D5928-1453-4359-9F35-46D9A3A9CD91",
"versionEndIncluding": "15.006.30121",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "504D35C5-04CB-4FBD-B9FD-4CBA71A5EC1A",
"versionEndIncluding": "15.010.20060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "A63411C3-E8AE-415D-B1B6-1EA6AA20494A",
"versionEndIncluding": "15.006.30121",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "B33BAE59-1F77-4F21-A5C0-B5D9D1D67F1E",
"versionEndIncluding": "15.010.20060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "15C60A67-A7DE-4B57-BC2B-28D9B546DA3B",
"versionEndIncluding": "11.0.15",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105."
},
{
"lang": "es",
"value": "Adobe Reader y Acrobat en versiones anteriores a 11.0.16, Acrobat y Acrobat Reader DC Classic en versiones anteriores a 15.006.30172 y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 15.016.20039 sobre Windows y OS X permiten a atacantes ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104 y CVE-2016-4105."
}
],
"id": "CVE-2016-4093",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-05-11T11:00:45.280",
"references": [
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1035828"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1035828"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-10-13 19:59
Modified
2025-04-12 10:46
Severity ?
Summary
Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1089, CVE-2016-1091, CVE-2016-6944, CVE-2016-6945, CVE-2016-6946, CVE-2016-6949, CVE-2016-6952, CVE-2016-6961, CVE-2016-6962, CVE-2016-6963, CVE-2016-6964, CVE-2016-6965, CVE-2016-6967, CVE-2016-6968, CVE-2016-6969, CVE-2016-6971, CVE-2016-6979, CVE-2016-6988, and CVE-2016-6993.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | mac_os_x | * | |
| microsoft | windows | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CE518B7B-656F-42F8-BF38-F74B8D9CF5DE",
"versionEndIncluding": "11.0.17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "56758CE4-B394-41C2-9EF9-A00022DA7257",
"versionEndIncluding": "15.006.30201",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "B3F34EB4-2203-4BA8-9729-C1EB2DEEC334",
"versionEndIncluding": "15.017.20053",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "08EAC1A2-56CE-4375-822A-9B8C43758654",
"versionEndIncluding": "15.006.30201",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "747D8222-B077-49A3-83EB-A210CAF0D094",
"versionEndIncluding": "15.017.20053",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0A07526D-9AD0-4778-B9DC-57815F9F450F",
"versionEndIncluding": "11.0.17",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1089, CVE-2016-1091, CVE-2016-6944, CVE-2016-6945, CVE-2016-6946, CVE-2016-6949, CVE-2016-6952, CVE-2016-6961, CVE-2016-6962, CVE-2016-6963, CVE-2016-6964, CVE-2016-6965, CVE-2016-6967, CVE-2016-6968, CVE-2016-6969, CVE-2016-6971, CVE-2016-6979, CVE-2016-6988, and CVE-2016-6993."
},
{
"lang": "es",
"value": "Vulnerabilidad de uso despu\u00e9s de liberaci\u00f3n de memoria en Adobe Reader y Acrobat en versiones anteriores a 11.0.18, Acrobat y Acrobat Reader DC Classic en versiones anteriores a 15.006.30243 y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 15.020.20039 en Windows y OS X permite a atacantes ejecutar c\u00f3digo arbitrario a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-1089, CVE-2016-1091, CVE-2016-6944, CVE-2016-6945, CVE-2016-6946, CVE-2016-6949, CVE-2016-6952, CVE-2016-6961, CVE-2016-6962, CVE-2016-6963, CVE-2016-6964, CVE-2016-6965, CVE-2016-6967, CVE-2016-6968, CVE-2016-6969, CVE-2016-6971, CVE-2016-6979, CVE-2016-6988 y CVE-2016-6993."
}
],
"id": "CVE-2016-6953",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-10-13T19:59:23.763",
"references": [
{
"source": "psirt@adobe.com",
"url": "http://www.securityfocus.com/bid/93491"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/93491"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-416"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-05-11 10:59
Modified
2025-04-12 10:46
Severity ?
Summary
Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1045, CVE-2016-1046, CVE-2016-1047, CVE-2016-1048, CVE-2016-1049, CVE-2016-1050, CVE-2016-1051, CVE-2016-1052, CVE-2016-1053, CVE-2016-1054, CVE-2016-1055, CVE-2016-1056, CVE-2016-1057, CVE-2016-1058, CVE-2016-1059, CVE-2016-1060, CVE-2016-1061, CVE-2016-1065, CVE-2016-1066, CVE-2016-1067, CVE-2016-1068, CVE-2016-1070, CVE-2016-1075, CVE-2016-1094, CVE-2016-1121, CVE-2016-1122, CVE-2016-4102, and CVE-2016-4107.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | mac_os_x | * | |
| microsoft | windows | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3A70458C-0416-49BD-A371-1CFA85DC6A13",
"versionEndIncluding": "11.0.15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "E91D5928-1453-4359-9F35-46D9A3A9CD91",
"versionEndIncluding": "15.006.30121",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "504D35C5-04CB-4FBD-B9FD-4CBA71A5EC1A",
"versionEndIncluding": "15.010.20060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "A63411C3-E8AE-415D-B1B6-1EA6AA20494A",
"versionEndIncluding": "15.006.30121",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "B33BAE59-1F77-4F21-A5C0-B5D9D1D67F1E",
"versionEndIncluding": "15.010.20060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "15C60A67-A7DE-4B57-BC2B-28D9B546DA3B",
"versionEndIncluding": "11.0.15",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1045, CVE-2016-1046, CVE-2016-1047, CVE-2016-1048, CVE-2016-1049, CVE-2016-1050, CVE-2016-1051, CVE-2016-1052, CVE-2016-1053, CVE-2016-1054, CVE-2016-1055, CVE-2016-1056, CVE-2016-1057, CVE-2016-1058, CVE-2016-1059, CVE-2016-1060, CVE-2016-1061, CVE-2016-1065, CVE-2016-1066, CVE-2016-1067, CVE-2016-1068, CVE-2016-1070, CVE-2016-1075, CVE-2016-1094, CVE-2016-1121, CVE-2016-1122, CVE-2016-4102, and CVE-2016-4107."
},
{
"lang": "es",
"value": "Vulnerabilidad de uso despu\u00e9s de liberaci\u00f3n de memoria en Adobe Reader y Acrobat en versiones anteriores a 11.0.16, Acrobat y Acrobat Reader DC Classic en versiones anteriores a 15.006.30172 y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 15.016.20039 sobre Windows y OS X permite a atacantes ejecutar c\u00f3digo arbitrario a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-1045, CVE-2016-1046, CVE-2016-1047, CVE-2016-1048, CVE-2016-1049, CVE-2016-1050, CVE-2016-1051, CVE-2016-1052, CVE-2016-1053, CVE-2016-1054, CVE-2016-1055, CVE-2016-1056, CVE-2016-1057, CVE-2016-1058, CVE-2016-1059, CVE-2016-1060, CVE-2016-1061, CVE-2016-1065, CVE-2016-1066, CVE-2016-1067, CVE-2016-1068, CVE-2016-1070, CVE-2016-1075, CVE-2016-1094, CVE-2016-1121, CVE-2016-1122, CVE-2016-4102 y CVE-2016-4107."
}
],
"evaluatorComment": "\u003ca href=\"http://cwe.mitre.org/data/definitions/416.html\"\u003eCWE-416: Use After Free\u003c/a\u003e",
"id": "CVE-2016-1069",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-05-11T10:59:37.097",
"references": [
{
"source": "psirt@adobe.com",
"url": "http://www.securityfocus.com/bid/90512"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"source": "psirt@adobe.com",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-317"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/90512"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-317"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-04-12 14:59
Modified
2025-04-20 01:37
Severity ?
Summary
Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable use after free vulnerability in the XFA module, related to the choiceList element. Successful exploitation could lead to arbitrary code execution.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * | |
| apple | mac_os_x | * | |
| microsoft | windows | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "920C2C98-5D86-4436-BEFF-54D9A41D43C8",
"versionEndIncluding": "11.0.19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "E065F497-3396-4F95-B19F-35628C8AA570",
"versionEndIncluding": "15.006.30280",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "FAC7EE17-469A-45D6-94B1-7C84E8727A06",
"versionEndIncluding": "15.023.20070",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "EF2B91EA-41D3-4054-958C-5F174D2ADDF0",
"versionEndIncluding": "15.006.30280",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "2E18E48C-BDDD-4A01-91F1-C233D53C0978",
"versionEndIncluding": "15.023.20070",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E65E415E-1C3C-472E-9750-3295B65CC6F0",
"versionEndIncluding": "11.0.19",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable use after free vulnerability in the XFA module, related to the choiceList element. Successful exploitation could lead to arbitrary code execution."
},
{
"lang": "es",
"value": "Las versiones de Adobe Acrobat Reader 11.0.19 y anteriores, 15.006.30280 y anteriores, 15.023.20070 y anteriores tienen un uso explotable despu\u00e9s de la vulnerabilidad gratuita en el m\u00f3dulo XFA, relacionado con el elemento choiceList. Una explotaci\u00f3n exitosa podr\u00eda conducir a la ejecuci\u00f3n arbitraria de c\u00f3digo."
}
],
"id": "CVE-2017-3027",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-04-12T14:59:02.093",
"references": [
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/97550"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1038228"
},
{
"source": "psirt@adobe.com",
"tags": [
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/97550"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1038228"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-416"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-05-11 11:00
Modified
2025-04-12 10:46
Severity ?
Summary
Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | mac_os_x | * | |
| microsoft | windows | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3A70458C-0416-49BD-A371-1CFA85DC6A13",
"versionEndIncluding": "11.0.15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "E91D5928-1453-4359-9F35-46D9A3A9CD91",
"versionEndIncluding": "15.006.30121",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "504D35C5-04CB-4FBD-B9FD-4CBA71A5EC1A",
"versionEndIncluding": "15.010.20060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "A63411C3-E8AE-415D-B1B6-1EA6AA20494A",
"versionEndIncluding": "15.006.30121",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "B33BAE59-1F77-4F21-A5C0-B5D9D1D67F1E",
"versionEndIncluding": "15.010.20060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "15C60A67-A7DE-4B57-BC2B-28D9B546DA3B",
"versionEndIncluding": "11.0.15",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105."
},
{
"lang": "es",
"value": "Adobe Reader y Acrobat en versiones anteriores a 11.0.16, Acrobat y Acrobat Reader DC Classic en versiones anteriores a 15.006.30172 y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 15.016.20039 sobre Windows y OS X permiten a atacantes ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104 y CVE-2016-4105."
}
],
"id": "CVE-2016-1123",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-05-11T11:00:32.467",
"references": [
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-05-11 10:59
Modified
2025-04-12 10:46
Severity ?
Summary
Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1045, CVE-2016-1046, CVE-2016-1048, CVE-2016-1049, CVE-2016-1050, CVE-2016-1051, CVE-2016-1052, CVE-2016-1053, CVE-2016-1054, CVE-2016-1055, CVE-2016-1056, CVE-2016-1057, CVE-2016-1058, CVE-2016-1059, CVE-2016-1060, CVE-2016-1061, CVE-2016-1065, CVE-2016-1066, CVE-2016-1067, CVE-2016-1068, CVE-2016-1069, CVE-2016-1070, CVE-2016-1075, CVE-2016-1094, CVE-2016-1121, CVE-2016-1122, CVE-2016-4102, and CVE-2016-4107.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | mac_os_x | * | |
| microsoft | windows | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3A70458C-0416-49BD-A371-1CFA85DC6A13",
"versionEndIncluding": "11.0.15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "E91D5928-1453-4359-9F35-46D9A3A9CD91",
"versionEndIncluding": "15.006.30121",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "504D35C5-04CB-4FBD-B9FD-4CBA71A5EC1A",
"versionEndIncluding": "15.010.20060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "A63411C3-E8AE-415D-B1B6-1EA6AA20494A",
"versionEndIncluding": "15.006.30121",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "B33BAE59-1F77-4F21-A5C0-B5D9D1D67F1E",
"versionEndIncluding": "15.010.20060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "15C60A67-A7DE-4B57-BC2B-28D9B546DA3B",
"versionEndIncluding": "11.0.15",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1045, CVE-2016-1046, CVE-2016-1048, CVE-2016-1049, CVE-2016-1050, CVE-2016-1051, CVE-2016-1052, CVE-2016-1053, CVE-2016-1054, CVE-2016-1055, CVE-2016-1056, CVE-2016-1057, CVE-2016-1058, CVE-2016-1059, CVE-2016-1060, CVE-2016-1061, CVE-2016-1065, CVE-2016-1066, CVE-2016-1067, CVE-2016-1068, CVE-2016-1069, CVE-2016-1070, CVE-2016-1075, CVE-2016-1094, CVE-2016-1121, CVE-2016-1122, CVE-2016-4102, and CVE-2016-4107."
},
{
"lang": "es",
"value": "Vulnerabilidad de uso despu\u00e9s de liberaci\u00f3n de memoria en Adobe Reader y Acrobat en versiones anteriores a 11.0.16, Acrobat y Acrobat Reader DC Classic en versiones anteriores a 15.006.30172 y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 15.016.20039 sobre Windows y OS X permite a atacantes ejecutar c\u00f3digo arbitrario a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-1045, CVE-2016-1046, CVE-2016-1048, CVE-2016-1049, CVE-2016-1050, CVE-2016-1051, CVE-2016-1052, CVE-2016-1053, CVE-2016-1054, CVE-2016-1055, CVE-2016-1056, CVE-2016-1057, CVE-2016-1058, CVE-2016-1059, CVE-2016-1060, CVE-2016-1061, CVE-2016-1065, CVE-2016-1066, CVE-2016-1067, CVE-2016-1068, CVE-2016-1069, CVE-2016-1070, CVE-2016-1075, CVE-2016-1094, CVE-2016-1121, CVE-2016-1122, CVE-2016-4102 y CVE-2016-4107."
}
],
"evaluatorComment": "\u003ca href=\"http://cwe.mitre.org/data/definitions/416.html\"\u003eCWE-416: Use After Free\u003c/a\u003e",
"id": "CVE-2016-1047",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-05-11T10:59:12.097",
"references": [
{
"source": "psirt@adobe.com",
"url": "http://www.securityfocus.com/bid/90512"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"source": "psirt@adobe.com",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-295"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/90512"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-295"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-07-13 02:00
Modified
2025-04-12 10:46
Severity ?
Summary
Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4191, CVE-2016-4192, CVE-2016-4193, CVE-2016-4194, CVE-2016-4195, CVE-2016-4196, CVE-2016-4197, CVE-2016-4198, CVE-2016-4199, CVE-2016-4200, CVE-2016-4202, CVE-2016-4203, CVE-2016-4204, CVE-2016-4205, CVE-2016-4206, CVE-2016-4207, CVE-2016-4208, CVE-2016-4211, CVE-2016-4212, CVE-2016-4213, CVE-2016-4214, CVE-2016-4250, CVE-2016-4251, CVE-2016-4252, and CVE-2016-4254.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | mac_os_x | * | |
| microsoft | windows | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "48F7FCE4-6C44-45DA-B1F0-7808F497AA93",
"versionEndIncluding": "11.0.16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "3F3C7F23-77F4-4698-8E74-72917F2A83E9",
"versionEndIncluding": "15.006.30174",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "2E46BF91-F475-46CB-8575-13FE3A57BD55",
"versionEndIncluding": "15.016.20045",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "6D455EA4-9459-471D-8B4E-D7D78C1772F3",
"versionEndIncluding": "15.006.30174",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "79074ABD-9720-4298-A680-0B636FFC6151",
"versionEndIncluding": "15.016.20045",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CD2EDEC-3767-4713-ACD7-D463DAE2D273",
"versionEndIncluding": "11.0.16",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4191, CVE-2016-4192, CVE-2016-4193, CVE-2016-4194, CVE-2016-4195, CVE-2016-4196, CVE-2016-4197, CVE-2016-4198, CVE-2016-4199, CVE-2016-4200, CVE-2016-4202, CVE-2016-4203, CVE-2016-4204, CVE-2016-4205, CVE-2016-4206, CVE-2016-4207, CVE-2016-4208, CVE-2016-4211, CVE-2016-4212, CVE-2016-4213, CVE-2016-4214, CVE-2016-4250, CVE-2016-4251, CVE-2016-4252, and CVE-2016-4254."
},
{
"lang": "es",
"value": "Adobe Reader y Acrobat en versiones anteriores a 11.0.17, Acrobat y Acrobat Reader DC Classic en versiones anteriores a 15.006.30198 y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 15.017.20050 en Windows y OS X permiten a atacantes ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-4191, CVE-2016-4192, CVE-2016-4193, CVE-2016-4194, CVE-2016-4195, CVE-2016-4196, CVE-2016-4197, CVE-2016-4198, CVE-2016-4199, CVE-2016-4200, CVE-2016-4202, CVE-2016-4203, CVE-2016-4204, CVE-2016-4205, CVE-2016-4206, CVE-2016-4207, CVE-2016-4208, CVE-2016-4211, CVE-2016-4212, CVE-2016-4213, CVE-2016-4214, CVE-2016-4250, CVE-2016-4251, CVE-2016-4252 y CVE-2016-4254."
}
],
"id": "CVE-2016-4201",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-07-13T02:00:11.103",
"references": [
{
"source": "psirt@adobe.com",
"url": "http://www.securityfocus.com/bid/91716"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1036281"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html"
},
{
"source": "psirt@adobe.com",
"url": "https://www.exploit-db.com/exploits/40101/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/91716"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1036281"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.exploit-db.com/exploits/40101/"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-01-11 04:59
Modified
2025-04-20 01:37
Severity ?
Summary
Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable use after free vulnerability in the XFA engine, related to layout functionality. Successful exploitation could lead to arbitrary code execution.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * | |
| apple | mac_os_x | * | |
| microsoft | windows | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "591061D5-5A3B-4788-9219-E6A267C7F205",
"versionEndIncluding": "11.0.18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "2DA73DF1-D517-4D01-A901-11C6A410F3F7",
"versionEndIncluding": "15.006.30244",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "1044057B-3C1D-4920-B16E-11E8F43B416D",
"versionEndIncluding": "15.020.20042",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "65AE21B3-AF0D-480B-9D1A-4D64D2F749D2",
"versionEndIncluding": "15.006.30244",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "C032D3A4-80F5-4066-97DC-3AED72D6C15A",
"versionEndIncluding": "15.020.20042",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8D7F2E90-F6DF-41A3-A1DB-26058BEA2A02",
"versionEndIncluding": "11.0.18",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable use after free vulnerability in the XFA engine, related to layout functionality. Successful exploitation could lead to arbitrary code execution."
},
{
"lang": "es",
"value": "Las versiones de Adobe Acrobat Reader 15.020.20042 y anteriores, 15.006.30244 y anteriores, 11.0.18 y anteriores tienen una vulnerabilidad de uso despu\u00e9s de liberaci\u00f3n de memoria explotable en el motor XFA, relacionado con la funcionalidad de dise\u00f1o. Una explotaci\u00f3n satisfactoria podr\u00eda conducir a la ejecuci\u00f3n de c\u00f3digo arbitrario."
}
],
"id": "CVE-2017-2950",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-01-11T04:59:01.350",
"references": [
{
"source": "psirt@adobe.com",
"url": "http://www.securityfocus.com/bid/95343"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1037574"
},
{
"source": "psirt@adobe.com",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-17-021"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/95343"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1037574"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-17-021"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-416"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-07-13 02:00
Modified
2025-04-12 10:46
Severity ?
Summary
Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4191, CVE-2016-4192, CVE-2016-4193, CVE-2016-4194, CVE-2016-4195, CVE-2016-4196, CVE-2016-4197, CVE-2016-4198, CVE-2016-4199, CVE-2016-4200, CVE-2016-4201, CVE-2016-4202, CVE-2016-4203, CVE-2016-4204, CVE-2016-4205, CVE-2016-4206, CVE-2016-4207, CVE-2016-4208, CVE-2016-4211, CVE-2016-4213, CVE-2016-4214, CVE-2016-4250, CVE-2016-4251, CVE-2016-4252, and CVE-2016-4254.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | mac_os_x | * | |
| microsoft | windows | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "48F7FCE4-6C44-45DA-B1F0-7808F497AA93",
"versionEndIncluding": "11.0.16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "3F3C7F23-77F4-4698-8E74-72917F2A83E9",
"versionEndIncluding": "15.006.30174",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "2E46BF91-F475-46CB-8575-13FE3A57BD55",
"versionEndIncluding": "15.016.20045",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "6D455EA4-9459-471D-8B4E-D7D78C1772F3",
"versionEndIncluding": "15.006.30174",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "79074ABD-9720-4298-A680-0B636FFC6151",
"versionEndIncluding": "15.016.20045",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CD2EDEC-3767-4713-ACD7-D463DAE2D273",
"versionEndIncluding": "11.0.16",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4191, CVE-2016-4192, CVE-2016-4193, CVE-2016-4194, CVE-2016-4195, CVE-2016-4196, CVE-2016-4197, CVE-2016-4198, CVE-2016-4199, CVE-2016-4200, CVE-2016-4201, CVE-2016-4202, CVE-2016-4203, CVE-2016-4204, CVE-2016-4205, CVE-2016-4206, CVE-2016-4207, CVE-2016-4208, CVE-2016-4211, CVE-2016-4213, CVE-2016-4214, CVE-2016-4250, CVE-2016-4251, CVE-2016-4252, and CVE-2016-4254."
},
{
"lang": "es",
"value": "Adobe Reader y Acrobat en versiones anteriores a 11.0.17, Acrobat y Acrobat Reader DC Classic en versiones anteriores a 15.006.30198, y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 15.017.20050 on Windows y OS X permiten a atacantes ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-4191, CVE-2016-4192, CVE-2016-4193, CVE-2016-4194, CVE-2016-4195, CVE-2016-4196, CVE-2016-4197, CVE-2016-4198, CVE-2016-4199, CVE-2016-4200, CVE-2016-4201, CVE-2016-4202, CVE-2016-4203, CVE-2016-4204, CVE-2016-4205, CVE-2016-4206, CVE-2016-4207, CVE-2016-4208, CVE-2016-4211, CVE-2016-4213, CVE-2016-4214, CVE-2016-4250, CVE-2016-4251, CVE-2016-4252, y CVE-2016-4254."
}
],
"id": "CVE-2016-4212",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-07-13T02:00:21.197",
"references": [
{
"source": "psirt@adobe.com",
"url": "http://www.securityfocus.com/bid/91716"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1036281"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/91716"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1036281"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-01-11 04:59
Modified
2025-04-20 01:37
Severity ?
Summary
Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable memory corruption vulnerability when processing JPEG 2000 files. Successful exploitation could lead to arbitrary code execution.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * | |
| apple | mac_os_x | * | |
| microsoft | windows | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "591061D5-5A3B-4788-9219-E6A267C7F205",
"versionEndIncluding": "11.0.18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "2DA73DF1-D517-4D01-A901-11C6A410F3F7",
"versionEndIncluding": "15.006.30244",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "1044057B-3C1D-4920-B16E-11E8F43B416D",
"versionEndIncluding": "15.020.20042",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "65AE21B3-AF0D-480B-9D1A-4D64D2F749D2",
"versionEndIncluding": "15.006.30244",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "C032D3A4-80F5-4066-97DC-3AED72D6C15A",
"versionEndIncluding": "15.020.20042",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8D7F2E90-F6DF-41A3-A1DB-26058BEA2A02",
"versionEndIncluding": "11.0.18",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable memory corruption vulnerability when processing JPEG 2000 files. Successful exploitation could lead to arbitrary code execution."
},
{
"lang": "es",
"value": "Las versiones de Adobe Acrobat Reader 15.020.20042 y anteriores, 15.006.30244 y anteriores, 11.0.18 y anteriores tienen una vulnerabilidad de corrupci\u00f3n de memoria explotable cuando procesa archivos JPEG 2000. Una explotaci\u00f3n satisfactoria podr\u00eda conducir a la ejecuci\u00f3n de c\u00f3digo arbitrario."
}
],
"id": "CVE-2017-2940",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-01-11T04:59:00.787",
"references": [
{
"source": "psirt@adobe.com",
"url": "http://www.securityfocus.com/bid/95345"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1037574"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/95345"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1037574"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-08-11 19:29
Modified
2025-04-20 01:37
Severity ?
Summary
Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable use after free vulnerability in the XFA parsing engine when handling certain types of internal instructions. Successful exploitation could lead to arbitrary code execution.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| psirt@adobe.com | http://www.securityfocus.com/bid/100182 | Third Party Advisory, VDB Entry | |
| psirt@adobe.com | http://www.securitytracker.com/id/1039098 | Third Party Advisory, VDB Entry | |
| psirt@adobe.com | https://helpx.adobe.com/security/products/acrobat/apsb17-24.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/100182 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1039098 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://helpx.adobe.com/security/products/acrobat/apsb17-24.html | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * | |
| apple | mac_os_x | * | |
| microsoft | windows | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "841C1E2E-489F-452C-9512-C4976F7951ED",
"versionEndExcluding": "11.0.21",
"versionStartIncluding": "11.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "DD7E48BF-3FFF-4584-A3EF-4C3B671FF3E4",
"versionEndExcluding": "15.006.30355",
"versionStartIncluding": "15.000.0000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "AEAD8344-7386-4468-BD13-F3220B6EBA48",
"versionEndIncluding": "17.011.30066",
"versionStartIncluding": "17.000.0000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "4A939794-0D67-400D-AF40-5B09A747DA3B",
"versionEndExcluding": "17.012.20098",
"versionStartIncluding": "17.000.0000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "84C9A908-2F15-4B64-9627-32029DC93DCD",
"versionEndExcluding": "15.006.30355",
"versionStartIncluding": "15.000.0000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "28BC5560-D81A-4B5F-B38A-5BA6000E2586",
"versionEndExcluding": "17.011.30066",
"versionStartIncluding": "17.000.0000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "ADB953D4-4A78-4D43-BAD9-72BC7F3DF8D8",
"versionEndExcluding": "17.012.20098",
"versionStartIncluding": "17.000.0000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F6E71815-C6E4-465F-B484-C8C87543DEDC",
"versionEndExcluding": "11.0.21",
"versionStartIncluding": "11.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable use after free vulnerability in the XFA parsing engine when handling certain types of internal instructions. Successful exploitation could lead to arbitrary code execution."
},
{
"lang": "es",
"value": "Adobe Acrobat Reader 2017.009.20058 y anteriores, 2017.008.30051 y anteriores, 2015.006.30306 y anteriores, y 11.0.20 y anteriores tiene una vulnerabilidad de uso de memoria antes de liberaci\u00f3n (use after free) en el motor de parseo XFA cuando gestiona ciertos tipos de instrucciones internas. La explotaci\u00f3n con \u00e9xito de esta vulnerabilidad podr\u00eda permitir la ejecuci\u00f3n arbitraria de c\u00f3digo."
}
],
"id": "CVE-2017-3120",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-08-11T19:29:02.790",
"references": [
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/100182"
},
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039098"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/100182"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039098"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-416"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-10-13 19:59
Modified
2025-04-12 10:46
Severity ?
Summary
Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | mac_os_x | * | |
| microsoft | windows | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CE518B7B-656F-42F8-BF38-F74B8D9CF5DE",
"versionEndIncluding": "11.0.17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "56758CE4-B394-41C2-9EF9-A00022DA7257",
"versionEndIncluding": "15.006.30201",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "B3F34EB4-2203-4BA8-9729-C1EB2DEEC334",
"versionEndIncluding": "15.017.20053",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "08EAC1A2-56CE-4375-822A-9B8C43758654",
"versionEndIncluding": "15.006.30201",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "747D8222-B077-49A3-83EB-A210CAF0D094",
"versionEndIncluding": "15.017.20053",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0A07526D-9AD0-4778-B9DC-57815F9F450F",
"versionEndIncluding": "11.0.17",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019."
},
{
"lang": "es",
"value": "Adobe Reader y Acrobat en versiones anteriores a 11.0.18, Acrobat y Acrobat Reader DC Classic en versiones anteriores a 15.006.30243, y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 15.020.20039 en Windows y OS X permiten a atacantes ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018 y CVE-2016-7019."
}
],
"id": "CVE-2016-6978",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-10-13T19:59:50.820",
"references": [
{
"source": "psirt@adobe.com",
"url": "http://www.securityfocus.com/bid/93496"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/93496"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-08-11 19:29
Modified
2025-04-20 01:37
Severity ?
Summary
Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conversion engine when processing Enhanced Metafile Format (EMF) private data interpreted as JPEG data. Successful exploitation could lead to arbitrary code execution.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| psirt@adobe.com | http://www.securityfocus.com/bid/100179 | Third Party Advisory, VDB Entry | |
| psirt@adobe.com | http://www.securitytracker.com/id/1039098 | Third Party Advisory, VDB Entry | |
| psirt@adobe.com | https://helpx.adobe.com/security/products/acrobat/apsb17-24.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/100179 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1039098 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://helpx.adobe.com/security/products/acrobat/apsb17-24.html | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| adobe | acrobat | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * | |
| apple | mac_os_x | * | |
| microsoft | windows | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A30D9514-FE2E-4A9C-9500-16890F53E970",
"versionEndIncluding": "11.0.20",
"versionStartIncluding": "11.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7C9B6745-48B3-47D5-B624-3321E9058FB6",
"versionEndIncluding": "17.011.30066",
"versionStartIncluding": "17.011.00000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "99D08096-DEEA-4409-835A-68479002FF0F",
"versionEndIncluding": "15.006.30306",
"versionStartIncluding": "15.006.30060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "C7A7FA12-9250-4E26-87AE-D5413A1B7D83",
"versionEndIncluding": "17.009.20058",
"versionStartIncluding": "15.007.20033",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "11A0E83A-9D77-4A0B-90DE-386D21D54146",
"versionEndIncluding": "17.011.30066",
"versionStartIncluding": "17.011.00000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "0E4BAFB4-C5F3-4033-9876-AC3CF37206F8",
"versionEndIncluding": "15.006.30306",
"versionStartIncluding": "15.006.30060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "7C578153-11EF-4F8D-9137-4F7AB8024D7E",
"versionEndIncluding": "17.009.20058",
"versionStartIncluding": "15.007.20033",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1F87CC97-6ED7-4AF1-B7B7-F89EA09A68DB",
"versionEndIncluding": "11.0.20",
"versionStartIncluding": "11.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conversion engine when processing Enhanced Metafile Format (EMF) private data interpreted as JPEG data. Successful exploitation could lead to arbitrary code execution."
},
{
"lang": "es",
"value": "Adobe Acrobat Reader 2017.009.20058 y anteriores, 2017.008.30051 y anteriores, 2015.006.30306 y anteriores, y 11.0.20 y anteriores tiene una vulnerabilidad de corrupci\u00f3n de memoria en el motor de conversi\u00f3n de imagen cuando procesa datos privados Enhanced Metafile Format (EMF) interpretados como datos JPEG. La explotaci\u00f3n con \u00e9xito de esta vulnerabilidad podr\u00eda permitir la ejecuci\u00f3n arbitraria de c\u00f3digo."
}
],
"id": "CVE-2017-11267",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-08-11T19:29:01.773",
"references": [
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/100179"
},
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039098"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/100179"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039098"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-07-13 02:00
Modified
2025-04-12 10:46
Severity ?
Summary
Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4192, CVE-2016-4193, CVE-2016-4194, CVE-2016-4195, CVE-2016-4196, CVE-2016-4197, CVE-2016-4198, CVE-2016-4199, CVE-2016-4200, CVE-2016-4201, CVE-2016-4202, CVE-2016-4203, CVE-2016-4204, CVE-2016-4205, CVE-2016-4206, CVE-2016-4207, CVE-2016-4208, CVE-2016-4211, CVE-2016-4212, CVE-2016-4213, CVE-2016-4214, CVE-2016-4250, CVE-2016-4251, CVE-2016-4252, and CVE-2016-4254.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | mac_os_x | * | |
| microsoft | windows | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "48F7FCE4-6C44-45DA-B1F0-7808F497AA93",
"versionEndIncluding": "11.0.16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "3F3C7F23-77F4-4698-8E74-72917F2A83E9",
"versionEndIncluding": "15.006.30174",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "2E46BF91-F475-46CB-8575-13FE3A57BD55",
"versionEndIncluding": "15.016.20045",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "6D455EA4-9459-471D-8B4E-D7D78C1772F3",
"versionEndIncluding": "15.006.30174",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "79074ABD-9720-4298-A680-0B636FFC6151",
"versionEndIncluding": "15.016.20045",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CD2EDEC-3767-4713-ACD7-D463DAE2D273",
"versionEndIncluding": "11.0.16",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4192, CVE-2016-4193, CVE-2016-4194, CVE-2016-4195, CVE-2016-4196, CVE-2016-4197, CVE-2016-4198, CVE-2016-4199, CVE-2016-4200, CVE-2016-4201, CVE-2016-4202, CVE-2016-4203, CVE-2016-4204, CVE-2016-4205, CVE-2016-4206, CVE-2016-4207, CVE-2016-4208, CVE-2016-4211, CVE-2016-4212, CVE-2016-4213, CVE-2016-4214, CVE-2016-4250, CVE-2016-4251, CVE-2016-4252, and CVE-2016-4254."
},
{
"lang": "es",
"value": "Adobe Reader y Acrobat en versiones anteriores a 11.0.17, Acrobat y Acrobat Reader DC Classic en versiones anteriores a 15.006.30198 y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 15.017.20050 en Windows y OS X permiten a atacantes ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-4192, CVE-2016-4193, CVE-2016-4194, CVE-2016-4195, CVE-2016-4196, CVE-2016-4197, CVE-2016-4198, CVE-2016-4199, CVE-2016-4200, CVE-2016-4201, CVE-2016-4202, CVE-2016-4203, CVE-2016-4204, CVE-2016-4205, CVE-2016-4206, CVE-2016-4207, CVE-2016-4208, CVE-2016-4211, CVE-2016-4212, CVE-2016-4213, CVE-2016-4214, CVE-2016-4250, CVE-2016-4251, CVE-2016-4252 y CVE-2016-4254."
}
],
"id": "CVE-2016-4191",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-07-13T02:00:00.897",
"references": [
{
"source": "psirt@adobe.com",
"url": "http://www.securityfocus.com/bid/91716"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1036281"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/91716"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1036281"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-10-13 19:59
Modified
2025-04-12 10:46
Severity ?
Summary
Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | mac_os_x | * | |
| microsoft | windows | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CE518B7B-656F-42F8-BF38-F74B8D9CF5DE",
"versionEndIncluding": "11.0.17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "56758CE4-B394-41C2-9EF9-A00022DA7257",
"versionEndIncluding": "15.006.30201",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "B3F34EB4-2203-4BA8-9729-C1EB2DEEC334",
"versionEndIncluding": "15.017.20053",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "08EAC1A2-56CE-4375-822A-9B8C43758654",
"versionEndIncluding": "15.006.30201",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "747D8222-B077-49A3-83EB-A210CAF0D094",
"versionEndIncluding": "15.017.20053",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0A07526D-9AD0-4778-B9DC-57815F9F450F",
"versionEndIncluding": "11.0.17",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019."
},
{
"lang": "es",
"value": "Adobe Reader y Acrobat en versiones anteriores a 11.0.18, Acrobat y Acrobat Reader DC Classic en versiones anteriores a 15.006.30243 y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 15.020.20039 en Windows y OS X permiten a atacantes ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018 y CVE-2016-7019."
}
],
"id": "CVE-2016-6970",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-10-13T19:59:42.183",
"references": [
{
"source": "psirt@adobe.com",
"url": "http://www.securityfocus.com/bid/93496"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/93496"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-08-11 19:29
Modified
2025-04-20 01:37
Severity ?
Summary
Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the JPEG 2000 engine. Successful exploitation could lead to arbitrary code execution.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| psirt@adobe.com | http://www.securityfocus.com/bid/100184 | Third Party Advisory, VDB Entry | |
| psirt@adobe.com | http://www.securitytracker.com/id/1039098 | Third Party Advisory, VDB Entry | |
| psirt@adobe.com | https://helpx.adobe.com/security/products/acrobat/apsb17-24.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/100184 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1039098 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://helpx.adobe.com/security/products/acrobat/apsb17-24.html | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| adobe | acrobat | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * | |
| apple | mac_os_x | * | |
| microsoft | windows | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A30D9514-FE2E-4A9C-9500-16890F53E970",
"versionEndIncluding": "11.0.20",
"versionStartIncluding": "11.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7C9B6745-48B3-47D5-B624-3321E9058FB6",
"versionEndIncluding": "17.011.30066",
"versionStartIncluding": "17.011.00000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "99D08096-DEEA-4409-835A-68479002FF0F",
"versionEndIncluding": "15.006.30306",
"versionStartIncluding": "15.006.30060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "C7A7FA12-9250-4E26-87AE-D5413A1B7D83",
"versionEndIncluding": "17.009.20058",
"versionStartIncluding": "15.007.20033",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "11A0E83A-9D77-4A0B-90DE-386D21D54146",
"versionEndIncluding": "17.011.30066",
"versionStartIncluding": "17.011.00000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "0E4BAFB4-C5F3-4033-9876-AC3CF37206F8",
"versionEndIncluding": "15.006.30306",
"versionStartIncluding": "15.006.30060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "7C578153-11EF-4F8D-9137-4F7AB8024D7E",
"versionEndIncluding": "17.009.20058",
"versionStartIncluding": "15.007.20033",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1F87CC97-6ED7-4AF1-B7B7-F89EA09A68DB",
"versionEndIncluding": "11.0.20",
"versionStartIncluding": "11.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the JPEG 2000 engine. Successful exploitation could lead to arbitrary code execution."
},
{
"lang": "es",
"value": "Adobe Acrobat Reader 2017.009.20058 y anteriores, 2017.008.30051 y anteriores, 2015.006.30306 y anteriores, y 11.0.20 y anteriores tiene una vulnerabilidad de corrupci\u00f3n de memoria en el motor JPEG 2000. La explotaci\u00f3n con \u00e9xito de esta vulnerabilidad podr\u00eda permitir la ejecuci\u00f3n arbitraria de c\u00f3digo."
}
],
"id": "CVE-2017-11230",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-08-11T19:29:00.790",
"references": [
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/100184"
},
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039098"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/100184"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039098"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-10-13 20:00
Modified
2025-04-12 10:46
Severity ?
Summary
Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1089, CVE-2016-1091, CVE-2016-6944, CVE-2016-6945, CVE-2016-6946, CVE-2016-6949, CVE-2016-6952, CVE-2016-6953, CVE-2016-6961, CVE-2016-6962, CVE-2016-6963, CVE-2016-6964, CVE-2016-6965, CVE-2016-6967, CVE-2016-6968, CVE-2016-6969, CVE-2016-6971, CVE-2016-6979, and CVE-2016-6988.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | mac_os_x | * | |
| microsoft | windows | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CE518B7B-656F-42F8-BF38-F74B8D9CF5DE",
"versionEndIncluding": "11.0.17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "56758CE4-B394-41C2-9EF9-A00022DA7257",
"versionEndIncluding": "15.006.30201",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "B3F34EB4-2203-4BA8-9729-C1EB2DEEC334",
"versionEndIncluding": "15.017.20053",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "08EAC1A2-56CE-4375-822A-9B8C43758654",
"versionEndIncluding": "15.006.30201",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "747D8222-B077-49A3-83EB-A210CAF0D094",
"versionEndIncluding": "15.017.20053",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0A07526D-9AD0-4778-B9DC-57815F9F450F",
"versionEndIncluding": "11.0.17",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1089, CVE-2016-1091, CVE-2016-6944, CVE-2016-6945, CVE-2016-6946, CVE-2016-6949, CVE-2016-6952, CVE-2016-6953, CVE-2016-6961, CVE-2016-6962, CVE-2016-6963, CVE-2016-6964, CVE-2016-6965, CVE-2016-6967, CVE-2016-6968, CVE-2016-6969, CVE-2016-6971, CVE-2016-6979, and CVE-2016-6988."
},
{
"lang": "es",
"value": "Vulnerabilidad de uso despu\u00e9s de liberaci\u00f3n de memoria en Adobe Reader y Acrobat en versiones anteriores a 11.0.18, Acrobat y Acrobat Reader DC Classic en versiones anteriores a 15.006.30243 y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 15.020.20039 en Windows y OS X permite a atacantes ejecutar c\u00f3digo arbitrario a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-1089, CVE-2016-1091, CVE-2016-6944, CVE-2016-6945, CVE-2016-6946, CVE-2016-6949, CVE-2016-6952, CVE-2016-6953, CVE-2016-6961, CVE-2016-6962, CVE-2016-6963, CVE-2016-6964, CVE-2016-6965, CVE-2016-6967, CVE-2016-6968, CVE-2016-6969, CVE-2016-6971, CVE-2016-6979 y CVE-2016-6988."
}
],
"id": "CVE-2016-6993",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-10-13T20:00:11.700",
"references": [
{
"source": "psirt@adobe.com",
"url": "http://www.securityfocus.com/bid/93491"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/93491"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-416"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-01-11 04:59
Modified
2025-04-20 01:37
Severity ?
Summary
Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable memory corruption vulnerability in the image conversion module when handling malformed TIFF images. Successful exploitation could lead to arbitrary code execution.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * | |
| apple | mac_os_x | * | |
| microsoft | windows | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "591061D5-5A3B-4788-9219-E6A267C7F205",
"versionEndIncluding": "11.0.18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "2DA73DF1-D517-4D01-A901-11C6A410F3F7",
"versionEndIncluding": "15.006.30244",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "1044057B-3C1D-4920-B16E-11E8F43B416D",
"versionEndIncluding": "15.020.20042",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "65AE21B3-AF0D-480B-9D1A-4D64D2F749D2",
"versionEndIncluding": "15.006.30244",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "C032D3A4-80F5-4066-97DC-3AED72D6C15A",
"versionEndIncluding": "15.020.20042",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8D7F2E90-F6DF-41A3-A1DB-26058BEA2A02",
"versionEndIncluding": "11.0.18",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable memory corruption vulnerability in the image conversion module when handling malformed TIFF images. Successful exploitation could lead to arbitrary code execution."
},
{
"lang": "es",
"value": "Las versiones de Adobe Acrobat Reader 15.020.20042 y anteriores, 15.006.30244 y anteriores, 11.0.18 y anteriores tienen una vulnerabilidad de corrupci\u00f3n de memoria explotable en el m\u00f3dulo de conversi\u00f3n de imagen cuando manejan im\u00e1genes TIFF mal formadas. Una explotaci\u00f3n satisfactoria podr\u00eda conducir a la ejecuci\u00f3n de c\u00f3digo arbitrario."
}
],
"id": "CVE-2017-2954",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-01-11T04:59:01.570",
"references": [
{
"source": "psirt@adobe.com",
"url": "http://www.securityfocus.com/bid/95345"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1037574"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/95345"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1037574"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-04-12 14:59
Modified
2025-04-20 01:37
Severity ?
Summary
Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability in image conversion related to processing of the PCX (picture exchange) file format. Successful exploitation could lead to arbitrary code execution.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| psirt@adobe.com | http://www.securityfocus.com/bid/97556 | Third Party Advisory, VDB Entry | |
| psirt@adobe.com | http://www.securitytracker.com/id/1038228 | ||
| psirt@adobe.com | https://helpx.adobe.com/security/products/acrobat/apsb17-11.html | Vendor Advisory | |
| nvd@nist.gov | http://www.zerodayinitiative.com/advisories/ZDI-17-262/ | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/97556 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1038228 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://helpx.adobe.com/security/products/acrobat/apsb17-11.html | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * | |
| apple | mac_os_x | * | |
| microsoft | windows | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "920C2C98-5D86-4436-BEFF-54D9A41D43C8",
"versionEndIncluding": "11.0.19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "E065F497-3396-4F95-B19F-35628C8AA570",
"versionEndIncluding": "15.006.30280",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "FAC7EE17-469A-45D6-94B1-7C84E8727A06",
"versionEndIncluding": "15.023.20070",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "EF2B91EA-41D3-4054-958C-5F174D2ADDF0",
"versionEndIncluding": "15.006.30280",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "2E18E48C-BDDD-4A01-91F1-C233D53C0978",
"versionEndIncluding": "15.023.20070",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E65E415E-1C3C-472E-9750-3295B65CC6F0",
"versionEndIncluding": "11.0.19",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability in image conversion related to processing of the PCX (picture exchange) file format. Successful exploitation could lead to arbitrary code execution."
},
{
"lang": "es",
"value": "Las versiones de Adobe Acrobat Reader 11.0.19 y anteriores, 15.006.30280 y anteriores, 15.023.20070 y anteriores tienen una vulnerabilidad de corrupci\u00f3n de memoria explotable en la conversi\u00f3n de im\u00e1genes relacionada con el procesamiento del formato de archivo PCX (intercambio de im\u00e1genes). Una explotaci\u00f3n exitosa podr\u00eda conducir a la ejecuci\u00f3n arbitraria de c\u00f3digo."
}
],
"id": "CVE-2017-3036",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-04-12T14:59:02.390",
"references": [
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/97556"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1038228"
},
{
"source": "psirt@adobe.com",
"tags": [
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
},
{
"source": "nvd@nist.gov",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-17-262/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/97556"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1038228"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-10-13 20:00
Modified
2025-04-12 10:46
Severity ?
Summary
Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | mac_os_x | * | |
| microsoft | windows | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CE518B7B-656F-42F8-BF38-F74B8D9CF5DE",
"versionEndIncluding": "11.0.17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "56758CE4-B394-41C2-9EF9-A00022DA7257",
"versionEndIncluding": "15.006.30201",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "B3F34EB4-2203-4BA8-9729-C1EB2DEEC334",
"versionEndIncluding": "15.017.20053",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "08EAC1A2-56CE-4375-822A-9B8C43758654",
"versionEndIncluding": "15.006.30201",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "747D8222-B077-49A3-83EB-A210CAF0D094",
"versionEndIncluding": "15.017.20053",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0A07526D-9AD0-4778-B9DC-57815F9F450F",
"versionEndIncluding": "11.0.17",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019."
},
{
"lang": "es",
"value": "Adobe Reader y Acrobat en versiones anteriores a 11.0.18, Acrobat y Acrobat Reader DC Classic en versiones anteriores a 15.006.30243 y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 15.020.20039 en Windows y OS X permiten a atacantes ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018 y CVE-2016-7019."
}
],
"id": "CVE-2016-7001",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-10-13T20:00:32.317",
"references": [
{
"source": "psirt@adobe.com",
"url": "http://www.securityfocus.com/bid/93496"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/93496"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-05-11 10:59
Modified
2025-04-12 10:46
Severity ?
Summary
Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1045, CVE-2016-1046, CVE-2016-1047, CVE-2016-1048, CVE-2016-1049, CVE-2016-1050, CVE-2016-1051, CVE-2016-1052, CVE-2016-1053, CVE-2016-1054, CVE-2016-1055, CVE-2016-1056, CVE-2016-1057, CVE-2016-1059, CVE-2016-1060, CVE-2016-1061, CVE-2016-1065, CVE-2016-1066, CVE-2016-1067, CVE-2016-1068, CVE-2016-1069, CVE-2016-1070, CVE-2016-1075, CVE-2016-1094, CVE-2016-1121, CVE-2016-1122, CVE-2016-4102, and CVE-2016-4107.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | mac_os_x | * | |
| microsoft | windows | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3A70458C-0416-49BD-A371-1CFA85DC6A13",
"versionEndIncluding": "11.0.15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "E91D5928-1453-4359-9F35-46D9A3A9CD91",
"versionEndIncluding": "15.006.30121",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "504D35C5-04CB-4FBD-B9FD-4CBA71A5EC1A",
"versionEndIncluding": "15.010.20060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "A63411C3-E8AE-415D-B1B6-1EA6AA20494A",
"versionEndIncluding": "15.006.30121",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "B33BAE59-1F77-4F21-A5C0-B5D9D1D67F1E",
"versionEndIncluding": "15.010.20060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "15C60A67-A7DE-4B57-BC2B-28D9B546DA3B",
"versionEndIncluding": "11.0.15",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1045, CVE-2016-1046, CVE-2016-1047, CVE-2016-1048, CVE-2016-1049, CVE-2016-1050, CVE-2016-1051, CVE-2016-1052, CVE-2016-1053, CVE-2016-1054, CVE-2016-1055, CVE-2016-1056, CVE-2016-1057, CVE-2016-1059, CVE-2016-1060, CVE-2016-1061, CVE-2016-1065, CVE-2016-1066, CVE-2016-1067, CVE-2016-1068, CVE-2016-1069, CVE-2016-1070, CVE-2016-1075, CVE-2016-1094, CVE-2016-1121, CVE-2016-1122, CVE-2016-4102, and CVE-2016-4107."
},
{
"lang": "es",
"value": "Vulnerabilidad de uso despu\u00e9s de liberaci\u00f3n de memoria en Adobe Reader y Acrobat en versiones anteriores a 11.0.16, Acrobat y Acrobat Reader DC Classic en versiones anteriores a 15.006.30172 y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 15.016.20039 sobre Windows y OS X permite a atacantes ejecutar c\u00f3digo arbitrario a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-1045, CVE-2016-1046, CVE-2016-1047, CVE-2016-1048, CVE-2016-1049, CVE-2016-1050, CVE-2016-1051, CVE-2016-1052, CVE-2016-1053, CVE-2016-1054, CVE-2016-1055, CVE-2016-1056, CVE-2016-1057, CVE-2016-1059, CVE-2016-1060, CVE-2016-1061, CVE-2016-1065, CVE-2016-1066, CVE-2016-1067, CVE-2016-1068, CVE-2016-1069, CVE-2016-1070, CVE-2016-1075, CVE-2016-1094, CVE-2016-1121, CVE-2016-1122, CVE-2016-4102 y CVE-2016-4107."
}
],
"evaluatorComment": "\u003ca href=\"http://cwe.mitre.org/data/definitions/416.html\"\u003eCWE-416: Use After Free\u003c/a\u003e",
"id": "CVE-2016-1058",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-05-11T10:59:24.550",
"references": [
{
"source": "psirt@adobe.com",
"url": "http://www.securityfocus.com/bid/90512"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"source": "psirt@adobe.com",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-306"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/90512"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-306"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-05-11 11:00
Modified
2025-04-12 10:46
Severity ?
Summary
Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4104, and CVE-2016-4105.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| psirt@adobe.com | http://www.securitytracker.com/id/1035828 | Third Party Advisory, VDB Entry | |
| psirt@adobe.com | https://helpx.adobe.com/security/products/acrobat/apsb16-14.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1035828 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://helpx.adobe.com/security/products/acrobat/apsb16-14.html | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | mac_os_x | * | |
| microsoft | windows | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3A70458C-0416-49BD-A371-1CFA85DC6A13",
"versionEndIncluding": "11.0.15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "E91D5928-1453-4359-9F35-46D9A3A9CD91",
"versionEndIncluding": "15.006.30121",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "504D35C5-04CB-4FBD-B9FD-4CBA71A5EC1A",
"versionEndIncluding": "15.010.20060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "A63411C3-E8AE-415D-B1B6-1EA6AA20494A",
"versionEndIncluding": "15.006.30121",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "B33BAE59-1F77-4F21-A5C0-B5D9D1D67F1E",
"versionEndIncluding": "15.010.20060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "15C60A67-A7DE-4B57-BC2B-28D9B546DA3B",
"versionEndIncluding": "11.0.15",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4104, and CVE-2016-4105."
},
{
"lang": "es",
"value": "Adobe Reader y Acrobat en versiones anteriores a 11.0.16, Acrobat y Acrobat Reader DC Classic en versiones anteriores a 15.006.30172 y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 15.016.20039 sobre Windows y OS X permiten a atacantes ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4104 y CVE-2016-4105."
}
],
"id": "CVE-2016-4103",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-05-11T11:00:55.543",
"references": [
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1035828"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1035828"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-05-11 11:00
Modified
2025-04-12 10:46
Severity ?
Summary
Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, and CVE-2016-4105.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| psirt@adobe.com | http://www.securitytracker.com/id/1035828 | Third Party Advisory, VDB Entry | |
| psirt@adobe.com | https://helpx.adobe.com/security/products/acrobat/apsb16-14.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1035828 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://helpx.adobe.com/security/products/acrobat/apsb16-14.html | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | mac_os_x | * | |
| microsoft | windows | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3A70458C-0416-49BD-A371-1CFA85DC6A13",
"versionEndIncluding": "11.0.15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "E91D5928-1453-4359-9F35-46D9A3A9CD91",
"versionEndIncluding": "15.006.30121",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "504D35C5-04CB-4FBD-B9FD-4CBA71A5EC1A",
"versionEndIncluding": "15.010.20060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "A63411C3-E8AE-415D-B1B6-1EA6AA20494A",
"versionEndIncluding": "15.006.30121",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "B33BAE59-1F77-4F21-A5C0-B5D9D1D67F1E",
"versionEndIncluding": "15.010.20060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "15C60A67-A7DE-4B57-BC2B-28D9B546DA3B",
"versionEndIncluding": "11.0.15",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, and CVE-2016-4105."
},
{
"lang": "es",
"value": "Adobe Reader y Acrobat en versiones anteriores a 11.0.16, Acrobat y Acrobat Reader DC Classic en versiones anteriores a 15.006.30172 y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 15.016.20039 sobre Windows y OS X permiten a atacantes ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103 y CVE-2016-4105."
}
],
"id": "CVE-2016-4104",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-05-11T11:00:57.027",
"references": [
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1035828"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1035828"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-10-13 20:00
Modified
2025-04-12 10:46
Severity ?
Summary
Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | mac_os_x | * | |
| microsoft | windows | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CE518B7B-656F-42F8-BF38-F74B8D9CF5DE",
"versionEndIncluding": "11.0.17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "56758CE4-B394-41C2-9EF9-A00022DA7257",
"versionEndIncluding": "15.006.30201",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "B3F34EB4-2203-4BA8-9729-C1EB2DEEC334",
"versionEndIncluding": "15.017.20053",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "08EAC1A2-56CE-4375-822A-9B8C43758654",
"versionEndIncluding": "15.006.30201",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "747D8222-B077-49A3-83EB-A210CAF0D094",
"versionEndIncluding": "15.017.20053",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0A07526D-9AD0-4778-B9DC-57815F9F450F",
"versionEndIncluding": "11.0.17",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019."
},
{
"lang": "es",
"value": "Adobe Reader y Acrobat en versiones anteriores a 11.0.18, Acrobat y Acrobat Reader DC Classic en versiones anteriores a 15.006.30243 y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 15.020.20039 en Windows y OS X permiten a atacantes ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018 y CVE-2016-7019."
}
],
"id": "CVE-2016-7005",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-10-13T20:00:40.473",
"references": [
{
"source": "psirt@adobe.com",
"url": "http://www.securityfocus.com/bid/93496"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/93496"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-01-11 04:59
Modified
2025-04-20 01:37
Severity ?
Summary
Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable buffer overflow / underflow vulnerability in the XFA engine. Successful exploitation could lead to arbitrary code execution.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * | |
| apple | mac_os_x | * | |
| microsoft | windows | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "591061D5-5A3B-4788-9219-E6A267C7F205",
"versionEndIncluding": "11.0.18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "2DA73DF1-D517-4D01-A901-11C6A410F3F7",
"versionEndIncluding": "15.006.30244",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "1044057B-3C1D-4920-B16E-11E8F43B416D",
"versionEndIncluding": "15.020.20042",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "65AE21B3-AF0D-480B-9D1A-4D64D2F749D2",
"versionEndIncluding": "15.006.30244",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "C032D3A4-80F5-4066-97DC-3AED72D6C15A",
"versionEndIncluding": "15.020.20042",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8D7F2E90-F6DF-41A3-A1DB-26058BEA2A02",
"versionEndIncluding": "11.0.18",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable buffer overflow / underflow vulnerability in the XFA engine. Successful exploitation could lead to arbitrary code execution."
},
{
"lang": "es",
"value": "Las versiones de Adobe Acrobat Reader 15.020.20042 y anteriores, 15.006.30244 y anteriores, 11.0.18 y anteriores tienen una vulnerabilidad de desbordamiento/desbordamiento inferior de b\u00fafer explotable en el motor XFA. Una explotaci\u00f3n satisfactoria podr\u00eda conducir a la ejecuci\u00f3n de c\u00f3digo arbitrario."
}
],
"id": "CVE-2017-2948",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-01-11T04:59:01.227",
"references": [
{
"source": "psirt@adobe.com",
"url": "http://www.securityfocus.com/bid/95346"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1037574"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/95346"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1037574"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-05-11 11:00
Modified
2025-04-12 10:46
Severity ?
Summary
Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to obtain sensitive information from process memory via unspecified vectors, a different vulnerability than CVE-2016-1079.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | mac_os_x | * | |
| microsoft | windows | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3A70458C-0416-49BD-A371-1CFA85DC6A13",
"versionEndIncluding": "11.0.15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "E91D5928-1453-4359-9F35-46D9A3A9CD91",
"versionEndIncluding": "15.006.30121",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "504D35C5-04CB-4FBD-B9FD-4CBA71A5EC1A",
"versionEndIncluding": "15.010.20060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "A63411C3-E8AE-415D-B1B6-1EA6AA20494A",
"versionEndIncluding": "15.006.30121",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "B33BAE59-1F77-4F21-A5C0-B5D9D1D67F1E",
"versionEndIncluding": "15.010.20060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "15C60A67-A7DE-4B57-BC2B-28D9B546DA3B",
"versionEndIncluding": "11.0.15",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to obtain sensitive information from process memory via unspecified vectors, a different vulnerability than CVE-2016-1079."
},
{
"lang": "es",
"value": "Adobe Reader y Acrobat en versiones anteriores a 11.0.16, Acrobat y Acrobat Reader DC Classic en versiones anteriores a 15.006.30172 y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 15.016.20039 sobre Windows y OS X permiten a atacantes obtener informaci\u00f3n sensible de la memoria de proceso a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-1079."
}
],
"id": "CVE-2016-1092",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-05-11T11:00:02.063",
"references": [
{
"source": "psirt@adobe.com",
"url": "http://www.securityfocus.com/bid/90511"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/90511"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-10-13 20:00
Modified
2025-04-12 10:46
Severity ?
Summary
Heap-based buffer overflow in Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-6939.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | mac_os_x | * | |
| microsoft | windows | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CE518B7B-656F-42F8-BF38-F74B8D9CF5DE",
"versionEndIncluding": "11.0.17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "56758CE4-B394-41C2-9EF9-A00022DA7257",
"versionEndIncluding": "15.006.30201",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "B3F34EB4-2203-4BA8-9729-C1EB2DEEC334",
"versionEndIncluding": "15.017.20053",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "08EAC1A2-56CE-4375-822A-9B8C43758654",
"versionEndIncluding": "15.006.30201",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "747D8222-B077-49A3-83EB-A210CAF0D094",
"versionEndIncluding": "15.017.20053",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0A07526D-9AD0-4778-B9DC-57815F9F450F",
"versionEndIncluding": "11.0.17",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-6939."
},
{
"lang": "es",
"value": "Desbordamiento de buf\u00e9r basado en memoria din\u00e1mica en Adobe Reader y Acrobat en versiones anteriores a 11.0.18, Acrobat y Acrobat Reader DC Classic en versiones anteriores a 15.006.30243 y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 15.020.20039 en Windows y OS X permite a atacantes ejecutar c\u00f3digo arbitrario a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-6939."
}
],
"id": "CVE-2016-6994",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-10-13T20:00:14.730",
"references": [
{
"source": "psirt@adobe.com",
"url": "http://www.securityfocus.com/bid/93487"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/93487"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-05-11 11:00
Modified
2025-04-12 10:46
Severity ?
Summary
Heap-based buffer overflow in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4092.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| psirt@adobe.com | http://www.securityfocus.com/bid/90508 | Third Party Advisory, VDB Entry | |
| psirt@adobe.com | http://www.securitytracker.com/id/1035828 | Third Party Advisory, VDB Entry | |
| psirt@adobe.com | https://helpx.adobe.com/security/products/acrobat/apsb16-14.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/90508 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1035828 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://helpx.adobe.com/security/products/acrobat/apsb16-14.html | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | mac_os_x | * | |
| microsoft | windows | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3A70458C-0416-49BD-A371-1CFA85DC6A13",
"versionEndIncluding": "11.0.15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "E91D5928-1453-4359-9F35-46D9A3A9CD91",
"versionEndIncluding": "15.006.30121",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "504D35C5-04CB-4FBD-B9FD-4CBA71A5EC1A",
"versionEndIncluding": "15.010.20060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "A63411C3-E8AE-415D-B1B6-1EA6AA20494A",
"versionEndIncluding": "15.006.30121",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "B33BAE59-1F77-4F21-A5C0-B5D9D1D67F1E",
"versionEndIncluding": "15.010.20060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "15C60A67-A7DE-4B57-BC2B-28D9B546DA3B",
"versionEndIncluding": "11.0.15",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4092."
},
{
"lang": "es",
"value": "Desbordamiento de buffer basado en memoria din\u00e1mica en Adobe Reader y Acrobat en versiones anteriores a 11.0.16, Acrobat y Acrobat Reader DC Classic en versiones anteriores a 15.006.30172 y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 15.016.20039 sobre Windows y OS X permite a atacantes ejecutar c\u00f3digo arbitrario a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-4092."
}
],
"id": "CVE-2016-4091",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-05-11T11:00:42.997",
"references": [
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/90508"
},
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1035828"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/90508"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1035828"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-04-12 14:59
Modified
2025-04-20 01:37
Severity ?
Summary
Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability in the JPEG 2000 engine, related to image scaling. Successful exploitation could lead to arbitrary code execution.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| psirt@adobe.com | http://www.securityfocus.com/bid/97556 | Third Party Advisory, VDB Entry | |
| psirt@adobe.com | http://www.securitytracker.com/id/1038228 | ||
| psirt@adobe.com | https://helpx.adobe.com/security/products/acrobat/apsb17-11.html | Vendor Advisory | |
| nvd@nist.gov | http://www.zerodayinitiative.com/advisories/ZDI-17-267/ | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/97556 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1038228 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://helpx.adobe.com/security/products/acrobat/apsb17-11.html | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * | |
| apple | mac_os_x | * | |
| microsoft | windows | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "920C2C98-5D86-4436-BEFF-54D9A41D43C8",
"versionEndIncluding": "11.0.19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "E065F497-3396-4F95-B19F-35628C8AA570",
"versionEndIncluding": "15.006.30280",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "FAC7EE17-469A-45D6-94B1-7C84E8727A06",
"versionEndIncluding": "15.023.20070",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "EF2B91EA-41D3-4054-958C-5F174D2ADDF0",
"versionEndIncluding": "15.006.30280",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "2E18E48C-BDDD-4A01-91F1-C233D53C0978",
"versionEndIncluding": "15.023.20070",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E65E415E-1C3C-472E-9750-3295B65CC6F0",
"versionEndIncluding": "11.0.19",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability in the JPEG 2000 engine, related to image scaling. Successful exploitation could lead to arbitrary code execution."
},
{
"lang": "es",
"value": "Las versiones de Adobe Acrobat Reader 11.0.19 y anteriores, 15.006.30280 y anteriores, 15.023.20070 y anteriores tienen una vulnerabilidad de corrupci\u00f3n de memoria explotable en el motor JPEG 2000, relacionada con la ampliaci\u00f3n de la imagen. Una explotaci\u00f3n exitosa podr\u00eda conducir a la ejecuci\u00f3n arbitraria de c\u00f3digo."
}
],
"id": "CVE-2017-3044",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-04-12T14:59:02.623",
"references": [
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/97556"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1038228"
},
{
"source": "psirt@adobe.com",
"tags": [
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
},
{
"source": "nvd@nist.gov",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-17-267/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/97556"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1038228"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-10-13 19:59
Modified
2025-04-12 10:46
Severity ?
Summary
Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | mac_os_x | * | |
| microsoft | windows | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CE518B7B-656F-42F8-BF38-F74B8D9CF5DE",
"versionEndIncluding": "11.0.17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "56758CE4-B394-41C2-9EF9-A00022DA7257",
"versionEndIncluding": "15.006.30201",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "B3F34EB4-2203-4BA8-9729-C1EB2DEEC334",
"versionEndIncluding": "15.017.20053",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "08EAC1A2-56CE-4375-822A-9B8C43758654",
"versionEndIncluding": "15.006.30201",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "747D8222-B077-49A3-83EB-A210CAF0D094",
"versionEndIncluding": "15.017.20053",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0A07526D-9AD0-4778-B9DC-57815F9F450F",
"versionEndIncluding": "11.0.17",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019."
},
{
"lang": "es",
"value": "Adobe Reader y Acrobat en versiones anteriores a 11.0.18, Acrobat y Acrobat Reader DC Classic en versiones anteriores a 15.006.30243 y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 15.020.20039 en Windows y OS X permiten a atacantes ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018 y CVE-2016-7019."
}
],
"id": "CVE-2016-6959",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-10-13T19:59:30.220",
"references": [
{
"source": "psirt@adobe.com",
"url": "http://www.securityfocus.com/bid/93496"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/93496"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2009-03-25 01:30
Modified
2025-04-09 00:30
Severity ?
Summary
Adobe Acrobat Reader 9 before 9.1, 8 before 8.1.4, and 7 before 7.1.1 might allow remote attackers to trigger memory corruption and possibly execute arbitrary code via unknown attack vectors related to JBIG2, a different vulnerability than CVE-2009-0193 and CVE-2009-1061.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:professional:*:*:*:*:*",
"matchCriteriaId": "D010E4EE-0FD7-4F64-B973-5863D1ACB9DA",
"versionEndIncluding": "9.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:standard:*:*:*:*:*",
"matchCriteriaId": "8641E058-D77A-4A86-9FA8-0D26AAA27B94",
"versionEndIncluding": "9.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:7.0:*:professional:*:*:*:*:*",
"matchCriteriaId": "AC8F85CD-8371-4B36-8D6A-8B2CA580631B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:7.0:*:standard:*:*:*:*:*",
"matchCriteriaId": "C74ECCD2-4E9B-407B-9B14-8A6FB4F768F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:7.0.1:*:professional:*:*:*:*:*",
"matchCriteriaId": "FE88C274-CC72-4341-9BF6-1924054A12FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:7.0.1:*:standard:*:*:*:*:*",
"matchCriteriaId": "507C02CF-7E81-4131-99DE-63E4EEC45F74",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:7.0.2:*:professional:*:*:*:*:*",
"matchCriteriaId": "3D68FF87-5DCE-4D52-B95A-8ADB6F8C0DA8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:7.0.2:*:standard:*:*:*:*:*",
"matchCriteriaId": "47EBEF8E-3C53-41D5-B344-297ED7C432F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:7.0.3:*:professional:*:*:*:*:*",
"matchCriteriaId": "DC0DF265-984D-462D-878E-612783BF0BFB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:7.0.3:*:standard:*:*:*:*:*",
"matchCriteriaId": "0335D33B-20D8-483F-AB5E-E2517F2F900D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:7.0.4:*:professional:*:*:*:*:*",
"matchCriteriaId": "4B066C6A-E3ED-4E7B-BE5E-45CDBF1E8959",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:7.0.4:*:standard:*:*:*:*:*",
"matchCriteriaId": "2341215F-97A7-40B6-B618-7FF022C7CFA2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:7.0.5:*:professional:*:*:*:*:*",
"matchCriteriaId": "D61F0564-59B9-4811-B7FD-BA044C6A94AC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:7.0.5:*:standard:*:*:*:*:*",
"matchCriteriaId": "9C9A3E43-7334-44B0-BF01-04BB19B6FE53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:7.0.6:*:professional:*:*:*:*:*",
"matchCriteriaId": "D3E43C1B-D76D-4486-AE7A-943D34D0A92C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:7.0.6:*:standard:*:*:*:*:*",
"matchCriteriaId": "9F7310F9-CF09-4B83-B6CA-3FE6DBAB6008",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:7.0.7:*:professional:*:*:*:*:*",
"matchCriteriaId": "F52F86E7-E845-48A5-9CC4-98E6DAA43C71",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:7.0.7:*:standard:*:*:*:*:*",
"matchCriteriaId": "32C79CBE-CE27-46B2-BD3C-D56DC62CBB46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:7.0.8:*:professional:*:*:*:*:*",
"matchCriteriaId": "CC9D669B-7E9D-4F39-894A-D9438000F2B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:7.0.8:*:standard:*:*:*:*:*",
"matchCriteriaId": "0D9CA54D-9D60-4064-B6AC-8CED8D064465",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:7.0.9:*:professional:*:*:*:*:*",
"matchCriteriaId": "55836D2A-487E-4B94-AC48-75A427D414F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:7.1:*:professional:*:*:*:*:*",
"matchCriteriaId": "AA7E35B4-035C-4BB7-9FC3-4CD0E5F192DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:7.1:*:standard:*:*:*:*:*",
"matchCriteriaId": "023C5C61-6629-480E-93AD-5F2691E51AFF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:7.1.1:*:standard:*:*:*:*:*",
"matchCriteriaId": "7BBE4EBC-DB7C-420F-AA39-E652CCC00A40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:8.0:*:professional:*:*:*:*:*",
"matchCriteriaId": "0E16B425-B123-4BA3-AC93-5F400ED8F6B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:8.0:*:standard:*:*:*:*:*",
"matchCriteriaId": "C6F47894-50FB-4192-A3CC-D944124F08A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:8.1:*:standard:*:*:*:*:*",
"matchCriteriaId": "5D6C9969-DFEF-4059-BE92-28969930EACA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:8.1.1:*:professional:*:*:*:*:*",
"matchCriteriaId": "06E1842C-E6D7-497A-8AE4-F12C4DCFCAC3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:8.1.1:*:standard:*:*:*:*:*",
"matchCriteriaId": "EA23452E-F5C7-4756-8245-1F398BA78E9F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:8.1.2:*:professional:*:*:*:*:*",
"matchCriteriaId": "21113403-CA7D-4082-9516-C672C9A487C2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:8.1.2:*:standard:*:*:*:*:*",
"matchCriteriaId": "8F04372D-60A1-4407-8CF1-113262846783",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:8.1.2:security_update:professional:*:*:*:*:*",
"matchCriteriaId": "C8B8CCBC-F0F9-4EA0-AB7B-82E7CC98324E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:8.1.3:*:professional:*:*:*:*:*",
"matchCriteriaId": "AFEAEE1D-2906-4D28-8298-22F4F43FBDFC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:8.1.3:*:standard:*:*:*:*:*",
"matchCriteriaId": "1406DBAC-C84B-4A98-8B27-E4AFD2586B0A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:8.1.4:*:professional:*:*:*:*:*",
"matchCriteriaId": "56691A9A-4C98-4D5F-9734-B225F534CC58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:8.1.4:*:standard:*:*:*:*:*",
"matchCriteriaId": "43F1C1B8-20B5-4534-A753-19EC415D0E6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "840D37C8-F30C-4A91-9B34-39AF1E4E34C8",
"versionEndIncluding": "9.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6E2D0266-6954-4DBA-9EEE-8BF73B39DD61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DA4A65AB-75F1-4F6B-83E4-354E7D1EAE3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5AD49BF0-E8BC-4716-8B13-DF39267D9303",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:4.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "71FC1CDB-DF7C-45FF-973D-8C9310121B0C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:4.0.5a:*:*:*:*:*:*:*",
"matchCriteriaId": "5C8951B8-0DF2-48C9-9EAC-9EDCCD389958",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:4.0.5c:*:*:*:*:*:*:*",
"matchCriteriaId": "DCCCF8E6-2117-4665-AC71-8F05771CDB15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "99E14042-AF3B-4609-8CFE-6E02B3DF5CF2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "822D6CAA-4CF7-41BE-B2AC-E7CBAB6229C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:5.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "73579E5C-BDB2-4F9C-BB87-E3752B9030B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:5.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "8A57B3C8-B127-4A52-AB08-A1B6F7830914",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:5.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "F131F390-EA28-41C2-A054-42E6B070FA8E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:5.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "E26DE5FE-729C-4C3A-80FB-0FAFC90A8BEB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:5.0.10:*:*:*:*:*:*:*",
"matchCriteriaId": "C85609BE-4385-4728-AC7E-4231B45A3CE1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:5.0.11:*:*:*:*:*:*:*",
"matchCriteriaId": "29BDD58D-3200-48C1-AB30-07808E029061",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FC93E153-9E21-4012-BFE0-0168488FFC17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "30D445D4-2B00-451B-8744-CCA9F1E1ADA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "53D60FEC-557F-456B-8F35-170078EC5C6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:6.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "51A7B617-FDB3-4F46-AF1F-F9210FB2793B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:6.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "4B5D145B-FD5B-430E-8E90-929B00271C44",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:6.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "40E8FD46-14E2-4D92-8A99-66EC41F38CF7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:6.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "78BA5B02-F565-4A7F-B9FD-DD08ABF258CE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:7.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7E3F0A07-7021-4D04-A8F2-1BCAB474CD2A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:7.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B4C1C3A0-B0DF-42E4-A8AC-D93FCB6526D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:7.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "B3B5B11C-6E76-4A03-AC05-840EFE2F8504",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:7.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "CFF8D072-305A-40B9-9E89-D98BDD951346",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:7.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "DEF52FAE-B6EF-457D-A61A-95B5E31CEF7D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:7.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "0A7236C5-85F8-47C5-8A24-D5282F94D77D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:7.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "718F2E95-E221-4928-B50F-AB840BBA0E9F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:7.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "123D2B4E-0D05-453C-B598-E41D43FE0E96",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:7.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0109ADA4-6BA0-4299-8043-7CD60DAD6DD7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:8.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "98BCBFB5-72DF-4B8A-8F4C-E958B4FAFB37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:8.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "71EB6E18-5764-4916-9ECA-F4E880672217",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:8.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "61151189-E24C-4AB6-BC60-B9AF720E3D4B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader 9 before 9.1, 8 before 8.1.4, and 7 before 7.1.1 might allow remote attackers to trigger memory corruption and possibly execute arbitrary code via unknown attack vectors related to JBIG2, a different vulnerability than CVE-2009-0193 and CVE-2009-1061."
},
{
"lang": "es",
"value": "Adobe Acrobat Reader versi\u00f3n 9 anterior a 9.1, versi\u00f3n 8 anterior a 8.1.4 y versi\u00f3n 7 anterior a 7.1.1 podr\u00eda permitir a los atacantes remotos desencadenar una corrupci\u00f3n de memoria y posiblemente ejecutar c\u00f3digo arbitrario por medio de vectores de ataque desconocidos relacionados con JBIG2, una vulnerabilidad diferente a las CVE-2009-0193 y CVE-2009-1061."
}
],
"id": "CVE-2009-1062",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2009-03-25T01:30:00.593",
"references": [
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00005.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00010.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34392"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34490"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34706"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34790"
},
{
"source": "cve@mitre.org",
"url": "http://security.gentoo.org/glsa/glsa-200904-17.xml"
},
{
"source": "cve@mitre.org",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-256788-1"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.adobe.com/support/security/bulletins/apsb09-04.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.ivizsecurity.com/security-advisory-iviz-sr-09001.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2009-0376.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/34229"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1021892"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/1019"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00005.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00010.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34392"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34490"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34706"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34790"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-200904-17.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-256788-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.adobe.com/support/security/bulletins/apsb09-04.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.ivizsecurity.com/security-advisory-iviz-sr-09001.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2009-0376.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/34229"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1021892"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/1019"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-05-11 10:59
Modified
2025-04-12 10:46
Severity ?
Summary
Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1045, CVE-2016-1046, CVE-2016-1047, CVE-2016-1048, CVE-2016-1049, CVE-2016-1050, CVE-2016-1051, CVE-2016-1052, CVE-2016-1054, CVE-2016-1055, CVE-2016-1056, CVE-2016-1057, CVE-2016-1058, CVE-2016-1059, CVE-2016-1060, CVE-2016-1061, CVE-2016-1065, CVE-2016-1066, CVE-2016-1067, CVE-2016-1068, CVE-2016-1069, CVE-2016-1070, CVE-2016-1075, CVE-2016-1094, CVE-2016-1121, CVE-2016-1122, CVE-2016-4102, and CVE-2016-4107.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apple | mac_os_x | * | |
| microsoft | windows | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3A70458C-0416-49BD-A371-1CFA85DC6A13",
"versionEndIncluding": "11.0.15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "E91D5928-1453-4359-9F35-46D9A3A9CD91",
"versionEndIncluding": "15.006.30121",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "504D35C5-04CB-4FBD-B9FD-4CBA71A5EC1A",
"versionEndIncluding": "15.010.20060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "A63411C3-E8AE-415D-B1B6-1EA6AA20494A",
"versionEndIncluding": "15.006.30121",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "B33BAE59-1F77-4F21-A5C0-B5D9D1D67F1E",
"versionEndIncluding": "15.010.20060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "15C60A67-A7DE-4B57-BC2B-28D9B546DA3B",
"versionEndIncluding": "11.0.15",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1045, CVE-2016-1046, CVE-2016-1047, CVE-2016-1048, CVE-2016-1049, CVE-2016-1050, CVE-2016-1051, CVE-2016-1052, CVE-2016-1054, CVE-2016-1055, CVE-2016-1056, CVE-2016-1057, CVE-2016-1058, CVE-2016-1059, CVE-2016-1060, CVE-2016-1061, CVE-2016-1065, CVE-2016-1066, CVE-2016-1067, CVE-2016-1068, CVE-2016-1069, CVE-2016-1070, CVE-2016-1075, CVE-2016-1094, CVE-2016-1121, CVE-2016-1122, CVE-2016-4102, and CVE-2016-4107."
},
{
"lang": "es",
"value": "Vulnerabilidad de uso despu\u00e9s de liberaci\u00f3n de memoria en Adobe Reader y Acrobat en versiones anteriores a 11.0.16, Acrobat y Acrobat Reader DC Classic en versiones anteriores a 15.006.30172 y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 15.016.20039 sobre Windows y OS X permite a atacantes ejecutar c\u00f3digo arbitrario a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2016-1045, CVE-2016-1046, CVE-2016-1047, CVE-2016-1048, CVE-2016-1049, CVE-2016-1050, CVE-2016-1051, CVE-2016-1052, CVE-2016-1054, CVE-2016-1055, CVE-2016-1056, CVE-2016-1057, CVE-2016-1058, CVE-2016-1059, CVE-2016-1060, CVE-2016-1061, CVE-2016-1065, CVE-2016-1066, CVE-2016-1067, CVE-2016-1068, CVE-2016-1069, CVE-2016-1070, CVE-2016-1075, CVE-2016-1094, CVE-2016-1121, CVE-2016-1122, CVE-2016-4102 y CVE-2016-4107."
}
],
"evaluatorComment": "\u003ca href=\"http://cwe.mitre.org/data/definitions/416.html\"\u003eCWE-416: Use After Free\u003c/a\u003e",
"id": "CVE-2016-1053",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-05-11T10:59:19.160",
"references": [
{
"source": "psirt@adobe.com",
"url": "http://www.securityfocus.com/bid/90512"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"source": "psirt@adobe.com",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-301"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/90512"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-301"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-08-11 19:29
Modified
2025-04-20 01:37
Severity ?
Summary
Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the internal data structure manipulation related to document encoding. Successful exploitation could lead to arbitrary code execution.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| psirt@adobe.com | http://www.securityfocus.com/bid/100179 | Third Party Advisory, VDB Entry | |
| psirt@adobe.com | http://www.securitytracker.com/id/1039098 | Third Party Advisory, VDB Entry | |
| psirt@adobe.com | https://helpx.adobe.com/security/products/acrobat/apsb17-24.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/100179 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1039098 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://helpx.adobe.com/security/products/acrobat/apsb17-24.html | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| adobe | acrobat | * | |
| adobe | acrobat | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_dc | * | |
| adobe | acrobat_reader | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | acrobat_reader_dc | * | |
| adobe | reader | * | |
| apple | mac_os_x | * | |
| microsoft | windows | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A30D9514-FE2E-4A9C-9500-16890F53E970",
"versionEndIncluding": "11.0.20",
"versionStartIncluding": "11.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7C9B6745-48B3-47D5-B624-3321E9058FB6",
"versionEndIncluding": "17.011.30066",
"versionStartIncluding": "17.011.00000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "99D08096-DEEA-4409-835A-68479002FF0F",
"versionEndIncluding": "15.006.30306",
"versionStartIncluding": "15.006.30060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "C7A7FA12-9250-4E26-87AE-D5413A1B7D83",
"versionEndIncluding": "17.009.20058",
"versionStartIncluding": "15.007.20033",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "11A0E83A-9D77-4A0B-90DE-386D21D54146",
"versionEndIncluding": "17.011.30066",
"versionStartIncluding": "17.011.00000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"matchCriteriaId": "0E4BAFB4-C5F3-4033-9876-AC3CF37206F8",
"versionEndIncluding": "15.006.30306",
"versionStartIncluding": "15.006.30060",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"matchCriteriaId": "7C578153-11EF-4F8D-9137-4F7AB8024D7E",
"versionEndIncluding": "17.009.20058",
"versionStartIncluding": "15.007.20033",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1F87CC97-6ED7-4AF1-B7B7-F89EA09A68DB",
"versionEndIncluding": "11.0.20",
"versionStartIncluding": "11.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the internal data structure manipulation related to document encoding. Successful exploitation could lead to arbitrary code execution."
},
{
"lang": "es",
"value": "Adobe Acrobat Reader 2017.009.20058 y anteriores, 2017.008.30051 y anteriores, 2015.006.30306 y anteriores, y 11.0.20 y anteriores tiene una vulnerabilidad de corrupci\u00f3n de memoria en la manipulaci\u00f3n interna de datos relacionados con la codificaci\u00f3n de documentos. La explotaci\u00f3n con \u00e9xito de esta vulnerabilidad podr\u00eda permitir la ejecuci\u00f3n arbitraria de c\u00f3digo."
}
],
"id": "CVE-2017-11263",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-08-11T19:29:01.710",
"references": [
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/100179"
},
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039098"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/100179"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039098"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2016-1076 (GCVE-0-2016-1076)
Vulnerability from cvelistv5
Published
2016-05-11 10:00
Modified
2024-08-05 22:38
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T22:38:41.587Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1035828",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1035828"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-324"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-05-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-11-29T16:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "1035828",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1035828"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-324"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-1076",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1035828",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-16-324",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-324"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2016-1076",
"datePublished": "2016-05-11T10:00:00",
"dateReserved": "2015-12-22T00:00:00",
"dateUpdated": "2024-08-05T22:38:41.587Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-4203 (GCVE-0-2016-4203)
Vulnerability from cvelistv5
Published
2016-07-13 01:00
Modified
2024-08-06 00:17
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4191, CVE-2016-4192, CVE-2016-4193, CVE-2016-4194, CVE-2016-4195, CVE-2016-4196, CVE-2016-4197, CVE-2016-4198, CVE-2016-4199, CVE-2016-4200, CVE-2016-4201, CVE-2016-4202, CVE-2016-4204, CVE-2016-4205, CVE-2016-4206, CVE-2016-4207, CVE-2016-4208, CVE-2016-4211, CVE-2016-4212, CVE-2016-4213, CVE-2016-4214, CVE-2016-4250, CVE-2016-4251, CVE-2016-4252, and CVE-2016-4254.
References
| ► | URL | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T00:17:31.322Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "91716",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/91716"
},
{
"name": "1036281",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1036281"
},
{
"name": "40097",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/40097/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-07-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4191, CVE-2016-4192, CVE-2016-4193, CVE-2016-4194, CVE-2016-4195, CVE-2016-4196, CVE-2016-4197, CVE-2016-4198, CVE-2016-4199, CVE-2016-4200, CVE-2016-4201, CVE-2016-4202, CVE-2016-4204, CVE-2016-4205, CVE-2016-4206, CVE-2016-4207, CVE-2016-4208, CVE-2016-4211, CVE-2016-4212, CVE-2016-4213, CVE-2016-4214, CVE-2016-4250, CVE-2016-4251, CVE-2016-4252, and CVE-2016-4254."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-02T09:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "91716",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/91716"
},
{
"name": "1036281",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1036281"
},
{
"name": "40097",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/40097/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-4203",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4191, CVE-2016-4192, CVE-2016-4193, CVE-2016-4194, CVE-2016-4195, CVE-2016-4196, CVE-2016-4197, CVE-2016-4198, CVE-2016-4199, CVE-2016-4200, CVE-2016-4201, CVE-2016-4202, CVE-2016-4204, CVE-2016-4205, CVE-2016-4206, CVE-2016-4207, CVE-2016-4208, CVE-2016-4211, CVE-2016-4212, CVE-2016-4213, CVE-2016-4214, CVE-2016-4250, CVE-2016-4251, CVE-2016-4252, and CVE-2016-4254."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "91716",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/91716"
},
{
"name": "1036281",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036281"
},
{
"name": "40097",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/40097/"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2016-4203",
"datePublished": "2016-07-13T01:00:00",
"dateReserved": "2016-04-27T00:00:00",
"dateUpdated": "2024-08-06T00:17:31.322Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-2966 (GCVE-0-2017-2966)
Vulnerability from cvelistv5
Published
2017-01-11 04:40
Modified
2024-08-05 14:09
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Heap Overflow
Summary
Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable heap overflow vulnerability in the image conversion engine related to parsing malformed TIFF segments. Successful exploitation could lead to arbitrary code execution.
References
| ► | URL | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier. |
Version: Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier. |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T14:09:17.810Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "95344",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/95344"
},
{
"name": "1037574",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1037574"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-17-030"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier.",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier."
}
]
}
],
"datePublic": "2017-01-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable heap overflow vulnerability in the image conversion engine related to parsing malformed TIFF segments. Successful exploitation could lead to arbitrary code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Heap Overflow",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-01-12T22:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "95344",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/95344"
},
{
"name": "1037574",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1037574"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-17-030"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2017-2966",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier.",
"version": {
"version_data": [
{
"version_value": "Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier."
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable heap overflow vulnerability in the image conversion engine related to parsing malformed TIFF segments. Successful exploitation could lead to arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Heap Overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "95344",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/95344"
},
{
"name": "1037574",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037574"
},
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-17-030",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-17-030"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2017-2966",
"datePublished": "2017-01-11T04:40:00",
"dateReserved": "2016-12-02T00:00:00",
"dateUpdated": "2024-08-05T14:09:17.810Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-3028 (GCVE-0-2017-3028)
Vulnerability from cvelistv5
Published
2017-04-12 14:00
Modified
2024-08-05 14:16
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Memory Corruption
Summary
Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability in the image conversion module, related to processing of TIFF files. Successful exploitation could lead to arbitrary code execution.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier. |
Version: Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier. |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T14:16:26.437Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1038228",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1038228"
},
{
"name": "97556",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/97556"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier.",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier."
}
]
}
],
"datePublic": "2017-04-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability in the image conversion module, related to processing of TIFF files. Successful exploitation could lead to arbitrary code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Memory Corruption",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T09:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "1038228",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1038228"
},
{
"name": "97556",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/97556"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2017-3028",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier.",
"version": {
"version_data": [
{
"version_value": "Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier."
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability in the image conversion module, related to processing of TIFF files. Successful exploitation could lead to arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Memory Corruption"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1038228",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038228"
},
{
"name": "97556",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/97556"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2017-3028",
"datePublished": "2017-04-12T14:00:00",
"dateReserved": "2016-12-02T00:00:00",
"dateUpdated": "2024-08-05T14:16:26.437Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-1125 (GCVE-0-2016-1125)
Vulnerability from cvelistv5
Published
2016-05-11 10:00
Modified
2024-08-05 22:48
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T22:48:12.957Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1035828",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1035828"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-05-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-11-29T16:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "1035828",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1035828"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-1125",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1035828",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2016-1125",
"datePublished": "2016-05-11T10:00:00",
"dateReserved": "2015-12-22T00:00:00",
"dateUpdated": "2024-08-05T22:48:12.957Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-2939 (GCVE-0-2017-2939)
Vulnerability from cvelistv5
Published
2017-01-11 04:40
Modified
2024-08-05 14:09
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Memory Corruption
Summary
Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable memory corruption vulnerability when processing a malformed cross-reference table. Successful exploitation could lead to arbitrary code execution.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier. |
Version: Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier. |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T14:09:17.807Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "95345",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/95345"
},
{
"name": "1037574",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1037574"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier.",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier."
}
]
}
],
"datePublic": "2017-01-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable memory corruption vulnerability when processing a malformed cross-reference table. Successful exploitation could lead to arbitrary code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Memory Corruption",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-01-12T22:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "95345",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/95345"
},
{
"name": "1037574",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1037574"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2017-2939",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier.",
"version": {
"version_data": [
{
"version_value": "Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier."
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable memory corruption vulnerability when processing a malformed cross-reference table. Successful exploitation could lead to arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Memory Corruption"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "95345",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/95345"
},
{
"name": "1037574",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037574"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2017-2939",
"datePublished": "2017-01-11T04:40:00",
"dateReserved": "2016-12-02T00:00:00",
"dateUpdated": "2024-08-05T14:09:17.807Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-3037 (GCVE-0-2017-3037)
Vulnerability from cvelistv5
Published
2017-04-12 14:00
Modified
2024-08-05 14:16
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Memory Corruption
Summary
Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability in the JavaScript engine. Successful exploitation could lead to arbitrary code execution.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier. |
Version: Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier. |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T14:16:26.428Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1038228",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1038228"
},
{
"name": "97556",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/97556"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier.",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier."
}
]
}
],
"datePublic": "2017-04-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability in the JavaScript engine. Successful exploitation could lead to arbitrary code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Memory Corruption",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T09:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "1038228",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1038228"
},
{
"name": "97556",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/97556"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2017-3037",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier.",
"version": {
"version_data": [
{
"version_value": "Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier."
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability in the JavaScript engine. Successful exploitation could lead to arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Memory Corruption"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1038228",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038228"
},
{
"name": "97556",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/97556"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2017-3037",
"datePublished": "2017-04-12T14:00:00",
"dateReserved": "2016-12-02T00:00:00",
"dateUpdated": "2024-08-05T14:16:26.428Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-7013 (GCVE-0-2016-7013)
Vulnerability from cvelistv5
Published
2016-10-13 19:00
Modified
2024-08-06 01:50
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T01:50:46.624Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1036986",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1036986"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"name": "93496",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/93496"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-10-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-29T09:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "1036986",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1036986"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"name": "93496",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/93496"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-7013",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1036986",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"name": "93496",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93496"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2016-7013",
"datePublished": "2016-10-13T19:00:00",
"dateReserved": "2016-08-23T00:00:00",
"dateUpdated": "2024-08-06T01:50:46.624Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-2947 (GCVE-0-2017-2947)
Vulnerability from cvelistv5
Published
2017-01-11 04:40
Modified
2024-08-05 14:09
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Security Bypass
Summary
Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have a security bypass vulnerability when manipulating Form Data Format (FDF).
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier. |
Version: Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier. |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T14:09:17.797Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "95348",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/95348"
},
{
"name": "1037574",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1037574"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier.",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier."
}
]
}
],
"datePublic": "2017-01-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have a security bypass vulnerability when manipulating Form Data Format (FDF)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Security Bypass",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-01-12T22:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "95348",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/95348"
},
{
"name": "1037574",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1037574"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2017-2947",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier.",
"version": {
"version_data": [
{
"version_value": "Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier."
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have a security bypass vulnerability when manipulating Form Data Format (FDF)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Security Bypass"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "95348",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/95348"
},
{
"name": "1037574",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037574"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2017-2947",
"datePublished": "2017-01-11T04:40:00",
"dateReserved": "2016-12-02T00:00:00",
"dateUpdated": "2024-08-05T14:09:17.797Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-2961 (GCVE-0-2017-2961)
Vulnerability from cvelistv5
Published
2017-01-11 04:40
Modified
2024-08-05 14:09
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Use After Free
Summary
Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable use after free vulnerability in the XFA engine, related to validation functionality. Successful exploitation could lead to arbitrary code execution.
References
| ► | URL | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier. |
Version: Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier. |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T14:09:17.799Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1037574",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1037574"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html"
},
{
"name": "95343",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/95343"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-17-025"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier.",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier."
}
]
}
],
"datePublic": "2017-01-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable use after free vulnerability in the XFA engine, related to validation functionality. Successful exploitation could lead to arbitrary code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Use After Free",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-01-12T22:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "1037574",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1037574"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html"
},
{
"name": "95343",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/95343"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-17-025"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2017-2961",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier.",
"version": {
"version_data": [
{
"version_value": "Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier."
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable use after free vulnerability in the XFA engine, related to validation functionality. Successful exploitation could lead to arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use After Free"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1037574",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037574"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html"
},
{
"name": "95343",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/95343"
},
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-17-025",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-17-025"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2017-2961",
"datePublished": "2017-01-11T04:40:00",
"dateReserved": "2016-12-02T00:00:00",
"dateUpdated": "2024-08-05T14:09:17.799Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-1073 (GCVE-0-2016-1073)
Vulnerability from cvelistv5
Published
2016-05-11 10:00
Modified
2024-08-05 22:38
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T22:38:41.768Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1035828",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1035828"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-321"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-05-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-11-29T16:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "1035828",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1035828"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-321"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-1073",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1035828",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-16-321",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-321"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2016-1073",
"datePublished": "2016-05-11T10:00:00",
"dateReserved": "2015-12-22T00:00:00",
"dateUpdated": "2024-08-05T22:38:41.768Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-3051 (GCVE-0-2017-3051)
Vulnerability from cvelistv5
Published
2017-04-12 14:00
Modified
2024-08-05 14:16
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Memory Corruption
Summary
Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability in the image conversion engine, related to parsing of JPEG files. Successful exploitation could lead to arbitrary code execution.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier. |
Version: Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier. |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T14:16:26.412Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1038228",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1038228"
},
{
"name": "97556",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/97556"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier.",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier."
}
]
}
],
"datePublic": "2017-04-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability in the image conversion engine, related to parsing of JPEG files. Successful exploitation could lead to arbitrary code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Memory Corruption",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T09:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "1038228",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1038228"
},
{
"name": "97556",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/97556"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2017-3051",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier.",
"version": {
"version_data": [
{
"version_value": "Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier."
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability in the image conversion engine, related to parsing of JPEG files. Successful exploitation could lead to arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Memory Corruption"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1038228",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038228"
},
{
"name": "97556",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/97556"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2017-3051",
"datePublished": "2017-04-12T14:00:00",
"dateReserved": "2016-12-02T00:00:00",
"dateUpdated": "2024-08-05T14:16:26.412Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-7007 (GCVE-0-2016-7007)
Vulnerability from cvelistv5
Published
2016-10-13 19:00
Modified
2024-08-06 01:50
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T01:50:46.681Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1036986",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1036986"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"name": "93496",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/93496"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-10-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-29T09:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "1036986",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1036986"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"name": "93496",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/93496"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-7007",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1036986",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"name": "93496",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93496"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2016-7007",
"datePublished": "2016-10-13T19:00:00",
"dateReserved": "2016-08-23T00:00:00",
"dateUpdated": "2024-08-06T01:50:46.681Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-4213 (GCVE-0-2016-4213)
Vulnerability from cvelistv5
Published
2016-07-13 01:00
Modified
2024-08-06 00:25
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4191, CVE-2016-4192, CVE-2016-4193, CVE-2016-4194, CVE-2016-4195, CVE-2016-4196, CVE-2016-4197, CVE-2016-4198, CVE-2016-4199, CVE-2016-4200, CVE-2016-4201, CVE-2016-4202, CVE-2016-4203, CVE-2016-4204, CVE-2016-4205, CVE-2016-4206, CVE-2016-4207, CVE-2016-4208, CVE-2016-4211, CVE-2016-4212, CVE-2016-4214, CVE-2016-4250, CVE-2016-4251, CVE-2016-4252, and CVE-2016-4254.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T00:25:13.259Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "91716",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/91716"
},
{
"name": "1036281",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1036281"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-07-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4191, CVE-2016-4192, CVE-2016-4193, CVE-2016-4194, CVE-2016-4195, CVE-2016-4196, CVE-2016-4197, CVE-2016-4198, CVE-2016-4199, CVE-2016-4200, CVE-2016-4201, CVE-2016-4202, CVE-2016-4203, CVE-2016-4204, CVE-2016-4205, CVE-2016-4206, CVE-2016-4207, CVE-2016-4208, CVE-2016-4211, CVE-2016-4212, CVE-2016-4214, CVE-2016-4250, CVE-2016-4251, CVE-2016-4252, and CVE-2016-4254."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-31T09:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "91716",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/91716"
},
{
"name": "1036281",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1036281"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-4213",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4191, CVE-2016-4192, CVE-2016-4193, CVE-2016-4194, CVE-2016-4195, CVE-2016-4196, CVE-2016-4197, CVE-2016-4198, CVE-2016-4199, CVE-2016-4200, CVE-2016-4201, CVE-2016-4202, CVE-2016-4203, CVE-2016-4204, CVE-2016-4205, CVE-2016-4206, CVE-2016-4207, CVE-2016-4208, CVE-2016-4211, CVE-2016-4212, CVE-2016-4214, CVE-2016-4250, CVE-2016-4251, CVE-2016-4252, and CVE-2016-4254."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "91716",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/91716"
},
{
"name": "1036281",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036281"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2016-4213",
"datePublished": "2016-07-13T01:00:00",
"dateReserved": "2016-04-27T00:00:00",
"dateUpdated": "2024-08-06T00:25:13.259Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-6938 (GCVE-0-2016-6938)
Vulnerability from cvelistv5
Published
2016-09-17 01:00
Modified
2024-08-06 01:43
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4255.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T01:43:38.621Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-591"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html"
},
{
"name": "93016",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/93016"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-09-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4255."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-12-21T21:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-591"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html"
},
{
"name": "93016",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/93016"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-6938",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4255."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-16-591",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-591"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html"
},
{
"name": "93016",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93016"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2016-6938",
"datePublished": "2016-09-17T01:00:00",
"dateReserved": "2016-08-23T00:00:00",
"dateUpdated": "2024-08-06T01:43:38.621Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-1095 (GCVE-0-2016-1095)
Vulnerability from cvelistv5
Published
2016-05-11 10:00
Modified
2024-08-05 22:48
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T22:48:12.049Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1035828",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1035828"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-329"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-05-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-11-29T16:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "1035828",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1035828"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-329"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-1095",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1035828",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-16-329",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-329"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2016-1095",
"datePublished": "2016-05-11T10:00:00",
"dateReserved": "2015-12-22T00:00:00",
"dateUpdated": "2024-08-05T22:48:12.049Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-1067 (GCVE-0-2016-1067)
Vulnerability from cvelistv5
Published
2016-05-11 10:00
Modified
2024-08-05 22:38
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1045, CVE-2016-1046, CVE-2016-1047, CVE-2016-1048, CVE-2016-1049, CVE-2016-1050, CVE-2016-1051, CVE-2016-1052, CVE-2016-1053, CVE-2016-1054, CVE-2016-1055, CVE-2016-1056, CVE-2016-1057, CVE-2016-1058, CVE-2016-1059, CVE-2016-1060, CVE-2016-1061, CVE-2016-1065, CVE-2016-1066, CVE-2016-1068, CVE-2016-1069, CVE-2016-1070, CVE-2016-1075, CVE-2016-1094, CVE-2016-1121, CVE-2016-1122, CVE-2016-4102, and CVE-2016-4107.
References
| ► | URL | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T22:38:41.620Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "90512",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/90512"
},
{
"name": "1035828",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1035828"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-315"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-05-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1045, CVE-2016-1046, CVE-2016-1047, CVE-2016-1048, CVE-2016-1049, CVE-2016-1050, CVE-2016-1051, CVE-2016-1052, CVE-2016-1053, CVE-2016-1054, CVE-2016-1055, CVE-2016-1056, CVE-2016-1057, CVE-2016-1058, CVE-2016-1059, CVE-2016-1060, CVE-2016-1061, CVE-2016-1065, CVE-2016-1066, CVE-2016-1068, CVE-2016-1069, CVE-2016-1070, CVE-2016-1075, CVE-2016-1094, CVE-2016-1121, CVE-2016-1122, CVE-2016-4102, and CVE-2016-4107."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-11-29T16:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "90512",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/90512"
},
{
"name": "1035828",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1035828"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-315"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-1067",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1045, CVE-2016-1046, CVE-2016-1047, CVE-2016-1048, CVE-2016-1049, CVE-2016-1050, CVE-2016-1051, CVE-2016-1052, CVE-2016-1053, CVE-2016-1054, CVE-2016-1055, CVE-2016-1056, CVE-2016-1057, CVE-2016-1058, CVE-2016-1059, CVE-2016-1060, CVE-2016-1061, CVE-2016-1065, CVE-2016-1066, CVE-2016-1068, CVE-2016-1069, CVE-2016-1070, CVE-2016-1075, CVE-2016-1094, CVE-2016-1121, CVE-2016-1122, CVE-2016-4102, and CVE-2016-4107."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "90512",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/90512"
},
{
"name": "1035828",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-16-315",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-315"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2016-1067",
"datePublished": "2016-05-11T10:00:00",
"dateReserved": "2015-12-22T00:00:00",
"dateUpdated": "2024-08-05T22:38:41.620Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-4091 (GCVE-0-2016-4091)
Vulnerability from cvelistv5
Published
2016-05-11 10:00
Modified
2024-08-06 00:17
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Heap-based buffer overflow in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4092.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T00:17:30.962Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1035828",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1035828"
},
{
"name": "90508",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/90508"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-05-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4092."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-11-29T16:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "1035828",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1035828"
},
{
"name": "90508",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/90508"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-4091",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Heap-based buffer overflow in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4092."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1035828",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"name": "90508",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/90508"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2016-4091",
"datePublished": "2016-05-11T10:00:00",
"dateReserved": "2016-04-27T00:00:00",
"dateUpdated": "2024-08-06T00:17:30.962Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-1085 (GCVE-0-2016-1085)
Vulnerability from cvelistv5
Published
2016-05-11 10:00
Modified
2024-08-05 22:38
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T22:38:41.739Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1035828",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1035828"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-05-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-11-29T16:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "1035828",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1035828"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-1085",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1035828",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2016-1085",
"datePublished": "2016-05-11T10:00:00",
"dateReserved": "2015-12-22T00:00:00",
"dateUpdated": "2024-08-05T22:38:41.739Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-11254 (GCVE-0-2017-11254)
Vulnerability from cvelistv5
Published
2017-08-11 19:00
Modified
2024-09-16 23:56
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Use After Free
Summary
Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable use after free vulnerability in the Acrobat/Reader's JavaScript engine. Successful exploitation could lead to arbitrary code execution.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Adobe Systems Incorporated | Acrobat Reader |
Version: 2017.009.20058 and earlier Version: 2017.008.30051 and earlier Version: 2015.006.30306 and earlier Version: 11.0.20 and earlier |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T18:05:29.601Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"name": "1039098",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1039098"
},
{
"name": "100182",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/100182"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe Systems Incorporated",
"versions": [
{
"status": "affected",
"version": "2017.009.20058 and earlier"
},
{
"status": "affected",
"version": "2017.008.30051 and earlier"
},
{
"status": "affected",
"version": "2015.006.30306 and earlier"
},
{
"status": "affected",
"version": "11.0.20 and earlier"
}
]
}
],
"datePublic": "2017-08-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable use after free vulnerability in the Acrobat/Reader\u0027s JavaScript engine. Successful exploitation could lead to arbitrary code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Use After Free",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-12T09:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"name": "1039098",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1039098"
},
{
"name": "100182",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/100182"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2017-08-08T00:00:00",
"ID": "CVE-2017-11254",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_value": "2017.009.20058 and earlier"
},
{
"version_value": "2017.008.30051 and earlier"
},
{
"version_value": "2015.006.30306 and earlier"
},
{
"version_value": "11.0.20 and earlier"
}
]
}
}
]
},
"vendor_name": "Adobe Systems Incorporated"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable use after free vulnerability in the Acrobat/Reader\u0027s JavaScript engine. Successful exploitation could lead to arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use After Free"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"name": "1039098",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039098"
},
{
"name": "100182",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/100182"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2017-11254",
"datePublished": "2017-08-11T19:00:00Z",
"dateReserved": "2017-07-13T00:00:00",
"dateUpdated": "2024-09-16T23:56:33.334Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-3024 (GCVE-0-2017-3024)
Vulnerability from cvelistv5
Published
2017-04-12 14:00
Modified
2024-08-05 14:16
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Memory Corruption
Summary
Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability when manipulating PDF annotations. Successful exploitation could lead to arbitrary code execution.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier. |
Version: Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier. |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T14:16:26.295Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1038228",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1038228"
},
{
"name": "97556",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/97556"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier.",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier."
}
]
}
],
"datePublic": "2017-04-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability when manipulating PDF annotations. Successful exploitation could lead to arbitrary code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Memory Corruption",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T09:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "1038228",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1038228"
},
{
"name": "97556",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/97556"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2017-3024",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier.",
"version": {
"version_data": [
{
"version_value": "Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier."
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability when manipulating PDF annotations. Successful exploitation could lead to arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Memory Corruption"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1038228",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038228"
},
{
"name": "97556",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/97556"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2017-3024",
"datePublished": "2017-04-12T14:00:00",
"dateReserved": "2016-12-02T00:00:00",
"dateUpdated": "2024-08-05T14:16:26.295Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-7015 (GCVE-0-2016-7015)
Vulnerability from cvelistv5
Published
2016-10-13 19:00
Modified
2024-08-06 01:50
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T01:50:47.246Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1036986",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1036986"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"name": "93496",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/93496"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-10-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-29T09:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "1036986",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1036986"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"name": "93496",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/93496"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-7015",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1036986",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"name": "93496",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93496"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2016-7015",
"datePublished": "2016-10-13T19:00:00",
"dateReserved": "2016-08-23T00:00:00",
"dateUpdated": "2024-08-06T01:50:47.246Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-3050 (GCVE-0-2017-3050)
Vulnerability from cvelistv5
Published
2017-04-12 14:00
Modified
2024-08-05 14:16
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Memory Corruption
Summary
Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability in the image conversion engine, related to parsing of GIF files. Successful exploitation could lead to arbitrary code execution.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier. |
Version: Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier. |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T14:16:26.429Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1038228",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1038228"
},
{
"name": "97556",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/97556"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier.",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier."
}
]
}
],
"datePublic": "2017-04-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability in the image conversion engine, related to parsing of GIF files. Successful exploitation could lead to arbitrary code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Memory Corruption",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T09:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "1038228",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1038228"
},
{
"name": "97556",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/97556"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2017-3050",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier.",
"version": {
"version_data": [
{
"version_value": "Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier."
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability in the image conversion engine, related to parsing of GIF files. Successful exploitation could lead to arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Memory Corruption"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1038228",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038228"
},
{
"name": "97556",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/97556"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2017-3050",
"datePublished": "2017-04-12T14:00:00",
"dateReserved": "2016-12-02T00:00:00",
"dateUpdated": "2024-08-05T14:16:26.429Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-2951 (GCVE-0-2017-2951)
Vulnerability from cvelistv5
Published
2017-01-11 04:40
Modified
2024-08-05 14:09
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Use After Free
Summary
Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable use after free vulnerability in the XFA engine, related to sub-form functionality. Successful exploitation could lead to arbitrary code execution.
References
| ► | URL | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier. |
Version: Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier. |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T14:09:17.804Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1037574",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1037574"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html"
},
{
"name": "95343",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/95343"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-17-022"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier.",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier."
}
]
}
],
"datePublic": "2017-01-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable use after free vulnerability in the XFA engine, related to sub-form functionality. Successful exploitation could lead to arbitrary code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Use After Free",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-01-12T22:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "1037574",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1037574"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html"
},
{
"name": "95343",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/95343"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-17-022"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2017-2951",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier.",
"version": {
"version_data": [
{
"version_value": "Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier."
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable use after free vulnerability in the XFA engine, related to sub-form functionality. Successful exploitation could lead to arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use After Free"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1037574",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037574"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html"
},
{
"name": "95343",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/95343"
},
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-17-022",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-17-022"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2017-2951",
"datePublished": "2017-01-11T04:40:00",
"dateReserved": "2016-12-02T00:00:00",
"dateUpdated": "2024-08-05T14:09:17.804Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-6959 (GCVE-0-2016-6959)
Vulnerability from cvelistv5
Published
2016-10-13 19:00
Modified
2024-08-06 01:43
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T01:43:38.848Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1036986",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1036986"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"name": "93496",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/93496"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-10-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-29T09:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "1036986",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1036986"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"name": "93496",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/93496"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-6959",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1036986",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"name": "93496",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93496"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2016-6959",
"datePublished": "2016-10-13T19:00:00",
"dateReserved": "2016-08-23T00:00:00",
"dateUpdated": "2024-08-06T01:43:38.848Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-3116 (GCVE-0-2017-3116)
Vulnerability from cvelistv5
Published
2017-08-11 19:00
Modified
2024-09-16 22:35
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Memory Corruption
Summary
Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the MakeAccessible plugin when parsing TrueType font data. Successful exploitation could lead to arbitrary code execution.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Adobe Systems Incorporated | Acrobat Reader |
Version: 2017.009.20058 and earlier Version: 2017.008.30051 and earlier Version: 2015.006.30306 and earlier Version: 11.0.20 and earlier |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T14:16:27.849Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"name": "1039098",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1039098"
},
{
"name": "100179",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/100179"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe Systems Incorporated",
"versions": [
{
"status": "affected",
"version": "2017.009.20058 and earlier"
},
{
"status": "affected",
"version": "2017.008.30051 and earlier"
},
{
"status": "affected",
"version": "2015.006.30306 and earlier"
},
{
"status": "affected",
"version": "11.0.20 and earlier"
}
]
}
],
"datePublic": "2017-08-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the MakeAccessible plugin when parsing TrueType font data. Successful exploitation could lead to arbitrary code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Memory Corruption",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-12T09:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"name": "1039098",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1039098"
},
{
"name": "100179",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/100179"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2017-08-08T00:00:00",
"ID": "CVE-2017-3116",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_value": "2017.009.20058 and earlier"
},
{
"version_value": "2017.008.30051 and earlier"
},
{
"version_value": "2015.006.30306 and earlier"
},
{
"version_value": "11.0.20 and earlier"
}
]
}
}
]
},
"vendor_name": "Adobe Systems Incorporated"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the MakeAccessible plugin when parsing TrueType font data. Successful exploitation could lead to arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Memory Corruption"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"name": "1039098",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039098"
},
{
"name": "100179",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/100179"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2017-3116",
"datePublished": "2017-08-11T19:00:00Z",
"dateReserved": "2016-12-02T00:00:00",
"dateUpdated": "2024-09-16T22:35:34.920Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-4198 (GCVE-0-2016-4198)
Vulnerability from cvelistv5
Published
2016-07-13 01:00
Modified
2024-08-06 00:17
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4191, CVE-2016-4192, CVE-2016-4193, CVE-2016-4194, CVE-2016-4195, CVE-2016-4196, CVE-2016-4197, CVE-2016-4199, CVE-2016-4200, CVE-2016-4201, CVE-2016-4202, CVE-2016-4203, CVE-2016-4204, CVE-2016-4205, CVE-2016-4206, CVE-2016-4207, CVE-2016-4208, CVE-2016-4211, CVE-2016-4212, CVE-2016-4213, CVE-2016-4214, CVE-2016-4250, CVE-2016-4251, CVE-2016-4252, and CVE-2016-4254.
References
| ► | URL | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T00:17:31.451Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "91716",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/91716"
},
{
"name": "1036281",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1036281"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-422"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-07-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4191, CVE-2016-4192, CVE-2016-4193, CVE-2016-4194, CVE-2016-4195, CVE-2016-4196, CVE-2016-4197, CVE-2016-4199, CVE-2016-4200, CVE-2016-4201, CVE-2016-4202, CVE-2016-4203, CVE-2016-4204, CVE-2016-4205, CVE-2016-4206, CVE-2016-4207, CVE-2016-4208, CVE-2016-4211, CVE-2016-4212, CVE-2016-4213, CVE-2016-4214, CVE-2016-4250, CVE-2016-4251, CVE-2016-4252, and CVE-2016-4254."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-31T09:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "91716",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/91716"
},
{
"name": "1036281",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1036281"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-422"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-4198",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4191, CVE-2016-4192, CVE-2016-4193, CVE-2016-4194, CVE-2016-4195, CVE-2016-4196, CVE-2016-4197, CVE-2016-4199, CVE-2016-4200, CVE-2016-4201, CVE-2016-4202, CVE-2016-4203, CVE-2016-4204, CVE-2016-4205, CVE-2016-4206, CVE-2016-4207, CVE-2016-4208, CVE-2016-4211, CVE-2016-4212, CVE-2016-4213, CVE-2016-4214, CVE-2016-4250, CVE-2016-4251, CVE-2016-4252, and CVE-2016-4254."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "91716",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/91716"
},
{
"name": "1036281",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036281"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html"
},
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-16-422",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-422"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2016-4198",
"datePublished": "2016-07-13T01:00:00",
"dateReserved": "2016-04-27T00:00:00",
"dateUpdated": "2024-08-06T00:17:31.451Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-6954 (GCVE-0-2016-6954)
Vulnerability from cvelistv5
Published
2016-10-13 19:00
Modified
2024-08-06 01:43
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T01:43:38.553Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1036986",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1036986"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"name": "93496",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/93496"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-10-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-29T09:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "1036986",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1036986"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"name": "93496",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/93496"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-6954",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1036986",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"name": "93496",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93496"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2016-6954",
"datePublished": "2016-10-13T19:00:00",
"dateReserved": "2016-08-23T00:00:00",
"dateUpdated": "2024-08-06T01:43:38.553Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-2963 (GCVE-0-2017-2963)
Vulnerability from cvelistv5
Published
2017-01-11 04:40
Modified
2024-08-05 14:09
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Memory Corruption
Summary
Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable memory corruption vulnerability in the image conversion engine, related to handling of the color profile in a TIFF file. Successful exploitation could lead to arbitrary code execution.
References
| ► | URL | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier. |
Version: Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier. |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T14:09:17.779Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "95345",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/95345"
},
{
"name": "1037574",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1037574"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-17-027"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier.",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier."
}
]
}
],
"datePublic": "2017-01-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable memory corruption vulnerability in the image conversion engine, related to handling of the color profile in a TIFF file. Successful exploitation could lead to arbitrary code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Memory Corruption",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-01-12T22:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "95345",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/95345"
},
{
"name": "1037574",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1037574"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-17-027"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2017-2963",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier.",
"version": {
"version_data": [
{
"version_value": "Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier."
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable memory corruption vulnerability in the image conversion engine, related to handling of the color profile in a TIFF file. Successful exploitation could lead to arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Memory Corruption"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "95345",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/95345"
},
{
"name": "1037574",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037574"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html"
},
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-17-027",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-17-027"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2017-2963",
"datePublished": "2017-01-11T04:40:00",
"dateReserved": "2016-12-02T00:00:00",
"dateUpdated": "2024-08-05T14:09:17.779Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-6977 (GCVE-0-2016-6977)
Vulnerability from cvelistv5
Published
2016-10-13 19:00
Modified
2024-08-06 01:50
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T01:50:46.142Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1036986",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1036986"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"name": "93496",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/93496"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-10-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-29T09:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "1036986",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1036986"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"name": "93496",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/93496"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-6977",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1036986",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"name": "93496",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93496"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2016-6977",
"datePublished": "2016-10-13T19:00:00",
"dateReserved": "2016-08-23T00:00:00",
"dateUpdated": "2024-08-06T01:50:46.142Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-11220 (GCVE-0-2017-11220)
Vulnerability from cvelistv5
Published
2017-08-11 19:00
Modified
2024-09-17 04:25
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Heap Overflow
Summary
Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable heap overflow vulnerability in an internal data structure. Successful exploitation could lead to arbitrary code execution.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Adobe Systems Incorporated | Acrobat Reader |
Version: 2017.009.20058 and earlier Version: 2017.008.30051 and earlier Version: 2015.006.30306 and earlier Version: 11.0.20 and earlier |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T18:05:28.710Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "100180",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/100180"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"name": "1039098",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1039098"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe Systems Incorporated",
"versions": [
{
"status": "affected",
"version": "2017.009.20058 and earlier"
},
{
"status": "affected",
"version": "2017.008.30051 and earlier"
},
{
"status": "affected",
"version": "2015.006.30306 and earlier"
},
{
"status": "affected",
"version": "11.0.20 and earlier"
}
]
}
],
"datePublic": "2017-08-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable heap overflow vulnerability in an internal data structure. Successful exploitation could lead to arbitrary code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Heap Overflow",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-12T09:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "100180",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/100180"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"name": "1039098",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1039098"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2017-08-08T00:00:00",
"ID": "CVE-2017-11220",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_value": "2017.009.20058 and earlier"
},
{
"version_value": "2017.008.30051 and earlier"
},
{
"version_value": "2015.006.30306 and earlier"
},
{
"version_value": "11.0.20 and earlier"
}
]
}
}
]
},
"vendor_name": "Adobe Systems Incorporated"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable heap overflow vulnerability in an internal data structure. Successful exploitation could lead to arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Heap Overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "100180",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/100180"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"name": "1039098",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039098"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2017-11220",
"datePublished": "2017-08-11T19:00:00Z",
"dateReserved": "2017-07-13T00:00:00",
"dateUpdated": "2024-09-17T04:25:13.124Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-1047 (GCVE-0-2016-1047)
Vulnerability from cvelistv5
Published
2016-05-11 10:00
Modified
2024-08-05 22:38
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1045, CVE-2016-1046, CVE-2016-1048, CVE-2016-1049, CVE-2016-1050, CVE-2016-1051, CVE-2016-1052, CVE-2016-1053, CVE-2016-1054, CVE-2016-1055, CVE-2016-1056, CVE-2016-1057, CVE-2016-1058, CVE-2016-1059, CVE-2016-1060, CVE-2016-1061, CVE-2016-1065, CVE-2016-1066, CVE-2016-1067, CVE-2016-1068, CVE-2016-1069, CVE-2016-1070, CVE-2016-1075, CVE-2016-1094, CVE-2016-1121, CVE-2016-1122, CVE-2016-4102, and CVE-2016-4107.
References
| ► | URL | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T22:38:41.550Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "90512",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/90512"
},
{
"name": "1035828",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1035828"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-295"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-05-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1045, CVE-2016-1046, CVE-2016-1048, CVE-2016-1049, CVE-2016-1050, CVE-2016-1051, CVE-2016-1052, CVE-2016-1053, CVE-2016-1054, CVE-2016-1055, CVE-2016-1056, CVE-2016-1057, CVE-2016-1058, CVE-2016-1059, CVE-2016-1060, CVE-2016-1061, CVE-2016-1065, CVE-2016-1066, CVE-2016-1067, CVE-2016-1068, CVE-2016-1069, CVE-2016-1070, CVE-2016-1075, CVE-2016-1094, CVE-2016-1121, CVE-2016-1122, CVE-2016-4102, and CVE-2016-4107."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-11-29T16:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "90512",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/90512"
},
{
"name": "1035828",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1035828"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-295"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-1047",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1045, CVE-2016-1046, CVE-2016-1048, CVE-2016-1049, CVE-2016-1050, CVE-2016-1051, CVE-2016-1052, CVE-2016-1053, CVE-2016-1054, CVE-2016-1055, CVE-2016-1056, CVE-2016-1057, CVE-2016-1058, CVE-2016-1059, CVE-2016-1060, CVE-2016-1061, CVE-2016-1065, CVE-2016-1066, CVE-2016-1067, CVE-2016-1068, CVE-2016-1069, CVE-2016-1070, CVE-2016-1075, CVE-2016-1094, CVE-2016-1121, CVE-2016-1122, CVE-2016-4102, and CVE-2016-4107."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "90512",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/90512"
},
{
"name": "1035828",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-16-295",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-295"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2016-1047",
"datePublished": "2016-05-11T10:00:00",
"dateReserved": "2015-12-22T00:00:00",
"dateUpdated": "2024-08-05T22:38:41.550Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-4270 (GCVE-0-2016-4270)
Vulnerability from cvelistv5
Published
2016-08-26 19:00
Modified
2024-08-06 00:25
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4191, CVE-2016-4192, CVE-2016-4193, CVE-2016-4194, CVE-2016-4195, CVE-2016-4196, CVE-2016-4197, CVE-2016-4198, CVE-2016-4199, CVE-2016-4200, CVE-2016-4201, CVE-2016-4202, CVE-2016-4203, CVE-2016-4204, CVE-2016-4205, CVE-2016-4206, CVE-2016-4207, CVE-2016-4208, CVE-2016-4211, CVE-2016-4212, CVE-2016-4213, CVE-2016-4214, CVE-2016-4250, CVE-2016-4251, CVE-2016-4252, CVE-2016-4254, CVE-2016-4265, CVE-2016-4266, CVE-2016-4267, CVE-2016-4268, and CVE-2016-4269.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T00:25:14.325Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "92635",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/92635"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-493"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-08-23T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4191, CVE-2016-4192, CVE-2016-4193, CVE-2016-4194, CVE-2016-4195, CVE-2016-4196, CVE-2016-4197, CVE-2016-4198, CVE-2016-4199, CVE-2016-4200, CVE-2016-4201, CVE-2016-4202, CVE-2016-4203, CVE-2016-4204, CVE-2016-4205, CVE-2016-4206, CVE-2016-4207, CVE-2016-4208, CVE-2016-4211, CVE-2016-4212, CVE-2016-4213, CVE-2016-4214, CVE-2016-4250, CVE-2016-4251, CVE-2016-4252, CVE-2016-4254, CVE-2016-4265, CVE-2016-4266, CVE-2016-4267, CVE-2016-4268, and CVE-2016-4269."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-11-25T20:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "92635",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/92635"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-493"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-4270",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4191, CVE-2016-4192, CVE-2016-4193, CVE-2016-4194, CVE-2016-4195, CVE-2016-4196, CVE-2016-4197, CVE-2016-4198, CVE-2016-4199, CVE-2016-4200, CVE-2016-4201, CVE-2016-4202, CVE-2016-4203, CVE-2016-4204, CVE-2016-4205, CVE-2016-4206, CVE-2016-4207, CVE-2016-4208, CVE-2016-4211, CVE-2016-4212, CVE-2016-4213, CVE-2016-4214, CVE-2016-4250, CVE-2016-4251, CVE-2016-4252, CVE-2016-4254, CVE-2016-4265, CVE-2016-4266, CVE-2016-4267, CVE-2016-4268, and CVE-2016-4269."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "92635",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/92635"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html"
},
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-16-493",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-493"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2016-4270",
"datePublished": "2016-08-26T19:00:00",
"dateReserved": "2016-04-27T00:00:00",
"dateUpdated": "2024-08-06T00:25:14.325Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-11267 (GCVE-0-2017-11267)
Vulnerability from cvelistv5
Published
2017-08-11 19:00
Modified
2024-09-17 02:36
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Memory Corruption
Summary
Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conversion engine when processing Enhanced Metafile Format (EMF) private data interpreted as JPEG data. Successful exploitation could lead to arbitrary code execution.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Adobe Systems Incorporated | Acrobat Reader |
Version: 2017.009.20058 and earlier Version: 2017.008.30051 and earlier Version: 2015.006.30306 and earlier Version: 11.0.20 and earlier |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T18:05:29.944Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"name": "1039098",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1039098"
},
{
"name": "100179",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/100179"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe Systems Incorporated",
"versions": [
{
"status": "affected",
"version": "2017.009.20058 and earlier"
},
{
"status": "affected",
"version": "2017.008.30051 and earlier"
},
{
"status": "affected",
"version": "2015.006.30306 and earlier"
},
{
"status": "affected",
"version": "11.0.20 and earlier"
}
]
}
],
"datePublic": "2017-08-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conversion engine when processing Enhanced Metafile Format (EMF) private data interpreted as JPEG data. Successful exploitation could lead to arbitrary code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Memory Corruption",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-12T09:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"name": "1039098",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1039098"
},
{
"name": "100179",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/100179"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2017-08-08T00:00:00",
"ID": "CVE-2017-11267",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_value": "2017.009.20058 and earlier"
},
{
"version_value": "2017.008.30051 and earlier"
},
{
"version_value": "2015.006.30306 and earlier"
},
{
"version_value": "11.0.20 and earlier"
}
]
}
}
]
},
"vendor_name": "Adobe Systems Incorporated"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conversion engine when processing Enhanced Metafile Format (EMF) private data interpreted as JPEG data. Successful exploitation could lead to arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Memory Corruption"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"name": "1039098",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039098"
},
{
"name": "100179",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/100179"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2017-11267",
"datePublished": "2017-08-11T19:00:00Z",
"dateReserved": "2017-07-13T00:00:00",
"dateUpdated": "2024-09-17T02:36:46.357Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-1087 (GCVE-0-2016-1087)
Vulnerability from cvelistv5
Published
2016-05-11 10:00
Modified
2024-08-05 22:38
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Untrusted search path vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allows local users to gain privileges via a Trojan horse resource in an unspecified directory, a different vulnerability than CVE-2016-1090 and CVE-2016-4106.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T22:38:41.771Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1035828",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1035828"
},
{
"name": "90513",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/90513"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-05-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Untrusted search path vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allows local users to gain privileges via a Trojan horse resource in an unspecified directory, a different vulnerability than CVE-2016-1090 and CVE-2016-4106."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-11-29T16:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "1035828",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1035828"
},
{
"name": "90513",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/90513"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-1087",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Untrusted search path vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allows local users to gain privileges via a Trojan horse resource in an unspecified directory, a different vulnerability than CVE-2016-1090 and CVE-2016-4106."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1035828",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"name": "90513",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/90513"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2016-1087",
"datePublished": "2016-05-11T10:00:00",
"dateReserved": "2015-12-22T00:00:00",
"dateUpdated": "2024-08-05T22:38:41.771Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-1040 (GCVE-0-2016-1040)
Vulnerability from cvelistv5
Published
2016-05-11 10:00
Modified
2024-08-05 22:38
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to bypass JavaScript API execution restrictions via unspecified vectors, a different vulnerability than CVE-2016-1038, CVE-2016-1039, CVE-2016-1041, CVE-2016-1042, CVE-2016-1044, CVE-2016-1062, and CVE-2016-1117.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T22:38:41.616Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1035828",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1035828"
},
{
"name": "90517",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/90517"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-05-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to bypass JavaScript API execution restrictions via unspecified vectors, a different vulnerability than CVE-2016-1038, CVE-2016-1039, CVE-2016-1041, CVE-2016-1042, CVE-2016-1044, CVE-2016-1062, and CVE-2016-1117."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-11-29T16:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "1035828",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1035828"
},
{
"name": "90517",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/90517"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-1040",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to bypass JavaScript API execution restrictions via unspecified vectors, a different vulnerability than CVE-2016-1038, CVE-2016-1039, CVE-2016-1041, CVE-2016-1042, CVE-2016-1044, CVE-2016-1062, and CVE-2016-1117."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1035828",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"name": "90517",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/90517"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2016-1040",
"datePublished": "2016-05-11T10:00:00",
"dateReserved": "2015-12-22T00:00:00",
"dateUpdated": "2024-08-05T22:38:41.616Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-1093 (GCVE-0-2016-1093)
Vulnerability from cvelistv5
Published
2016-05-11 10:00
Modified
2024-08-05 22:48
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T22:48:12.054Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1035828",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1035828"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-05-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-11-29T16:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "1035828",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1035828"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-1093",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1035828",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2016-1093",
"datePublished": "2016-05-11T10:00:00",
"dateReserved": "2015-12-22T00:00:00",
"dateUpdated": "2024-08-05T22:48:12.054Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-3011 (GCVE-0-2017-3011)
Vulnerability from cvelistv5
Published
2017-04-12 14:00
Modified
2024-08-05 14:09
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Integer Overflow
Summary
Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable integer overflow vulnerability in the CCITT fax PDF filter. Successful exploitation could lead to arbitrary code execution.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier. |
Version: Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier. |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T14:09:18.140Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "97548",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/97548"
},
{
"name": "1038228",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1038228"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier.",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier."
}
]
}
],
"datePublic": "2017-04-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable integer overflow vulnerability in the CCITT fax PDF filter. Successful exploitation could lead to arbitrary code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Integer Overflow",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T09:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "97548",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/97548"
},
{
"name": "1038228",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1038228"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2017-3011",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier.",
"version": {
"version_data": [
{
"version_value": "Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier."
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable integer overflow vulnerability in the CCITT fax PDF filter. Successful exploitation could lead to arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Integer Overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "97548",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/97548"
},
{
"name": "1038228",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038228"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2017-3011",
"datePublished": "2017-04-12T14:00:00",
"dateReserved": "2016-12-02T00:00:00",
"dateUpdated": "2024-08-05T14:09:18.140Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-4196 (GCVE-0-2016-4196)
Vulnerability from cvelistv5
Published
2016-07-13 01:00
Modified
2024-08-06 00:17
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4191, CVE-2016-4192, CVE-2016-4193, CVE-2016-4194, CVE-2016-4195, CVE-2016-4197, CVE-2016-4198, CVE-2016-4199, CVE-2016-4200, CVE-2016-4201, CVE-2016-4202, CVE-2016-4203, CVE-2016-4204, CVE-2016-4205, CVE-2016-4206, CVE-2016-4207, CVE-2016-4208, CVE-2016-4211, CVE-2016-4212, CVE-2016-4213, CVE-2016-4214, CVE-2016-4250, CVE-2016-4251, CVE-2016-4252, and CVE-2016-4254.
References
| ► | URL | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T00:17:31.380Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "91716",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/91716"
},
{
"name": "1036281",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1036281"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-416"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-07-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4191, CVE-2016-4192, CVE-2016-4193, CVE-2016-4194, CVE-2016-4195, CVE-2016-4197, CVE-2016-4198, CVE-2016-4199, CVE-2016-4200, CVE-2016-4201, CVE-2016-4202, CVE-2016-4203, CVE-2016-4204, CVE-2016-4205, CVE-2016-4206, CVE-2016-4207, CVE-2016-4208, CVE-2016-4211, CVE-2016-4212, CVE-2016-4213, CVE-2016-4214, CVE-2016-4250, CVE-2016-4251, CVE-2016-4252, and CVE-2016-4254."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-31T09:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "91716",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/91716"
},
{
"name": "1036281",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1036281"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-416"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-4196",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4191, CVE-2016-4192, CVE-2016-4193, CVE-2016-4194, CVE-2016-4195, CVE-2016-4197, CVE-2016-4198, CVE-2016-4199, CVE-2016-4200, CVE-2016-4201, CVE-2016-4202, CVE-2016-4203, CVE-2016-4204, CVE-2016-4205, CVE-2016-4206, CVE-2016-4207, CVE-2016-4208, CVE-2016-4211, CVE-2016-4212, CVE-2016-4213, CVE-2016-4214, CVE-2016-4250, CVE-2016-4251, CVE-2016-4252, and CVE-2016-4254."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "91716",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/91716"
},
{
"name": "1036281",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036281"
},
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-16-416",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-416"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2016-4196",
"datePublished": "2016-07-13T01:00:00",
"dateReserved": "2016-04-27T00:00:00",
"dateUpdated": "2024-08-06T00:17:31.380Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-1065 (GCVE-0-2016-1065)
Vulnerability from cvelistv5
Published
2016-05-11 10:00
Modified
2024-08-05 22:38
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1045, CVE-2016-1046, CVE-2016-1047, CVE-2016-1048, CVE-2016-1049, CVE-2016-1050, CVE-2016-1051, CVE-2016-1052, CVE-2016-1053, CVE-2016-1054, CVE-2016-1055, CVE-2016-1056, CVE-2016-1057, CVE-2016-1058, CVE-2016-1059, CVE-2016-1060, CVE-2016-1061, CVE-2016-1066, CVE-2016-1067, CVE-2016-1068, CVE-2016-1069, CVE-2016-1070, CVE-2016-1075, CVE-2016-1094, CVE-2016-1121, CVE-2016-1122, CVE-2016-4102, and CVE-2016-4107.
References
| ► | URL | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T22:38:41.593Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "90512",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/90512"
},
{
"name": "1035828",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1035828"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-312"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-05-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1045, CVE-2016-1046, CVE-2016-1047, CVE-2016-1048, CVE-2016-1049, CVE-2016-1050, CVE-2016-1051, CVE-2016-1052, CVE-2016-1053, CVE-2016-1054, CVE-2016-1055, CVE-2016-1056, CVE-2016-1057, CVE-2016-1058, CVE-2016-1059, CVE-2016-1060, CVE-2016-1061, CVE-2016-1066, CVE-2016-1067, CVE-2016-1068, CVE-2016-1069, CVE-2016-1070, CVE-2016-1075, CVE-2016-1094, CVE-2016-1121, CVE-2016-1122, CVE-2016-4102, and CVE-2016-4107."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-11-29T16:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "90512",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/90512"
},
{
"name": "1035828",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1035828"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-312"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-1065",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1045, CVE-2016-1046, CVE-2016-1047, CVE-2016-1048, CVE-2016-1049, CVE-2016-1050, CVE-2016-1051, CVE-2016-1052, CVE-2016-1053, CVE-2016-1054, CVE-2016-1055, CVE-2016-1056, CVE-2016-1057, CVE-2016-1058, CVE-2016-1059, CVE-2016-1060, CVE-2016-1061, CVE-2016-1066, CVE-2016-1067, CVE-2016-1068, CVE-2016-1069, CVE-2016-1070, CVE-2016-1075, CVE-2016-1094, CVE-2016-1121, CVE-2016-1122, CVE-2016-4102, and CVE-2016-4107."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "90512",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/90512"
},
{
"name": "1035828",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-16-312",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-312"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2016-1065",
"datePublished": "2016-05-11T10:00:00",
"dateReserved": "2015-12-22T00:00:00",
"dateUpdated": "2024-08-05T22:38:41.593Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-11255 (GCVE-0-2017-11255)
Vulnerability from cvelistv5
Published
2017-08-11 19:00
Modified
2024-09-16 16:28
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Memory Corruption
Summary
Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conversion engine when processing TIFF color map data. Successful exploitation could lead to arbitrary code execution.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Adobe Systems Incorporated | Acrobat Reader |
Version: 2017.009.20058 and earlier Version: 2017.008.30051 and earlier Version: 2015.006.30306 and earlier Version: 11.0.20 and earlier |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T18:05:30.309Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "100184",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/100184"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"name": "1039098",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1039098"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe Systems Incorporated",
"versions": [
{
"status": "affected",
"version": "2017.009.20058 and earlier"
},
{
"status": "affected",
"version": "2017.008.30051 and earlier"
},
{
"status": "affected",
"version": "2015.006.30306 and earlier"
},
{
"status": "affected",
"version": "11.0.20 and earlier"
}
]
}
],
"datePublic": "2017-08-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conversion engine when processing TIFF color map data. Successful exploitation could lead to arbitrary code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Memory Corruption",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-12T09:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "100184",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/100184"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"name": "1039098",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1039098"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2017-08-08T00:00:00",
"ID": "CVE-2017-11255",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_value": "2017.009.20058 and earlier"
},
{
"version_value": "2017.008.30051 and earlier"
},
{
"version_value": "2015.006.30306 and earlier"
},
{
"version_value": "11.0.20 and earlier"
}
]
}
}
]
},
"vendor_name": "Adobe Systems Incorporated"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conversion engine when processing TIFF color map data. Successful exploitation could lead to arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Memory Corruption"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "100184",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/100184"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"name": "1039098",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039098"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2017-11255",
"datePublished": "2017-08-11T19:00:00Z",
"dateReserved": "2017-07-13T00:00:00",
"dateUpdated": "2024-09-16T16:28:07.590Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-3040 (GCVE-0-2017-3040)
Vulnerability from cvelistv5
Published
2017-04-12 14:00
Modified
2024-08-05 14:16
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Memory Corruption
Summary
Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability in the JBIG2 image compression module. Successful exploitation could lead to arbitrary code execution.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier. |
Version: Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier. |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T14:16:26.462Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1038228",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1038228"
},
{
"name": "97556",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/97556"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier.",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier."
}
]
}
],
"datePublic": "2017-04-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability in the JBIG2 image compression module. Successful exploitation could lead to arbitrary code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Memory Corruption",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T09:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "1038228",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1038228"
},
{
"name": "97556",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/97556"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2017-3040",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier.",
"version": {
"version_data": [
{
"version_value": "Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier."
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability in the JBIG2 image compression module. Successful exploitation could lead to arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Memory Corruption"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1038228",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038228"
},
{
"name": "97556",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/97556"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2017-3040",
"datePublished": "2017-04-12T14:00:00",
"dateReserved": "2016-12-02T00:00:00",
"dateUpdated": "2024-08-05T14:16:26.462Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-1038 (GCVE-0-2016-1038)
Vulnerability from cvelistv5
Published
2016-05-11 10:00
Modified
2024-08-05 22:38
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to bypass JavaScript API execution restrictions via unspecified vectors, a different vulnerability than CVE-2016-1039, CVE-2016-1040, CVE-2016-1041, CVE-2016-1042, CVE-2016-1044, CVE-2016-1062, and CVE-2016-1117.
References
| ► | URL | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T22:38:41.730Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-292"
},
{
"name": "1035828",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1035828"
},
{
"name": "90517",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/90517"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-05-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to bypass JavaScript API execution restrictions via unspecified vectors, a different vulnerability than CVE-2016-1039, CVE-2016-1040, CVE-2016-1041, CVE-2016-1042, CVE-2016-1044, CVE-2016-1062, and CVE-2016-1117."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-11-29T16:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-292"
},
{
"name": "1035828",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1035828"
},
{
"name": "90517",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/90517"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-1038",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to bypass JavaScript API execution restrictions via unspecified vectors, a different vulnerability than CVE-2016-1039, CVE-2016-1040, CVE-2016-1041, CVE-2016-1042, CVE-2016-1044, CVE-2016-1062, and CVE-2016-1117."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-16-292",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-292"
},
{
"name": "1035828",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"name": "90517",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/90517"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2016-1038",
"datePublished": "2016-05-11T10:00:00",
"dateReserved": "2015-12-22T00:00:00",
"dateUpdated": "2024-08-05T22:38:41.730Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-11234 (GCVE-0-2017-11234)
Vulnerability from cvelistv5
Published
2017-08-11 19:00
Modified
2024-09-16 19:11
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Memory Corruption
Summary
Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conversion engine when processing TIFF data related to the way how the components of each pixel are stored. Successful exploitation could lead to arbitrary code execution.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Adobe Systems Incorporated | Acrobat Reader |
Version: 2017.009.20058 and earlier Version: 2017.008.30051 and earlier Version: 2015.006.30306 and earlier Version: 11.0.20 and earlier |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T18:05:29.908Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"name": "1039098",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1039098"
},
{
"name": "100179",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/100179"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe Systems Incorporated",
"versions": [
{
"status": "affected",
"version": "2017.009.20058 and earlier"
},
{
"status": "affected",
"version": "2017.008.30051 and earlier"
},
{
"status": "affected",
"version": "2015.006.30306 and earlier"
},
{
"status": "affected",
"version": "11.0.20 and earlier"
}
]
}
],
"datePublic": "2017-08-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conversion engine when processing TIFF data related to the way how the components of each pixel are stored. Successful exploitation could lead to arbitrary code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Memory Corruption",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-12T09:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"name": "1039098",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1039098"
},
{
"name": "100179",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/100179"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2017-08-08T00:00:00",
"ID": "CVE-2017-11234",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_value": "2017.009.20058 and earlier"
},
{
"version_value": "2017.008.30051 and earlier"
},
{
"version_value": "2015.006.30306 and earlier"
},
{
"version_value": "11.0.20 and earlier"
}
]
}
}
]
},
"vendor_name": "Adobe Systems Incorporated"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conversion engine when processing TIFF data related to the way how the components of each pixel are stored. Successful exploitation could lead to arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Memory Corruption"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"name": "1039098",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039098"
},
{
"name": "100179",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/100179"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2017-11234",
"datePublished": "2017-08-11T19:00:00Z",
"dateReserved": "2017-07-13T00:00:00",
"dateUpdated": "2024-09-16T19:11:01.137Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-3022 (GCVE-0-2017-3022)
Vulnerability from cvelistv5
Published
2017-04-12 14:00
Modified
2024-08-05 14:09
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Information Disclosure
Summary
Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have a memory address leak vulnerability when parsing the header of a JPEG 2000 file.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier. |
Version: Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier. |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T14:09:17.773Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "97554",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/97554"
},
{
"name": "1038228",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1038228"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier.",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier."
}
]
}
],
"datePublic": "2017-04-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have a memory address leak vulnerability when parsing the header of a JPEG 2000 file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information Disclosure",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T09:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "97554",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/97554"
},
{
"name": "1038228",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1038228"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2017-3022",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier.",
"version": {
"version_data": [
{
"version_value": "Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier."
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have a memory address leak vulnerability when parsing the header of a JPEG 2000 file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information Disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "97554",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/97554"
},
{
"name": "1038228",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038228"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2017-3022",
"datePublished": "2017-04-12T14:00:00",
"dateReserved": "2016-12-02T00:00:00",
"dateUpdated": "2024-08-05T14:09:17.773Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-11211 (GCVE-0-2017-11211)
Vulnerability from cvelistv5
Published
2017-08-11 19:00
Modified
2024-09-16 16:53
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Heap Overflow
Summary
Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable heap overflow vulnerability in the JPEG parser. Successful exploitation could lead to arbitrary code execution.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Adobe Systems Incorporated | Acrobat Reader |
Version: 2017.009.20058 and earlier Version: 2017.008.30051 and earlier Version: 2015.006.30306 and earlier Version: 11.0.20 and earlier |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T18:05:28.573Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "100180",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/100180"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"name": "1039098",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1039098"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe Systems Incorporated",
"versions": [
{
"status": "affected",
"version": "2017.009.20058 and earlier"
},
{
"status": "affected",
"version": "2017.008.30051 and earlier"
},
{
"status": "affected",
"version": "2015.006.30306 and earlier"
},
{
"status": "affected",
"version": "11.0.20 and earlier"
}
]
}
],
"datePublic": "2017-08-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable heap overflow vulnerability in the JPEG parser. Successful exploitation could lead to arbitrary code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Heap Overflow",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-12T09:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "100180",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/100180"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"name": "1039098",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1039098"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2017-08-08T00:00:00",
"ID": "CVE-2017-11211",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_value": "2017.009.20058 and earlier"
},
{
"version_value": "2017.008.30051 and earlier"
},
{
"version_value": "2015.006.30306 and earlier"
},
{
"version_value": "11.0.20 and earlier"
}
]
}
}
]
},
"vendor_name": "Adobe Systems Incorporated"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable heap overflow vulnerability in the JPEG parser. Successful exploitation could lead to arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Heap Overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "100180",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/100180"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"name": "1039098",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039098"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2017-11211",
"datePublished": "2017-08-11T19:00:00Z",
"dateReserved": "2017-07-13T00:00:00",
"dateUpdated": "2024-09-16T16:53:41.727Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-11233 (GCVE-0-2017-11233)
Vulnerability from cvelistv5
Published
2017-08-11 19:00
Modified
2024-09-16 22:29
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Memory Corruption
Summary
Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conversion engine when processing Enhanced Metafile Format (EMF) data related to block transfer of pixels. Successful exploitation could lead to arbitrary code execution.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Adobe Systems Incorporated | Acrobat Reader |
Version: 2017.009.20058 and earlier Version: 2017.008.30051 and earlier Version: 2015.006.30306 and earlier Version: 11.0.20 and earlier |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T18:05:29.960Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "100184",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/100184"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"name": "1039098",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1039098"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe Systems Incorporated",
"versions": [
{
"status": "affected",
"version": "2017.009.20058 and earlier"
},
{
"status": "affected",
"version": "2017.008.30051 and earlier"
},
{
"status": "affected",
"version": "2015.006.30306 and earlier"
},
{
"status": "affected",
"version": "11.0.20 and earlier"
}
]
}
],
"datePublic": "2017-08-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conversion engine when processing Enhanced Metafile Format (EMF) data related to block transfer of pixels. Successful exploitation could lead to arbitrary code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Memory Corruption",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-12T09:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "100184",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/100184"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"name": "1039098",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1039098"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2017-08-08T00:00:00",
"ID": "CVE-2017-11233",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_value": "2017.009.20058 and earlier"
},
{
"version_value": "2017.008.30051 and earlier"
},
{
"version_value": "2015.006.30306 and earlier"
},
{
"version_value": "11.0.20 and earlier"
}
]
}
}
]
},
"vendor_name": "Adobe Systems Incorporated"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conversion engine when processing Enhanced Metafile Format (EMF) data related to block transfer of pixels. Successful exploitation could lead to arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Memory Corruption"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "100184",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/100184"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"name": "1039098",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039098"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2017-11233",
"datePublished": "2017-08-11T19:00:00Z",
"dateReserved": "2017-07-13T00:00:00",
"dateUpdated": "2024-09-16T22:29:48.867Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-6946 (GCVE-0-2016-6946)
Vulnerability from cvelistv5
Published
2016-10-13 19:00
Modified
2024-08-06 01:43
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1089, CVE-2016-1091, CVE-2016-6944, CVE-2016-6945, CVE-2016-6949, CVE-2016-6952, CVE-2016-6953, CVE-2016-6961, CVE-2016-6962, CVE-2016-6963, CVE-2016-6964, CVE-2016-6965, CVE-2016-6967, CVE-2016-6968, CVE-2016-6969, CVE-2016-6971, CVE-2016-6979, CVE-2016-6988, and CVE-2016-6993.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T01:43:38.620Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1036986",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1036986"
},
{
"name": "93491",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/93491"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-10-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1089, CVE-2016-1091, CVE-2016-6944, CVE-2016-6945, CVE-2016-6949, CVE-2016-6952, CVE-2016-6953, CVE-2016-6961, CVE-2016-6962, CVE-2016-6963, CVE-2016-6964, CVE-2016-6965, CVE-2016-6967, CVE-2016-6968, CVE-2016-6969, CVE-2016-6971, CVE-2016-6979, CVE-2016-6988, and CVE-2016-6993."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-29T09:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "1036986",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1036986"
},
{
"name": "93491",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/93491"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-6946",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1089, CVE-2016-1091, CVE-2016-6944, CVE-2016-6945, CVE-2016-6949, CVE-2016-6952, CVE-2016-6953, CVE-2016-6961, CVE-2016-6962, CVE-2016-6963, CVE-2016-6964, CVE-2016-6965, CVE-2016-6967, CVE-2016-6968, CVE-2016-6969, CVE-2016-6971, CVE-2016-6979, CVE-2016-6988, and CVE-2016-6993."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1036986",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"name": "93491",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93491"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2016-6946",
"datePublished": "2016-10-13T19:00:00",
"dateReserved": "2016-08-23T00:00:00",
"dateUpdated": "2024-08-06T01:43:38.620Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-4200 (GCVE-0-2016-4200)
Vulnerability from cvelistv5
Published
2016-07-13 01:00
Modified
2024-08-06 00:17
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4191, CVE-2016-4192, CVE-2016-4193, CVE-2016-4194, CVE-2016-4195, CVE-2016-4196, CVE-2016-4197, CVE-2016-4198, CVE-2016-4199, CVE-2016-4201, CVE-2016-4202, CVE-2016-4203, CVE-2016-4204, CVE-2016-4205, CVE-2016-4206, CVE-2016-4207, CVE-2016-4208, CVE-2016-4211, CVE-2016-4212, CVE-2016-4213, CVE-2016-4214, CVE-2016-4250, CVE-2016-4251, CVE-2016-4252, and CVE-2016-4254.
References
| ► | URL | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T00:17:31.352Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "91716",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/91716"
},
{
"name": "1036281",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1036281"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-419"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-07-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4191, CVE-2016-4192, CVE-2016-4193, CVE-2016-4194, CVE-2016-4195, CVE-2016-4196, CVE-2016-4197, CVE-2016-4198, CVE-2016-4199, CVE-2016-4201, CVE-2016-4202, CVE-2016-4203, CVE-2016-4204, CVE-2016-4205, CVE-2016-4206, CVE-2016-4207, CVE-2016-4208, CVE-2016-4211, CVE-2016-4212, CVE-2016-4213, CVE-2016-4214, CVE-2016-4250, CVE-2016-4251, CVE-2016-4252, and CVE-2016-4254."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-31T09:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "91716",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/91716"
},
{
"name": "1036281",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1036281"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-419"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-4200",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4191, CVE-2016-4192, CVE-2016-4193, CVE-2016-4194, CVE-2016-4195, CVE-2016-4196, CVE-2016-4197, CVE-2016-4198, CVE-2016-4199, CVE-2016-4201, CVE-2016-4202, CVE-2016-4203, CVE-2016-4204, CVE-2016-4205, CVE-2016-4206, CVE-2016-4207, CVE-2016-4208, CVE-2016-4211, CVE-2016-4212, CVE-2016-4213, CVE-2016-4214, CVE-2016-4250, CVE-2016-4251, CVE-2016-4252, and CVE-2016-4254."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "91716",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/91716"
},
{
"name": "1036281",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036281"
},
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-16-419",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-419"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2016-4200",
"datePublished": "2016-07-13T01:00:00",
"dateReserved": "2016-04-27T00:00:00",
"dateUpdated": "2024-08-06T00:17:31.352Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-3038 (GCVE-0-2017-3038)
Vulnerability from cvelistv5
Published
2017-04-12 14:00
Modified
2024-08-05 14:16
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Memory Corruption
Summary
Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability when parsing TTF (TrueType font format) stream data. Successful exploitation could lead to arbitrary code execution.
References
| ► | URL | Tags | |||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier. |
Version: Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier. |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T14:16:26.434Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"name": "1039098",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1039098"
},
{
"name": "1038228",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1038228"
},
{
"name": "97556",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/97556"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier.",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier."
}
]
}
],
"datePublic": "2017-04-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability when parsing TTF (TrueType font format) stream data. Successful exploitation could lead to arbitrary code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Memory Corruption",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-11T19:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"name": "1039098",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1039098"
},
{
"name": "1038228",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1038228"
},
{
"name": "97556",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/97556"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2017-3038",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier.",
"version": {
"version_data": [
{
"version_value": "Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier."
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability when parsing TTF (TrueType font format) stream data. Successful exploitation could lead to arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Memory Corruption"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"name": "1039098",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039098"
},
{
"name": "1038228",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038228"
},
{
"name": "97556",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/97556"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2017-3038",
"datePublished": "2017-04-12T14:00:00",
"dateReserved": "2016-12-02T00:00:00",
"dateUpdated": "2024-08-05T14:16:26.434Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-6996 (GCVE-0-2016-6996)
Vulnerability from cvelistv5
Published
2016-10-13 19:00
Modified
2024-08-06 01:50
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T01:50:47.340Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1036986",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1036986"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"name": "93496",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/93496"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-10-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-29T09:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "1036986",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1036986"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"name": "93496",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/93496"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-6996",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1036986",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"name": "93496",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93496"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2016-6996",
"datePublished": "2016-10-13T19:00:00",
"dateReserved": "2016-08-23T00:00:00",
"dateUpdated": "2024-08-06T01:50:47.340Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-4266 (GCVE-0-2016-4266)
Vulnerability from cvelistv5
Published
2016-08-26 19:00
Modified
2024-08-06 00:25
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4191, CVE-2016-4192, CVE-2016-4193, CVE-2016-4194, CVE-2016-4195, CVE-2016-4196, CVE-2016-4197, CVE-2016-4198, CVE-2016-4199, CVE-2016-4200, CVE-2016-4201, CVE-2016-4202, CVE-2016-4203, CVE-2016-4204, CVE-2016-4205, CVE-2016-4206, CVE-2016-4207, CVE-2016-4208, CVE-2016-4211, CVE-2016-4212, CVE-2016-4213, CVE-2016-4214, CVE-2016-4250, CVE-2016-4251, CVE-2016-4252, CVE-2016-4254, CVE-2016-4265, CVE-2016-4267, CVE-2016-4268, CVE-2016-4269, and CVE-2016-4270.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T00:25:13.820Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-489"
},
{
"name": "92636",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/92636"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-08-23T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4191, CVE-2016-4192, CVE-2016-4193, CVE-2016-4194, CVE-2016-4195, CVE-2016-4196, CVE-2016-4197, CVE-2016-4198, CVE-2016-4199, CVE-2016-4200, CVE-2016-4201, CVE-2016-4202, CVE-2016-4203, CVE-2016-4204, CVE-2016-4205, CVE-2016-4206, CVE-2016-4207, CVE-2016-4208, CVE-2016-4211, CVE-2016-4212, CVE-2016-4213, CVE-2016-4214, CVE-2016-4250, CVE-2016-4251, CVE-2016-4252, CVE-2016-4254, CVE-2016-4265, CVE-2016-4267, CVE-2016-4268, CVE-2016-4269, and CVE-2016-4270."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-11-25T20:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-489"
},
{
"name": "92636",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/92636"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-4266",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4191, CVE-2016-4192, CVE-2016-4193, CVE-2016-4194, CVE-2016-4195, CVE-2016-4196, CVE-2016-4197, CVE-2016-4198, CVE-2016-4199, CVE-2016-4200, CVE-2016-4201, CVE-2016-4202, CVE-2016-4203, CVE-2016-4204, CVE-2016-4205, CVE-2016-4206, CVE-2016-4207, CVE-2016-4208, CVE-2016-4211, CVE-2016-4212, CVE-2016-4213, CVE-2016-4214, CVE-2016-4250, CVE-2016-4251, CVE-2016-4252, CVE-2016-4254, CVE-2016-4265, CVE-2016-4267, CVE-2016-4268, CVE-2016-4269, and CVE-2016-4270."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html"
},
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-16-489",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-489"
},
{
"name": "92636",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/92636"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2016-4266",
"datePublished": "2016-08-26T19:00:00",
"dateReserved": "2016-04-27T00:00:00",
"dateUpdated": "2024-08-06T00:25:13.820Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-4269 (GCVE-0-2016-4269)
Vulnerability from cvelistv5
Published
2016-08-26 19:00
Modified
2024-08-06 00:25
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4191, CVE-2016-4192, CVE-2016-4193, CVE-2016-4194, CVE-2016-4195, CVE-2016-4196, CVE-2016-4197, CVE-2016-4198, CVE-2016-4199, CVE-2016-4200, CVE-2016-4201, CVE-2016-4202, CVE-2016-4203, CVE-2016-4204, CVE-2016-4205, CVE-2016-4206, CVE-2016-4207, CVE-2016-4208, CVE-2016-4211, CVE-2016-4212, CVE-2016-4213, CVE-2016-4214, CVE-2016-4250, CVE-2016-4251, CVE-2016-4252, CVE-2016-4254, CVE-2016-4265, CVE-2016-4266, CVE-2016-4267, CVE-2016-4268, and CVE-2016-4270.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T00:25:14.192Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "92641",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/92641"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-491"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-08-23T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4191, CVE-2016-4192, CVE-2016-4193, CVE-2016-4194, CVE-2016-4195, CVE-2016-4196, CVE-2016-4197, CVE-2016-4198, CVE-2016-4199, CVE-2016-4200, CVE-2016-4201, CVE-2016-4202, CVE-2016-4203, CVE-2016-4204, CVE-2016-4205, CVE-2016-4206, CVE-2016-4207, CVE-2016-4208, CVE-2016-4211, CVE-2016-4212, CVE-2016-4213, CVE-2016-4214, CVE-2016-4250, CVE-2016-4251, CVE-2016-4252, CVE-2016-4254, CVE-2016-4265, CVE-2016-4266, CVE-2016-4267, CVE-2016-4268, and CVE-2016-4270."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-11-25T20:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "92641",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/92641"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-491"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-4269",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4191, CVE-2016-4192, CVE-2016-4193, CVE-2016-4194, CVE-2016-4195, CVE-2016-4196, CVE-2016-4197, CVE-2016-4198, CVE-2016-4199, CVE-2016-4200, CVE-2016-4201, CVE-2016-4202, CVE-2016-4203, CVE-2016-4204, CVE-2016-4205, CVE-2016-4206, CVE-2016-4207, CVE-2016-4208, CVE-2016-4211, CVE-2016-4212, CVE-2016-4213, CVE-2016-4214, CVE-2016-4250, CVE-2016-4251, CVE-2016-4252, CVE-2016-4254, CVE-2016-4265, CVE-2016-4266, CVE-2016-4267, CVE-2016-4268, and CVE-2016-4270."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "92641",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/92641"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html"
},
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-16-491",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-491"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2016-4269",
"datePublished": "2016-08-26T19:00:00",
"dateReserved": "2016-04-27T00:00:00",
"dateUpdated": "2024-08-06T00:25:14.192Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2009-3459 (GCVE-0-2009-3459)
Vulnerability from cvelistv5
Published
2009-10-13 10:00
Modified
2024-08-07 06:31
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Heap-based buffer overflow in Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 allows remote attackers to execute arbitrary code via a crafted PDF file that triggers memory corruption, as exploited in the wild in October 2009. NOTE: some of these details are obtained from third party information.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T06:31:10.547Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "36983",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/36983"
},
{
"name": "oval:org.mitre.oval:def:6534",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6534"
},
{
"name": "TA09-286B",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA09-286B.html"
},
{
"name": "1023007",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1023007"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.adobe.com/support/security/bulletins/apsb09-15.html"
},
{
"name": "20091009 Adobe Acrobat and Acrobat Reader Remote Code Execution",
"tags": [
"third-party-advisory",
"x_refsource_ISS",
"x_transferred"
],
"url": "http://www.iss.net/threats/348.html"
},
{
"name": "ADV-2009-2851",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/2851"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://isc.sans.org/diary.html?storyid=7300"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://blogs.adobe.com/psirt/2009/10/adobe_reader_and_acrobat_issue_1.html"
},
{
"name": "36600",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/36600"
},
{
"name": "ADV-2009-2898",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/2898"
},
{
"name": "adobe-reader-pdf-code-execution(53691)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/53691"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-10-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 allows remote attackers to execute arbitrary code via a crafted PDF file that triggers memory corruption, as exploited in the wild in October 2009. NOTE: some of these details are obtained from third party information."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-18T12:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "36983",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/36983"
},
{
"name": "oval:org.mitre.oval:def:6534",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6534"
},
{
"name": "TA09-286B",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA09-286B.html"
},
{
"name": "1023007",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1023007"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.adobe.com/support/security/bulletins/apsb09-15.html"
},
{
"name": "20091009 Adobe Acrobat and Acrobat Reader Remote Code Execution",
"tags": [
"third-party-advisory",
"x_refsource_ISS"
],
"url": "http://www.iss.net/threats/348.html"
},
{
"name": "ADV-2009-2851",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/2851"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://isc.sans.org/diary.html?storyid=7300"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://blogs.adobe.com/psirt/2009/10/adobe_reader_and_acrobat_issue_1.html"
},
{
"name": "36600",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/36600"
},
{
"name": "ADV-2009-2898",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/2898"
},
{
"name": "adobe-reader-pdf-code-execution(53691)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/53691"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2009-3459",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Heap-based buffer overflow in Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 allows remote attackers to execute arbitrary code via a crafted PDF file that triggers memory corruption, as exploited in the wild in October 2009. NOTE: some of these details are obtained from third party information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "36983",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/36983"
},
{
"name": "oval:org.mitre.oval:def:6534",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6534"
},
{
"name": "TA09-286B",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA09-286B.html"
},
{
"name": "1023007",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1023007"
},
{
"name": "http://www.adobe.com/support/security/bulletins/apsb09-15.html",
"refsource": "CONFIRM",
"url": "http://www.adobe.com/support/security/bulletins/apsb09-15.html"
},
{
"name": "20091009 Adobe Acrobat and Acrobat Reader Remote Code Execution",
"refsource": "ISS",
"url": "http://www.iss.net/threats/348.html"
},
{
"name": "ADV-2009-2851",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/2851"
},
{
"name": "http://isc.sans.org/diary.html?storyid=7300",
"refsource": "MISC",
"url": "http://isc.sans.org/diary.html?storyid=7300"
},
{
"name": "http://blogs.adobe.com/psirt/2009/10/adobe_reader_and_acrobat_issue_1.html",
"refsource": "CONFIRM",
"url": "http://blogs.adobe.com/psirt/2009/10/adobe_reader_and_acrobat_issue_1.html"
},
{
"name": "36600",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/36600"
},
{
"name": "ADV-2009-2898",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/2898"
},
{
"name": "adobe-reader-pdf-code-execution(53691)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/53691"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2009-3459",
"datePublished": "2009-10-13T10:00:00",
"dateReserved": "2009-09-29T00:00:00",
"dateUpdated": "2024-08-07T06:31:10.547Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-6972 (GCVE-0-2016-6972)
Vulnerability from cvelistv5
Published
2016-10-13 19:00
Modified
2024-08-06 01:43
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T01:43:38.849Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1036986",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1036986"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"name": "93496",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/93496"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-10-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-29T09:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "1036986",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1036986"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"name": "93496",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/93496"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-6972",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1036986",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"name": "93496",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93496"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2016-6972",
"datePublished": "2016-10-13T19:00:00",
"dateReserved": "2016-08-23T00:00:00",
"dateUpdated": "2024-08-06T01:43:38.849Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-4202 (GCVE-0-2016-4202)
Vulnerability from cvelistv5
Published
2016-07-13 01:00
Modified
2024-08-06 00:17
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4191, CVE-2016-4192, CVE-2016-4193, CVE-2016-4194, CVE-2016-4195, CVE-2016-4196, CVE-2016-4197, CVE-2016-4198, CVE-2016-4199, CVE-2016-4200, CVE-2016-4201, CVE-2016-4203, CVE-2016-4204, CVE-2016-4205, CVE-2016-4206, CVE-2016-4207, CVE-2016-4208, CVE-2016-4211, CVE-2016-4212, CVE-2016-4213, CVE-2016-4214, CVE-2016-4250, CVE-2016-4251, CVE-2016-4252, and CVE-2016-4254.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T00:17:31.262Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "91716",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/91716"
},
{
"name": "1036281",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1036281"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-07-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4191, CVE-2016-4192, CVE-2016-4193, CVE-2016-4194, CVE-2016-4195, CVE-2016-4196, CVE-2016-4197, CVE-2016-4198, CVE-2016-4199, CVE-2016-4200, CVE-2016-4201, CVE-2016-4203, CVE-2016-4204, CVE-2016-4205, CVE-2016-4206, CVE-2016-4207, CVE-2016-4208, CVE-2016-4211, CVE-2016-4212, CVE-2016-4213, CVE-2016-4214, CVE-2016-4250, CVE-2016-4251, CVE-2016-4252, and CVE-2016-4254."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-31T09:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "91716",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/91716"
},
{
"name": "1036281",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1036281"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-4202",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4191, CVE-2016-4192, CVE-2016-4193, CVE-2016-4194, CVE-2016-4195, CVE-2016-4196, CVE-2016-4197, CVE-2016-4198, CVE-2016-4199, CVE-2016-4200, CVE-2016-4201, CVE-2016-4203, CVE-2016-4204, CVE-2016-4205, CVE-2016-4206, CVE-2016-4207, CVE-2016-4208, CVE-2016-4211, CVE-2016-4212, CVE-2016-4213, CVE-2016-4214, CVE-2016-4250, CVE-2016-4251, CVE-2016-4252, and CVE-2016-4254."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "91716",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/91716"
},
{
"name": "1036281",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036281"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2016-4202",
"datePublished": "2016-07-13T01:00:00",
"dateReserved": "2016-04-27T00:00:00",
"dateUpdated": "2024-08-06T00:17:31.262Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-4206 (GCVE-0-2016-4206)
Vulnerability from cvelistv5
Published
2016-07-13 01:00
Modified
2024-08-06 00:25
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4191, CVE-2016-4192, CVE-2016-4193, CVE-2016-4194, CVE-2016-4195, CVE-2016-4196, CVE-2016-4197, CVE-2016-4198, CVE-2016-4199, CVE-2016-4200, CVE-2016-4201, CVE-2016-4202, CVE-2016-4203, CVE-2016-4204, CVE-2016-4205, CVE-2016-4207, CVE-2016-4208, CVE-2016-4211, CVE-2016-4212, CVE-2016-4213, CVE-2016-4214, CVE-2016-4250, CVE-2016-4251, CVE-2016-4252, and CVE-2016-4254.
References
| ► | URL | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T00:25:12.826Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "91716",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/91716"
},
{
"name": "1036281",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1036281"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html"
},
{
"name": "40100",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/40100/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-07-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4191, CVE-2016-4192, CVE-2016-4193, CVE-2016-4194, CVE-2016-4195, CVE-2016-4196, CVE-2016-4197, CVE-2016-4198, CVE-2016-4199, CVE-2016-4200, CVE-2016-4201, CVE-2016-4202, CVE-2016-4203, CVE-2016-4204, CVE-2016-4205, CVE-2016-4207, CVE-2016-4208, CVE-2016-4211, CVE-2016-4212, CVE-2016-4213, CVE-2016-4214, CVE-2016-4250, CVE-2016-4251, CVE-2016-4252, and CVE-2016-4254."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-02T09:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "91716",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/91716"
},
{
"name": "1036281",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1036281"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html"
},
{
"name": "40100",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/40100/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-4206",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4191, CVE-2016-4192, CVE-2016-4193, CVE-2016-4194, CVE-2016-4195, CVE-2016-4196, CVE-2016-4197, CVE-2016-4198, CVE-2016-4199, CVE-2016-4200, CVE-2016-4201, CVE-2016-4202, CVE-2016-4203, CVE-2016-4204, CVE-2016-4205, CVE-2016-4207, CVE-2016-4208, CVE-2016-4211, CVE-2016-4212, CVE-2016-4213, CVE-2016-4214, CVE-2016-4250, CVE-2016-4251, CVE-2016-4252, and CVE-2016-4254."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "91716",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/91716"
},
{
"name": "1036281",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036281"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html"
},
{
"name": "40100",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/40100/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2016-4206",
"datePublished": "2016-07-13T01:00:00",
"dateReserved": "2016-04-27T00:00:00",
"dateUpdated": "2024-08-06T00:25:12.826Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-11228 (GCVE-0-2017-11228)
Vulnerability from cvelistv5
Published
2017-08-11 19:00
Modified
2024-09-16 22:40
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Memory Corruption
Summary
Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conversion engine when processing JPEG 2000 (JP2) code stream data. Successful exploitation could lead to arbitrary code execution.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Adobe Systems Incorporated | Acrobat Reader |
Version: 2017.009.20058 and earlier Version: 2017.008.30051 and earlier Version: 2015.006.30306 and earlier Version: 11.0.20 and earlier |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T18:05:29.517Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"name": "1039098",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1039098"
},
{
"name": "100179",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/100179"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe Systems Incorporated",
"versions": [
{
"status": "affected",
"version": "2017.009.20058 and earlier"
},
{
"status": "affected",
"version": "2017.008.30051 and earlier"
},
{
"status": "affected",
"version": "2015.006.30306 and earlier"
},
{
"status": "affected",
"version": "11.0.20 and earlier"
}
]
}
],
"datePublic": "2017-08-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conversion engine when processing JPEG 2000 (JP2) code stream data. Successful exploitation could lead to arbitrary code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Memory Corruption",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-12T09:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"name": "1039098",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1039098"
},
{
"name": "100179",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/100179"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2017-08-08T00:00:00",
"ID": "CVE-2017-11228",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_value": "2017.009.20058 and earlier"
},
{
"version_value": "2017.008.30051 and earlier"
},
{
"version_value": "2015.006.30306 and earlier"
},
{
"version_value": "11.0.20 and earlier"
}
]
}
}
]
},
"vendor_name": "Adobe Systems Incorporated"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conversion engine when processing JPEG 2000 (JP2) code stream data. Successful exploitation could lead to arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Memory Corruption"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"name": "1039098",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039098"
},
{
"name": "100179",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/100179"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2017-11228",
"datePublished": "2017-08-11T19:00:00Z",
"dateReserved": "2017-07-13T00:00:00",
"dateUpdated": "2024-09-16T22:40:00.736Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-2972 (GCVE-0-2017-2972)
Vulnerability from cvelistv5
Published
2017-01-24 07:40
Modified
2024-08-05 14:09
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Memory Corruption
Summary
Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable memory corruption vulnerability in the image conversion module related to JPEG parsing. Successful exploitation could lead to arbitrary code execution.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier. |
Version: Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier. |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T14:09:17.804Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "95690",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/95690"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier.",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier."
}
]
}
],
"datePublic": "2017-01-24T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable memory corruption vulnerability in the image conversion module related to JPEG parsing. Successful exploitation could lead to arbitrary code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Memory Corruption",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-01-24T10:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "95690",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/95690"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2017-2972",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier.",
"version": {
"version_data": [
{
"version_value": "Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier."
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable memory corruption vulnerability in the image conversion module related to JPEG parsing. Successful exploitation could lead to arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Memory Corruption"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "95690",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/95690"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2017-2972",
"datePublished": "2017-01-24T07:40:00",
"dateReserved": "2016-12-02T00:00:00",
"dateUpdated": "2024-08-05T14:09:17.804Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-2957 (GCVE-0-2017-2957)
Vulnerability from cvelistv5
Published
2017-01-11 04:40
Modified
2024-08-05 14:09
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Use After Free
Summary
Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable use after free vulnerability in the JavaScript engine, related to collaboration functionality. Successful exploitation could lead to arbitrary code execution.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier. |
Version: Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier. |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T14:09:17.782Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1037574",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1037574"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html"
},
{
"name": "95343",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/95343"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier.",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier."
}
]
}
],
"datePublic": "2017-01-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable use after free vulnerability in the JavaScript engine, related to collaboration functionality. Successful exploitation could lead to arbitrary code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Use After Free",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-01-12T22:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "1037574",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1037574"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html"
},
{
"name": "95343",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/95343"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2017-2957",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier.",
"version": {
"version_data": [
{
"version_value": "Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier."
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable use after free vulnerability in the JavaScript engine, related to collaboration functionality. Successful exploitation could lead to arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use After Free"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1037574",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037574"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html"
},
{
"name": "95343",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/95343"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2017-2957",
"datePublished": "2017-01-11T04:40:00",
"dateReserved": "2016-12-02T00:00:00",
"dateUpdated": "2024-08-05T14:09:17.782Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-4194 (GCVE-0-2016-4194)
Vulnerability from cvelistv5
Published
2016-07-13 01:00
Modified
2024-08-06 00:17
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4191, CVE-2016-4192, CVE-2016-4193, CVE-2016-4195, CVE-2016-4196, CVE-2016-4197, CVE-2016-4198, CVE-2016-4199, CVE-2016-4200, CVE-2016-4201, CVE-2016-4202, CVE-2016-4203, CVE-2016-4204, CVE-2016-4205, CVE-2016-4206, CVE-2016-4207, CVE-2016-4208, CVE-2016-4211, CVE-2016-4212, CVE-2016-4213, CVE-2016-4214, CVE-2016-4250, CVE-2016-4251, CVE-2016-4252, and CVE-2016-4254.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T00:17:31.277Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "91716",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/91716"
},
{
"name": "1036281",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1036281"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-07-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4191, CVE-2016-4192, CVE-2016-4193, CVE-2016-4195, CVE-2016-4196, CVE-2016-4197, CVE-2016-4198, CVE-2016-4199, CVE-2016-4200, CVE-2016-4201, CVE-2016-4202, CVE-2016-4203, CVE-2016-4204, CVE-2016-4205, CVE-2016-4206, CVE-2016-4207, CVE-2016-4208, CVE-2016-4211, CVE-2016-4212, CVE-2016-4213, CVE-2016-4214, CVE-2016-4250, CVE-2016-4251, CVE-2016-4252, and CVE-2016-4254."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-31T09:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "91716",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/91716"
},
{
"name": "1036281",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1036281"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-4194",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4191, CVE-2016-4192, CVE-2016-4193, CVE-2016-4195, CVE-2016-4196, CVE-2016-4197, CVE-2016-4198, CVE-2016-4199, CVE-2016-4200, CVE-2016-4201, CVE-2016-4202, CVE-2016-4203, CVE-2016-4204, CVE-2016-4205, CVE-2016-4206, CVE-2016-4207, CVE-2016-4208, CVE-2016-4211, CVE-2016-4212, CVE-2016-4213, CVE-2016-4214, CVE-2016-4250, CVE-2016-4251, CVE-2016-4252, and CVE-2016-4254."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "91716",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/91716"
},
{
"name": "1036281",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036281"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2016-4194",
"datePublished": "2016-07-13T01:00:00",
"dateReserved": "2016-04-27T00:00:00",
"dateUpdated": "2024-08-06T00:17:31.277Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-1046 (GCVE-0-2016-1046)
Vulnerability from cvelistv5
Published
2016-05-11 10:00
Modified
2024-08-05 22:38
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1045, CVE-2016-1047, CVE-2016-1048, CVE-2016-1049, CVE-2016-1050, CVE-2016-1051, CVE-2016-1052, CVE-2016-1053, CVE-2016-1054, CVE-2016-1055, CVE-2016-1056, CVE-2016-1057, CVE-2016-1058, CVE-2016-1059, CVE-2016-1060, CVE-2016-1061, CVE-2016-1065, CVE-2016-1066, CVE-2016-1067, CVE-2016-1068, CVE-2016-1069, CVE-2016-1070, CVE-2016-1075, CVE-2016-1094, CVE-2016-1121, CVE-2016-1122, CVE-2016-4102, and CVE-2016-4107.
References
| ► | URL | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T22:38:41.535Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "90512",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/90512"
},
{
"name": "1035828",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1035828"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-294"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-05-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1045, CVE-2016-1047, CVE-2016-1048, CVE-2016-1049, CVE-2016-1050, CVE-2016-1051, CVE-2016-1052, CVE-2016-1053, CVE-2016-1054, CVE-2016-1055, CVE-2016-1056, CVE-2016-1057, CVE-2016-1058, CVE-2016-1059, CVE-2016-1060, CVE-2016-1061, CVE-2016-1065, CVE-2016-1066, CVE-2016-1067, CVE-2016-1068, CVE-2016-1069, CVE-2016-1070, CVE-2016-1075, CVE-2016-1094, CVE-2016-1121, CVE-2016-1122, CVE-2016-4102, and CVE-2016-4107."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-11-29T16:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "90512",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/90512"
},
{
"name": "1035828",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1035828"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-294"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-1046",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1045, CVE-2016-1047, CVE-2016-1048, CVE-2016-1049, CVE-2016-1050, CVE-2016-1051, CVE-2016-1052, CVE-2016-1053, CVE-2016-1054, CVE-2016-1055, CVE-2016-1056, CVE-2016-1057, CVE-2016-1058, CVE-2016-1059, CVE-2016-1060, CVE-2016-1061, CVE-2016-1065, CVE-2016-1066, CVE-2016-1067, CVE-2016-1068, CVE-2016-1069, CVE-2016-1070, CVE-2016-1075, CVE-2016-1094, CVE-2016-1121, CVE-2016-1122, CVE-2016-4102, and CVE-2016-4107."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "90512",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/90512"
},
{
"name": "1035828",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-16-294",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-294"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2016-1046",
"datePublished": "2016-05-11T10:00:00",
"dateReserved": "2015-12-22T00:00:00",
"dateUpdated": "2024-08-05T22:38:41.535Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-7012 (GCVE-0-2016-7012)
Vulnerability from cvelistv5
Published
2016-10-13 19:00
Modified
2024-08-06 01:50
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T01:50:46.646Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1036986",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1036986"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"name": "93496",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/93496"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-10-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-29T09:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "1036986",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1036986"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"name": "93496",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/93496"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-7012",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1036986",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"name": "93496",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93496"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2016-7012",
"datePublished": "2016-10-13T19:00:00",
"dateReserved": "2016-08-23T00:00:00",
"dateUpdated": "2024-08-06T01:50:46.646Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-4096 (GCVE-0-2016-4096)
Vulnerability from cvelistv5
Published
2016-05-11 10:00
Modified
2024-08-06 00:17
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T00:17:30.719Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1035828",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1035828"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-05-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-11-29T16:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "1035828",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1035828"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-4096",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1035828",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2016-4096",
"datePublished": "2016-05-11T10:00:00",
"dateReserved": "2016-04-27T00:00:00",
"dateUpdated": "2024-08-06T00:17:30.719Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-6957 (GCVE-0-2016-6957)
Vulnerability from cvelistv5
Published
2016-10-13 19:00
Modified
2024-08-06 01:43
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to bypass JavaScript API execution restrictions via unspecified vectors.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T01:43:38.801Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1036986",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1036986"
},
{
"name": "93486",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/93486"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-10-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to bypass JavaScript API execution restrictions via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-29T09:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "1036986",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1036986"
},
{
"name": "93486",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/93486"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-6957",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to bypass JavaScript API execution restrictions via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1036986",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"name": "93486",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93486"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2016-6957",
"datePublished": "2016-10-13T19:00:00",
"dateReserved": "2016-08-23T00:00:00",
"dateUpdated": "2024-08-06T01:43:38.801Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-3049 (GCVE-0-2017-3049)
Vulnerability from cvelistv5
Published
2017-04-12 14:00
Modified
2024-08-05 14:16
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Heap Overflow
Summary
Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable heap overflow vulnerability in the image conversion engine, related to internal tile manipulation in TIFF files. Successful exploitation could lead to arbitrary code execution.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier. |
Version: Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier. |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T14:16:27.314Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1038228",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1038228"
},
{
"name": "97549",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/97549"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier.",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier."
}
]
}
],
"datePublic": "2017-04-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable heap overflow vulnerability in the image conversion engine, related to internal tile manipulation in TIFF files. Successful exploitation could lead to arbitrary code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Heap Overflow",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T09:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "1038228",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1038228"
},
{
"name": "97549",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/97549"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2017-3049",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier.",
"version": {
"version_data": [
{
"version_value": "Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier."
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable heap overflow vulnerability in the image conversion engine, related to internal tile manipulation in TIFF files. Successful exploitation could lead to arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Heap Overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1038228",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038228"
},
{
"name": "97549",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/97549"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2017-3049",
"datePublished": "2017-04-12T14:00:00",
"dateReserved": "2016-12-02T00:00:00",
"dateUpdated": "2024-08-05T14:16:27.314Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-1070 (GCVE-0-2016-1070)
Vulnerability from cvelistv5
Published
2016-05-11 10:00
Modified
2024-08-05 22:38
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1045, CVE-2016-1046, CVE-2016-1047, CVE-2016-1048, CVE-2016-1049, CVE-2016-1050, CVE-2016-1051, CVE-2016-1052, CVE-2016-1053, CVE-2016-1054, CVE-2016-1055, CVE-2016-1056, CVE-2016-1057, CVE-2016-1058, CVE-2016-1059, CVE-2016-1060, CVE-2016-1061, CVE-2016-1065, CVE-2016-1066, CVE-2016-1067, CVE-2016-1068, CVE-2016-1069, CVE-2016-1075, CVE-2016-1094, CVE-2016-1121, CVE-2016-1122, CVE-2016-4102, and CVE-2016-4107.
References
| ► | URL | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T22:38:41.622Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "90512",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/90512"
},
{
"name": "1035828",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1035828"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-318"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-05-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1045, CVE-2016-1046, CVE-2016-1047, CVE-2016-1048, CVE-2016-1049, CVE-2016-1050, CVE-2016-1051, CVE-2016-1052, CVE-2016-1053, CVE-2016-1054, CVE-2016-1055, CVE-2016-1056, CVE-2016-1057, CVE-2016-1058, CVE-2016-1059, CVE-2016-1060, CVE-2016-1061, CVE-2016-1065, CVE-2016-1066, CVE-2016-1067, CVE-2016-1068, CVE-2016-1069, CVE-2016-1075, CVE-2016-1094, CVE-2016-1121, CVE-2016-1122, CVE-2016-4102, and CVE-2016-4107."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-11-29T16:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "90512",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/90512"
},
{
"name": "1035828",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1035828"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-318"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-1070",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1045, CVE-2016-1046, CVE-2016-1047, CVE-2016-1048, CVE-2016-1049, CVE-2016-1050, CVE-2016-1051, CVE-2016-1052, CVE-2016-1053, CVE-2016-1054, CVE-2016-1055, CVE-2016-1056, CVE-2016-1057, CVE-2016-1058, CVE-2016-1059, CVE-2016-1060, CVE-2016-1061, CVE-2016-1065, CVE-2016-1066, CVE-2016-1067, CVE-2016-1068, CVE-2016-1069, CVE-2016-1075, CVE-2016-1094, CVE-2016-1121, CVE-2016-1122, CVE-2016-4102, and CVE-2016-4107."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "90512",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/90512"
},
{
"name": "1035828",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-16-318",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-318"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2016-1070",
"datePublished": "2016-05-11T10:00:00",
"dateReserved": "2015-12-22T00:00:00",
"dateUpdated": "2024-08-05T22:38:41.622Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-6979 (GCVE-0-2016-6979)
Vulnerability from cvelistv5
Published
2016-10-13 19:00
Modified
2024-08-06 01:50
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1089, CVE-2016-1091, CVE-2016-6944, CVE-2016-6945, CVE-2016-6946, CVE-2016-6949, CVE-2016-6952, CVE-2016-6953, CVE-2016-6961, CVE-2016-6962, CVE-2016-6963, CVE-2016-6964, CVE-2016-6965, CVE-2016-6967, CVE-2016-6968, CVE-2016-6969, CVE-2016-6971, CVE-2016-6988, and CVE-2016-6993.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T01:50:46.034Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1036986",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1036986"
},
{
"name": "93491",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/93491"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-10-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1089, CVE-2016-1091, CVE-2016-6944, CVE-2016-6945, CVE-2016-6946, CVE-2016-6949, CVE-2016-6952, CVE-2016-6953, CVE-2016-6961, CVE-2016-6962, CVE-2016-6963, CVE-2016-6964, CVE-2016-6965, CVE-2016-6967, CVE-2016-6968, CVE-2016-6969, CVE-2016-6971, CVE-2016-6988, and CVE-2016-6993."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-29T09:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "1036986",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1036986"
},
{
"name": "93491",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/93491"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-6979",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1089, CVE-2016-1091, CVE-2016-6944, CVE-2016-6945, CVE-2016-6946, CVE-2016-6949, CVE-2016-6952, CVE-2016-6953, CVE-2016-6961, CVE-2016-6962, CVE-2016-6963, CVE-2016-6964, CVE-2016-6965, CVE-2016-6967, CVE-2016-6968, CVE-2016-6969, CVE-2016-6971, CVE-2016-6988, and CVE-2016-6993."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1036986",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"name": "93491",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93491"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2016-6979",
"datePublished": "2016-10-13T19:00:00",
"dateReserved": "2016-08-23T00:00:00",
"dateUpdated": "2024-08-06T01:50:46.034Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-6971 (GCVE-0-2016-6971)
Vulnerability from cvelistv5
Published
2016-10-13 19:00
Modified
2024-08-06 01:43
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1089, CVE-2016-1091, CVE-2016-6944, CVE-2016-6945, CVE-2016-6946, CVE-2016-6949, CVE-2016-6952, CVE-2016-6953, CVE-2016-6961, CVE-2016-6962, CVE-2016-6963, CVE-2016-6964, CVE-2016-6965, CVE-2016-6967, CVE-2016-6968, CVE-2016-6969, CVE-2016-6979, CVE-2016-6988, and CVE-2016-6993.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T01:43:38.826Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1036986",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1036986"
},
{
"name": "93491",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/93491"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-10-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1089, CVE-2016-1091, CVE-2016-6944, CVE-2016-6945, CVE-2016-6946, CVE-2016-6949, CVE-2016-6952, CVE-2016-6953, CVE-2016-6961, CVE-2016-6962, CVE-2016-6963, CVE-2016-6964, CVE-2016-6965, CVE-2016-6967, CVE-2016-6968, CVE-2016-6969, CVE-2016-6979, CVE-2016-6988, and CVE-2016-6993."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-29T09:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "1036986",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1036986"
},
{
"name": "93491",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/93491"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-6971",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1089, CVE-2016-1091, CVE-2016-6944, CVE-2016-6945, CVE-2016-6946, CVE-2016-6949, CVE-2016-6952, CVE-2016-6953, CVE-2016-6961, CVE-2016-6962, CVE-2016-6963, CVE-2016-6964, CVE-2016-6965, CVE-2016-6967, CVE-2016-6968, CVE-2016-6969, CVE-2016-6979, CVE-2016-6988, and CVE-2016-6993."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1036986",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"name": "93491",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93491"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2016-6971",
"datePublished": "2016-10-13T19:00:00",
"dateReserved": "2016-08-23T00:00:00",
"dateUpdated": "2024-08-06T01:43:38.826Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-1112 (GCVE-0-2016-1112)
Vulnerability from cvelistv5
Published
2016-05-11 10:00
Modified
2024-08-05 22:48
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to obtain sensitive information via unspecified vectors.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T22:48:13.312Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1035828",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1035828"
},
{
"name": "90510",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/90510"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-05-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to obtain sensitive information via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-11-29T16:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "1035828",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1035828"
},
{
"name": "90510",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/90510"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-1112",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to obtain sensitive information via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1035828",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"name": "90510",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/90510"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2016-1112",
"datePublished": "2016-05-11T10:00:00",
"dateReserved": "2015-12-22T00:00:00",
"dateUpdated": "2024-08-05T22:48:13.312Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-3010 (GCVE-0-2017-3010)
Vulnerability from cvelistv5
Published
2017-03-31 15:00
Modified
2024-08-05 14:09
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Memory Corruption
Summary
Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable memory corruption vulnerability in the rendering engine. Successful exploitation could lead to arbitrary code execution.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier. |
Version: Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier. |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T14:09:17.824Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "97306",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/97306"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier.",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier."
}
]
}
],
"datePublic": "2017-03-31T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable memory corruption vulnerability in the rendering engine. Successful exploitation could lead to arbitrary code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Memory Corruption",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-04-04T09:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "97306",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/97306"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2017-3010",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier.",
"version": {
"version_data": [
{
"version_value": "Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier."
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable memory corruption vulnerability in the rendering engine. Successful exploitation could lead to arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Memory Corruption"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "97306",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/97306"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2017-3010",
"datePublished": "2017-03-31T15:00:00",
"dateReserved": "2016-12-02T00:00:00",
"dateUpdated": "2024-08-05T14:09:17.824Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-1124 (GCVE-0-2016-1124)
Vulnerability from cvelistv5
Published
2016-05-11 10:00
Modified
2024-08-05 22:48
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T22:48:13.272Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1035828",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1035828"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-05-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-11-29T16:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "1035828",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1035828"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-1124",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1035828",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2016-1124",
"datePublished": "2016-05-11T10:00:00",
"dateReserved": "2015-12-22T00:00:00",
"dateUpdated": "2024-08-05T22:48:13.272Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-1130 (GCVE-0-2016-1130)
Vulnerability from cvelistv5
Published
2016-05-11 10:00
Modified
2024-08-05 22:48
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T22:48:13.216Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1035828",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1035828"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-05-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-11-29T16:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "1035828",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1035828"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-1130",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1035828",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2016-1130",
"datePublished": "2016-05-11T10:00:00",
"dateReserved": "2015-12-22T00:00:00",
"dateUpdated": "2024-08-05T22:48:13.216Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-4195 (GCVE-0-2016-4195)
Vulnerability from cvelistv5
Published
2016-07-13 01:00
Modified
2024-08-06 00:17
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4191, CVE-2016-4192, CVE-2016-4193, CVE-2016-4194, CVE-2016-4196, CVE-2016-4197, CVE-2016-4198, CVE-2016-4199, CVE-2016-4200, CVE-2016-4201, CVE-2016-4202, CVE-2016-4203, CVE-2016-4204, CVE-2016-4205, CVE-2016-4206, CVE-2016-4207, CVE-2016-4208, CVE-2016-4211, CVE-2016-4212, CVE-2016-4213, CVE-2016-4214, CVE-2016-4250, CVE-2016-4251, CVE-2016-4252, and CVE-2016-4254.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T00:17:31.367Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "91716",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/91716"
},
{
"name": "1036281",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1036281"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-07-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4191, CVE-2016-4192, CVE-2016-4193, CVE-2016-4194, CVE-2016-4196, CVE-2016-4197, CVE-2016-4198, CVE-2016-4199, CVE-2016-4200, CVE-2016-4201, CVE-2016-4202, CVE-2016-4203, CVE-2016-4204, CVE-2016-4205, CVE-2016-4206, CVE-2016-4207, CVE-2016-4208, CVE-2016-4211, CVE-2016-4212, CVE-2016-4213, CVE-2016-4214, CVE-2016-4250, CVE-2016-4251, CVE-2016-4252, and CVE-2016-4254."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-31T09:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "91716",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/91716"
},
{
"name": "1036281",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1036281"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-4195",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4191, CVE-2016-4192, CVE-2016-4193, CVE-2016-4194, CVE-2016-4196, CVE-2016-4197, CVE-2016-4198, CVE-2016-4199, CVE-2016-4200, CVE-2016-4201, CVE-2016-4202, CVE-2016-4203, CVE-2016-4204, CVE-2016-4205, CVE-2016-4206, CVE-2016-4207, CVE-2016-4208, CVE-2016-4211, CVE-2016-4212, CVE-2016-4213, CVE-2016-4214, CVE-2016-4250, CVE-2016-4251, CVE-2016-4252, and CVE-2016-4254."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "91716",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/91716"
},
{
"name": "1036281",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036281"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2016-4195",
"datePublished": "2016-07-13T01:00:00",
"dateReserved": "2016-04-27T00:00:00",
"dateUpdated": "2024-08-06T00:17:31.367Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-3026 (GCVE-0-2017-3026)
Vulnerability from cvelistv5
Published
2017-04-12 14:00
Modified
2024-08-05 14:16
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Use After Free
Summary
Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable use after free vulnerability when manipulating an internal data structure. Successful exploitation could lead to arbitrary code execution.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier. |
Version: Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier. |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T14:16:26.305Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1038228",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1038228"
},
{
"name": "97550",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/97550"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier.",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier."
}
]
}
],
"datePublic": "2017-04-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable use after free vulnerability when manipulating an internal data structure. Successful exploitation could lead to arbitrary code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Use After Free",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T09:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "1038228",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1038228"
},
{
"name": "97550",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/97550"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2017-3026",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier.",
"version": {
"version_data": [
{
"version_value": "Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier."
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable use after free vulnerability when manipulating an internal data structure. Successful exploitation could lead to arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use After Free"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1038228",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038228"
},
{
"name": "97550",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/97550"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2017-3026",
"datePublished": "2017-04-12T14:00:00",
"dateReserved": "2016-12-02T00:00:00",
"dateUpdated": "2024-08-05T14:16:26.305Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-4211 (GCVE-0-2016-4211)
Vulnerability from cvelistv5
Published
2016-07-13 01:00
Modified
2024-08-06 00:25
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4191, CVE-2016-4192, CVE-2016-4193, CVE-2016-4194, CVE-2016-4195, CVE-2016-4196, CVE-2016-4197, CVE-2016-4198, CVE-2016-4199, CVE-2016-4200, CVE-2016-4201, CVE-2016-4202, CVE-2016-4203, CVE-2016-4204, CVE-2016-4205, CVE-2016-4206, CVE-2016-4207, CVE-2016-4208, CVE-2016-4212, CVE-2016-4213, CVE-2016-4214, CVE-2016-4250, CVE-2016-4251, CVE-2016-4252, and CVE-2016-4254.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T00:25:13.308Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "91716",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/91716"
},
{
"name": "1036281",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1036281"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-07-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4191, CVE-2016-4192, CVE-2016-4193, CVE-2016-4194, CVE-2016-4195, CVE-2016-4196, CVE-2016-4197, CVE-2016-4198, CVE-2016-4199, CVE-2016-4200, CVE-2016-4201, CVE-2016-4202, CVE-2016-4203, CVE-2016-4204, CVE-2016-4205, CVE-2016-4206, CVE-2016-4207, CVE-2016-4208, CVE-2016-4212, CVE-2016-4213, CVE-2016-4214, CVE-2016-4250, CVE-2016-4251, CVE-2016-4252, and CVE-2016-4254."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-31T09:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "91716",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/91716"
},
{
"name": "1036281",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1036281"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-4211",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4191, CVE-2016-4192, CVE-2016-4193, CVE-2016-4194, CVE-2016-4195, CVE-2016-4196, CVE-2016-4197, CVE-2016-4198, CVE-2016-4199, CVE-2016-4200, CVE-2016-4201, CVE-2016-4202, CVE-2016-4203, CVE-2016-4204, CVE-2016-4205, CVE-2016-4206, CVE-2016-4207, CVE-2016-4208, CVE-2016-4212, CVE-2016-4213, CVE-2016-4214, CVE-2016-4250, CVE-2016-4251, CVE-2016-4252, and CVE-2016-4254."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "91716",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/91716"
},
{
"name": "1036281",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036281"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2016-4211",
"datePublished": "2016-07-13T01:00:00",
"dateReserved": "2016-04-27T00:00:00",
"dateUpdated": "2024-08-06T00:25:13.308Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-1056 (GCVE-0-2016-1056)
Vulnerability from cvelistv5
Published
2016-05-11 10:00
Modified
2024-08-05 22:38
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1045, CVE-2016-1046, CVE-2016-1047, CVE-2016-1048, CVE-2016-1049, CVE-2016-1050, CVE-2016-1051, CVE-2016-1052, CVE-2016-1053, CVE-2016-1054, CVE-2016-1055, CVE-2016-1057, CVE-2016-1058, CVE-2016-1059, CVE-2016-1060, CVE-2016-1061, CVE-2016-1065, CVE-2016-1066, CVE-2016-1067, CVE-2016-1068, CVE-2016-1069, CVE-2016-1070, CVE-2016-1075, CVE-2016-1094, CVE-2016-1121, CVE-2016-1122, CVE-2016-4102, and CVE-2016-4107.
References
| ► | URL | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T22:38:41.614Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "90512",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/90512"
},
{
"name": "1035828",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1035828"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-304"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-05-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1045, CVE-2016-1046, CVE-2016-1047, CVE-2016-1048, CVE-2016-1049, CVE-2016-1050, CVE-2016-1051, CVE-2016-1052, CVE-2016-1053, CVE-2016-1054, CVE-2016-1055, CVE-2016-1057, CVE-2016-1058, CVE-2016-1059, CVE-2016-1060, CVE-2016-1061, CVE-2016-1065, CVE-2016-1066, CVE-2016-1067, CVE-2016-1068, CVE-2016-1069, CVE-2016-1070, CVE-2016-1075, CVE-2016-1094, CVE-2016-1121, CVE-2016-1122, CVE-2016-4102, and CVE-2016-4107."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-11-29T16:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "90512",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/90512"
},
{
"name": "1035828",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1035828"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-304"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-1056",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1045, CVE-2016-1046, CVE-2016-1047, CVE-2016-1048, CVE-2016-1049, CVE-2016-1050, CVE-2016-1051, CVE-2016-1052, CVE-2016-1053, CVE-2016-1054, CVE-2016-1055, CVE-2016-1057, CVE-2016-1058, CVE-2016-1059, CVE-2016-1060, CVE-2016-1061, CVE-2016-1065, CVE-2016-1066, CVE-2016-1067, CVE-2016-1068, CVE-2016-1069, CVE-2016-1070, CVE-2016-1075, CVE-2016-1094, CVE-2016-1121, CVE-2016-1122, CVE-2016-4102, and CVE-2016-4107."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "90512",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/90512"
},
{
"name": "1035828",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-16-304",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-304"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2016-1056",
"datePublished": "2016-05-11T10:00:00",
"dateReserved": "2015-12-22T00:00:00",
"dateUpdated": "2024-08-05T22:38:41.614Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-2971 (GCVE-0-2017-2971)
Vulnerability from cvelistv5
Published
2017-01-24 07:40
Modified
2024-08-05 14:09
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Heap Overflow
Summary
Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable heap overflow vulnerability in the JPEG decoder routine. Successful exploitation could lead to arbitrary code execution.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier. |
Version: Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier. |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T14:09:17.797Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "95690",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/95690"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.talosintelligence.com/reports/TALOS-2016-0259/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier.",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier."
}
]
}
],
"datePublic": "2017-01-24T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable heap overflow vulnerability in the JPEG decoder routine. Successful exploitation could lead to arbitrary code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Heap Overflow",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-01-27T20:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "95690",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/95690"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.talosintelligence.com/reports/TALOS-2016-0259/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2017-2971",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier.",
"version": {
"version_data": [
{
"version_value": "Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier."
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable heap overflow vulnerability in the JPEG decoder routine. Successful exploitation could lead to arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Heap Overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "95690",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/95690"
},
{
"name": "http://www.talosintelligence.com/reports/TALOS-2016-0259/",
"refsource": "MISC",
"url": "http://www.talosintelligence.com/reports/TALOS-2016-0259/"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2017-2971",
"datePublished": "2017-01-24T07:40:00",
"dateReserved": "2016-12-02T00:00:00",
"dateUpdated": "2024-08-05T14:09:17.797Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-3123 (GCVE-0-2017-3123)
Vulnerability from cvelistv5
Published
2017-08-11 19:00
Modified
2024-09-16 16:33
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Memory Corruption
Summary
Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conversion engine when processing Enhanced Metafile Format (EMF) data drawing position definition. Successful exploitation could lead to arbitrary code execution.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Adobe Systems Incorporated | Acrobat Reader |
Version: 2017.009.20058 and earlier Version: 2017.008.30051 and earlier Version: 2015.006.30306 and earlier Version: 11.0.20 and earlier |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T14:16:28.183Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"name": "1039098",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1039098"
},
{
"name": "100179",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/100179"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe Systems Incorporated",
"versions": [
{
"status": "affected",
"version": "2017.009.20058 and earlier"
},
{
"status": "affected",
"version": "2017.008.30051 and earlier"
},
{
"status": "affected",
"version": "2015.006.30306 and earlier"
},
{
"status": "affected",
"version": "11.0.20 and earlier"
}
]
}
],
"datePublic": "2017-08-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conversion engine when processing Enhanced Metafile Format (EMF) data drawing position definition. Successful exploitation could lead to arbitrary code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Memory Corruption",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-12T09:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"name": "1039098",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1039098"
},
{
"name": "100179",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/100179"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2017-08-08T00:00:00",
"ID": "CVE-2017-3123",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_value": "2017.009.20058 and earlier"
},
{
"version_value": "2017.008.30051 and earlier"
},
{
"version_value": "2015.006.30306 and earlier"
},
{
"version_value": "11.0.20 and earlier"
}
]
}
}
]
},
"vendor_name": "Adobe Systems Incorporated"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conversion engine when processing Enhanced Metafile Format (EMF) data drawing position definition. Successful exploitation could lead to arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Memory Corruption"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"name": "1039098",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039098"
},
{
"name": "100179",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/100179"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2017-3123",
"datePublished": "2017-08-11T19:00:00Z",
"dateReserved": "2016-12-02T00:00:00",
"dateUpdated": "2024-09-16T16:33:24.086Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-1127 (GCVE-0-2016-1127)
Vulnerability from cvelistv5
Published
2016-05-11 10:00
Modified
2024-08-05 22:48
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T22:48:13.440Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1035828",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1035828"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-05-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-11-29T16:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "1035828",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1035828"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-1127",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1035828",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2016-1127",
"datePublished": "2016-05-11T10:00:00",
"dateReserved": "2015-12-22T00:00:00",
"dateUpdated": "2024-08-05T22:48:13.440Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-11230 (GCVE-0-2017-11230)
Vulnerability from cvelistv5
Published
2017-08-11 19:00
Modified
2024-09-17 02:51
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Memory Corruption
Summary
Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the JPEG 2000 engine. Successful exploitation could lead to arbitrary code execution.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Adobe Systems Incorporated | Acrobat Reader |
Version: 2017.009.20058 and earlier Version: 2017.008.30051 and earlier Version: 2015.006.30306 and earlier Version: 11.0.20 and earlier |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T18:05:29.450Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "100184",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/100184"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"name": "1039098",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1039098"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe Systems Incorporated",
"versions": [
{
"status": "affected",
"version": "2017.009.20058 and earlier"
},
{
"status": "affected",
"version": "2017.008.30051 and earlier"
},
{
"status": "affected",
"version": "2015.006.30306 and earlier"
},
{
"status": "affected",
"version": "11.0.20 and earlier"
}
]
}
],
"datePublic": "2017-08-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the JPEG 2000 engine. Successful exploitation could lead to arbitrary code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Memory Corruption",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-12T09:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "100184",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/100184"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"name": "1039098",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1039098"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2017-08-08T00:00:00",
"ID": "CVE-2017-11230",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_value": "2017.009.20058 and earlier"
},
{
"version_value": "2017.008.30051 and earlier"
},
{
"version_value": "2015.006.30306 and earlier"
},
{
"version_value": "11.0.20 and earlier"
}
]
}
}
]
},
"vendor_name": "Adobe Systems Incorporated"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the JPEG 2000 engine. Successful exploitation could lead to arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Memory Corruption"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "100184",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/100184"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"name": "1039098",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039098"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2017-11230",
"datePublished": "2017-08-11T19:00:00Z",
"dateReserved": "2017-07-13T00:00:00",
"dateUpdated": "2024-09-17T02:51:37.209Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-6948 (GCVE-0-2016-6948)
Vulnerability from cvelistv5
Published
2016-10-13 19:00
Modified
2024-08-06 01:43
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T01:43:38.580Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1036986",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1036986"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"name": "93496",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/93496"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-10-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-29T09:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "1036986",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1036986"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"name": "93496",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/93496"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-6948",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1036986",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"name": "93496",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93496"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2016-6948",
"datePublished": "2016-10-13T19:00:00",
"dateReserved": "2016-08-23T00:00:00",
"dateUpdated": "2024-08-06T01:43:38.580Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-1039 (GCVE-0-2016-1039)
Vulnerability from cvelistv5
Published
2016-05-11 10:00
Modified
2024-08-05 22:38
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to bypass JavaScript API execution restrictions via unspecified vectors, a different vulnerability than CVE-2016-1038, CVE-2016-1040, CVE-2016-1041, CVE-2016-1042, CVE-2016-1044, CVE-2016-1062, and CVE-2016-1117.
References
| ► | URL | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T22:38:41.544Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-290"
},
{
"name": "1035828",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1035828"
},
{
"name": "90517",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/90517"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-05-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to bypass JavaScript API execution restrictions via unspecified vectors, a different vulnerability than CVE-2016-1038, CVE-2016-1040, CVE-2016-1041, CVE-2016-1042, CVE-2016-1044, CVE-2016-1062, and CVE-2016-1117."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-11-29T16:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-290"
},
{
"name": "1035828",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1035828"
},
{
"name": "90517",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/90517"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-1039",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to bypass JavaScript API execution restrictions via unspecified vectors, a different vulnerability than CVE-2016-1038, CVE-2016-1040, CVE-2016-1041, CVE-2016-1042, CVE-2016-1044, CVE-2016-1062, and CVE-2016-1117."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-16-290",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-290"
},
{
"name": "1035828",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"name": "90517",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/90517"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2016-1039",
"datePublished": "2016-05-11T10:00:00",
"dateReserved": "2015-12-22T00:00:00",
"dateUpdated": "2024-08-05T22:38:41.544Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-4106 (GCVE-0-2016-4106)
Vulnerability from cvelistv5
Published
2016-05-11 10:00
Modified
2024-08-06 00:17
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Untrusted search path vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allows local users to gain privileges via a Trojan horse resource in an unspecified directory, a different vulnerability than CVE-2016-1087 and CVE-2016-1090.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T00:17:31.162Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1035828",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1035828"
},
{
"name": "90513",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/90513"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-05-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Untrusted search path vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allows local users to gain privileges via a Trojan horse resource in an unspecified directory, a different vulnerability than CVE-2016-1087 and CVE-2016-1090."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-11-29T16:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "1035828",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1035828"
},
{
"name": "90513",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/90513"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-4106",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Untrusted search path vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allows local users to gain privileges via a Trojan horse resource in an unspecified directory, a different vulnerability than CVE-2016-1087 and CVE-2016-1090."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1035828",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"name": "90513",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/90513"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2016-4106",
"datePublished": "2016-05-11T10:00:00",
"dateReserved": "2016-04-27T00:00:00",
"dateUpdated": "2024-08-06T00:17:31.162Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-1059 (GCVE-0-2016-1059)
Vulnerability from cvelistv5
Published
2016-05-11 10:00
Modified
2024-08-05 22:38
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1045, CVE-2016-1046, CVE-2016-1047, CVE-2016-1048, CVE-2016-1049, CVE-2016-1050, CVE-2016-1051, CVE-2016-1052, CVE-2016-1053, CVE-2016-1054, CVE-2016-1055, CVE-2016-1056, CVE-2016-1057, CVE-2016-1058, CVE-2016-1060, CVE-2016-1061, CVE-2016-1065, CVE-2016-1066, CVE-2016-1067, CVE-2016-1068, CVE-2016-1069, CVE-2016-1070, CVE-2016-1075, CVE-2016-1094, CVE-2016-1121, CVE-2016-1122, CVE-2016-4102, and CVE-2016-4107.
References
| ► | URL | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T22:38:41.596Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "90512",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/90512"
},
{
"name": "1035828",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1035828"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-307"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-05-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1045, CVE-2016-1046, CVE-2016-1047, CVE-2016-1048, CVE-2016-1049, CVE-2016-1050, CVE-2016-1051, CVE-2016-1052, CVE-2016-1053, CVE-2016-1054, CVE-2016-1055, CVE-2016-1056, CVE-2016-1057, CVE-2016-1058, CVE-2016-1060, CVE-2016-1061, CVE-2016-1065, CVE-2016-1066, CVE-2016-1067, CVE-2016-1068, CVE-2016-1069, CVE-2016-1070, CVE-2016-1075, CVE-2016-1094, CVE-2016-1121, CVE-2016-1122, CVE-2016-4102, and CVE-2016-4107."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-11-29T16:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "90512",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/90512"
},
{
"name": "1035828",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1035828"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-307"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-1059",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1045, CVE-2016-1046, CVE-2016-1047, CVE-2016-1048, CVE-2016-1049, CVE-2016-1050, CVE-2016-1051, CVE-2016-1052, CVE-2016-1053, CVE-2016-1054, CVE-2016-1055, CVE-2016-1056, CVE-2016-1057, CVE-2016-1058, CVE-2016-1060, CVE-2016-1061, CVE-2016-1065, CVE-2016-1066, CVE-2016-1067, CVE-2016-1068, CVE-2016-1069, CVE-2016-1070, CVE-2016-1075, CVE-2016-1094, CVE-2016-1121, CVE-2016-1122, CVE-2016-4102, and CVE-2016-4107."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "90512",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/90512"
},
{
"name": "1035828",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-16-307",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-307"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2016-1059",
"datePublished": "2016-05-11T10:00:00",
"dateReserved": "2015-12-22T00:00:00",
"dateUpdated": "2024-08-05T22:38:41.596Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-6958 (GCVE-0-2016-6958)
Vulnerability from cvelistv5
Published
2016-10-13 19:00
Modified
2024-08-06 01:43
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to bypass intended access restrictions via unspecified vectors.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T01:43:38.771Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1036986",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1036986"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"name": "93494",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/93494"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-10-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to bypass intended access restrictions via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-29T09:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "1036986",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1036986"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"name": "93494",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/93494"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-6958",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to bypass intended access restrictions via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1036986",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"name": "93494",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93494"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2016-6958",
"datePublished": "2016-10-13T19:00:00",
"dateReserved": "2016-08-23T00:00:00",
"dateUpdated": "2024-08-06T01:43:38.771Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-3047 (GCVE-0-2017-3047)
Vulnerability from cvelistv5
Published
2017-04-12 14:00
Modified
2024-08-05 14:16
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Use After Free
Summary
Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable use after free vulnerability in the JavaScript engine's annotation-related API. Successful exploitation could lead to arbitrary code execution.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier. |
Version: Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier. |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T14:16:27.537Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1038228",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1038228"
},
{
"name": "97550",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/97550"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier.",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier."
}
]
}
],
"datePublic": "2017-04-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable use after free vulnerability in the JavaScript engine\u0027s annotation-related API. Successful exploitation could lead to arbitrary code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Use After Free",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T09:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "1038228",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1038228"
},
{
"name": "97550",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/97550"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2017-3047",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier.",
"version": {
"version_data": [
{
"version_value": "Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier."
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable use after free vulnerability in the JavaScript engine\u0027s annotation-related API. Successful exploitation could lead to arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use After Free"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1038228",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038228"
},
{
"name": "97550",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/97550"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2017-3047",
"datePublished": "2017-04-12T14:00:00",
"dateReserved": "2016-12-02T00:00:00",
"dateUpdated": "2024-08-05T14:16:27.537Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-4209 (GCVE-0-2016-4209)
Vulnerability from cvelistv5
Published
2016-07-13 01:00
Modified
2024-08-06 00:25
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Heap-based buffer overflow in Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T00:25:12.820Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "91711",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/91711"
},
{
"name": "1036281",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1036281"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-07-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-31T09:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "91711",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/91711"
},
{
"name": "1036281",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1036281"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-4209",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Heap-based buffer overflow in Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "91711",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/91711"
},
{
"name": "1036281",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036281"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2016-4209",
"datePublished": "2016-07-13T01:00:00",
"dateReserved": "2016-04-27T00:00:00",
"dateUpdated": "2024-08-06T00:25:12.820Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-11222 (GCVE-0-2017-11222)
Vulnerability from cvelistv5
Published
2017-08-11 19:00
Modified
2024-09-16 17:42
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Memory Corruption
Summary
Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the Product Representation Compact (PRC) engine. Successful exploitation could lead to arbitrary code execution.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Adobe Systems Incorporated | Acrobat Reader |
Version: 2017.009.20058 and earlier Version: 2017.008.30051 and earlier Version: 2015.006.30306 and earlier Version: 11.0.20 and earlier |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T18:05:29.410Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"name": "1039098",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1039098"
},
{
"name": "100179",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/100179"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe Systems Incorporated",
"versions": [
{
"status": "affected",
"version": "2017.009.20058 and earlier"
},
{
"status": "affected",
"version": "2017.008.30051 and earlier"
},
{
"status": "affected",
"version": "2015.006.30306 and earlier"
},
{
"status": "affected",
"version": "11.0.20 and earlier"
}
]
}
],
"datePublic": "2017-08-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the Product Representation Compact (PRC) engine. Successful exploitation could lead to arbitrary code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Memory Corruption",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-12T09:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"name": "1039098",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1039098"
},
{
"name": "100179",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/100179"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2017-08-08T00:00:00",
"ID": "CVE-2017-11222",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_value": "2017.009.20058 and earlier"
},
{
"version_value": "2017.008.30051 and earlier"
},
{
"version_value": "2015.006.30306 and earlier"
},
{
"version_value": "11.0.20 and earlier"
}
]
}
}
]
},
"vendor_name": "Adobe Systems Incorporated"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the Product Representation Compact (PRC) engine. Successful exploitation could lead to arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Memory Corruption"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"name": "1039098",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039098"
},
{
"name": "100179",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/100179"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2017-11222",
"datePublished": "2017-08-11T19:00:00Z",
"dateReserved": "2017-07-13T00:00:00",
"dateUpdated": "2024-09-16T17:42:39.539Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-4254 (GCVE-0-2016-4254)
Vulnerability from cvelistv5
Published
2016-07-13 01:00
Modified
2024-08-06 00:25
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4191, CVE-2016-4192, CVE-2016-4193, CVE-2016-4194, CVE-2016-4195, CVE-2016-4196, CVE-2016-4197, CVE-2016-4198, CVE-2016-4199, CVE-2016-4200, CVE-2016-4201, CVE-2016-4202, CVE-2016-4203, CVE-2016-4204, CVE-2016-4205, CVE-2016-4206, CVE-2016-4207, CVE-2016-4208, CVE-2016-4211, CVE-2016-4212, CVE-2016-4213, CVE-2016-4214, CVE-2016-4250, CVE-2016-4251, and CVE-2016-4252.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T00:25:14.088Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "91716",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/91716"
},
{
"name": "1036281",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1036281"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-07-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4191, CVE-2016-4192, CVE-2016-4193, CVE-2016-4194, CVE-2016-4195, CVE-2016-4196, CVE-2016-4197, CVE-2016-4198, CVE-2016-4199, CVE-2016-4200, CVE-2016-4201, CVE-2016-4202, CVE-2016-4203, CVE-2016-4204, CVE-2016-4205, CVE-2016-4206, CVE-2016-4207, CVE-2016-4208, CVE-2016-4211, CVE-2016-4212, CVE-2016-4213, CVE-2016-4214, CVE-2016-4250, CVE-2016-4251, and CVE-2016-4252."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-31T09:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "91716",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/91716"
},
{
"name": "1036281",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1036281"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-4254",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4191, CVE-2016-4192, CVE-2016-4193, CVE-2016-4194, CVE-2016-4195, CVE-2016-4196, CVE-2016-4197, CVE-2016-4198, CVE-2016-4199, CVE-2016-4200, CVE-2016-4201, CVE-2016-4202, CVE-2016-4203, CVE-2016-4204, CVE-2016-4205, CVE-2016-4206, CVE-2016-4207, CVE-2016-4208, CVE-2016-4211, CVE-2016-4212, CVE-2016-4213, CVE-2016-4214, CVE-2016-4250, CVE-2016-4251, and CVE-2016-4252."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "91716",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/91716"
},
{
"name": "1036281",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036281"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2016-4254",
"datePublished": "2016-07-13T01:00:00",
"dateReserved": "2016-04-27T00:00:00",
"dateUpdated": "2024-08-06T00:25:14.088Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-1123 (GCVE-0-2016-1123)
Vulnerability from cvelistv5
Published
2016-05-11 10:00
Modified
2024-08-05 22:48
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T22:48:13.271Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1035828",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1035828"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-05-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-11-29T16:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "1035828",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1035828"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-1123",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1035828",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2016-1123",
"datePublished": "2016-05-11T10:00:00",
"dateReserved": "2015-12-22T00:00:00",
"dateUpdated": "2024-08-05T22:48:13.271Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-1126 (GCVE-0-2016-1126)
Vulnerability from cvelistv5
Published
2016-05-11 10:00
Modified
2024-08-05 22:48
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T22:48:13.399Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1035828",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1035828"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-05-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-11-29T16:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "1035828",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1035828"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-1126",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1035828",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2016-1126",
"datePublished": "2016-05-11T10:00:00",
"dateReserved": "2015-12-22T00:00:00",
"dateUpdated": "2024-08-05T22:48:13.399Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-6999 (GCVE-0-2016-6999)
Vulnerability from cvelistv5
Published
2016-10-13 19:00
Modified
2024-08-06 01:50
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Integer overflow in Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T01:50:46.177Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "93495",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/93495"
},
{
"name": "1036986",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1036986"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-10-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Integer overflow in Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-29T09:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "93495",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/93495"
},
{
"name": "1036986",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1036986"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-6999",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Integer overflow in Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "93495",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93495"
},
{
"name": "1036986",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2016-6999",
"datePublished": "2016-10-13T19:00:00",
"dateReserved": "2016-08-23T00:00:00",
"dateUpdated": "2024-08-06T01:50:46.177Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-11216 (GCVE-0-2017-11216)
Vulnerability from cvelistv5
Published
2017-08-11 19:00
Modified
2024-09-16 21:02
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Memory Corruption
Summary
Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conversion engine when processing Enhanced Metafile Format (EMF) data related to bitmap transformations. Successful exploitation could lead to arbitrary code execution.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Adobe Systems Incorporated | Acrobat Reader |
Version: 2017.009.20058 and earlier Version: 2017.008.30051 and earlier Version: 2015.006.30306 and earlier Version: 11.0.20 and earlier |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T18:05:29.592Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"name": "1039098",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1039098"
},
{
"name": "100179",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/100179"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe Systems Incorporated",
"versions": [
{
"status": "affected",
"version": "2017.009.20058 and earlier"
},
{
"status": "affected",
"version": "2017.008.30051 and earlier"
},
{
"status": "affected",
"version": "2015.006.30306 and earlier"
},
{
"status": "affected",
"version": "11.0.20 and earlier"
}
]
}
],
"datePublic": "2017-08-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conversion engine when processing Enhanced Metafile Format (EMF) data related to bitmap transformations. Successful exploitation could lead to arbitrary code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Memory Corruption",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-12T09:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"name": "1039098",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1039098"
},
{
"name": "100179",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/100179"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2017-08-08T00:00:00",
"ID": "CVE-2017-11216",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_value": "2017.009.20058 and earlier"
},
{
"version_value": "2017.008.30051 and earlier"
},
{
"version_value": "2015.006.30306 and earlier"
},
{
"version_value": "11.0.20 and earlier"
}
]
}
}
]
},
"vendor_name": "Adobe Systems Incorporated"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conversion engine when processing Enhanced Metafile Format (EMF) data related to bitmap transformations. Successful exploitation could lead to arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Memory Corruption"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"name": "1039098",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039098"
},
{
"name": "100179",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/100179"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2017-11216",
"datePublished": "2017-08-11T19:00:00Z",
"dateReserved": "2017-07-13T00:00:00",
"dateUpdated": "2024-09-16T21:02:36.342Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-11259 (GCVE-0-2017-11259)
Vulnerability from cvelistv5
Published
2017-08-11 19:00
Modified
2024-09-16 18:14
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Memory Corruption
Summary
Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conversion engine when processing Enhanced Metafile Format (EMF) private data. Successful exploitation could lead to arbitrary code execution.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Adobe Systems Incorporated | Acrobat Reader |
Version: 2017.009.20058 and earlier Version: 2017.008.30051 and earlier Version: 2015.006.30306 and earlier Version: 11.0.20 and earlier |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T18:05:29.914Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"name": "1039098",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1039098"
},
{
"name": "100179",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/100179"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe Systems Incorporated",
"versions": [
{
"status": "affected",
"version": "2017.009.20058 and earlier"
},
{
"status": "affected",
"version": "2017.008.30051 and earlier"
},
{
"status": "affected",
"version": "2015.006.30306 and earlier"
},
{
"status": "affected",
"version": "11.0.20 and earlier"
}
]
}
],
"datePublic": "2017-08-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conversion engine when processing Enhanced Metafile Format (EMF) private data. Successful exploitation could lead to arbitrary code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Memory Corruption",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-12T09:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"name": "1039098",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1039098"
},
{
"name": "100179",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/100179"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2017-08-08T00:00:00",
"ID": "CVE-2017-11259",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_value": "2017.009.20058 and earlier"
},
{
"version_value": "2017.008.30051 and earlier"
},
{
"version_value": "2015.006.30306 and earlier"
},
{
"version_value": "11.0.20 and earlier"
}
]
}
}
]
},
"vendor_name": "Adobe Systems Incorporated"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conversion engine when processing Enhanced Metafile Format (EMF) private data. Successful exploitation could lead to arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Memory Corruption"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"name": "1039098",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039098"
},
{
"name": "100179",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/100179"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2017-11259",
"datePublished": "2017-08-11T19:00:00Z",
"dateReserved": "2017-07-13T00:00:00",
"dateUpdated": "2024-09-16T18:14:28.690Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-2946 (GCVE-0-2017-2946)
Vulnerability from cvelistv5
Published
2017-01-11 04:40
Modified
2024-08-05 14:09
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Heap Overflow
Summary
Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable heap overflow vulnerability when parsing the segment for storing non-graphic information. Successful exploitation could lead to arbitrary code execution.
References
| ► | URL | Tags | |||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier. |
Version: Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier. |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T14:09:17.785Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-17-003"
},
{
"name": "95344",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/95344"
},
{
"name": "1037574",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1037574"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-17-004"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier.",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier."
}
]
}
],
"datePublic": "2017-01-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable heap overflow vulnerability when parsing the segment for storing non-graphic information. Successful exploitation could lead to arbitrary code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Heap Overflow",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-01-12T22:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-17-003"
},
{
"name": "95344",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/95344"
},
{
"name": "1037574",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1037574"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-17-004"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2017-2946",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier.",
"version": {
"version_data": [
{
"version_value": "Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier."
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable heap overflow vulnerability when parsing the segment for storing non-graphic information. Successful exploitation could lead to arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Heap Overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-17-003",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-17-003"
},
{
"name": "95344",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/95344"
},
{
"name": "1037574",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037574"
},
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-17-004",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-17-004"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2017-2946",
"datePublished": "2017-01-11T04:40:00",
"dateReserved": "2016-12-02T00:00:00",
"dateUpdated": "2024-08-05T14:09:17.785Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-2956 (GCVE-0-2017-2956)
Vulnerability from cvelistv5
Published
2017-01-11 04:40
Modified
2024-08-05 14:09
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Use After Free
Summary
Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable use after free vulnerability in the JavaScript engine, related to manipulation of the navigation pane. Successful exploitation could lead to arbitrary code execution.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier. |
Version: Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier. |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T14:09:17.776Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1037574",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1037574"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html"
},
{
"name": "95343",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/95343"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier.",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier."
}
]
}
],
"datePublic": "2017-01-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable use after free vulnerability in the JavaScript engine, related to manipulation of the navigation pane. Successful exploitation could lead to arbitrary code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Use After Free",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-01-12T22:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "1037574",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1037574"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html"
},
{
"name": "95343",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/95343"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2017-2956",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier.",
"version": {
"version_data": [
{
"version_value": "Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier."
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable use after free vulnerability in the JavaScript engine, related to manipulation of the navigation pane. Successful exploitation could lead to arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use After Free"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1037574",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037574"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html"
},
{
"name": "95343",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/95343"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2017-2956",
"datePublished": "2017-01-11T04:40:00",
"dateReserved": "2016-12-02T00:00:00",
"dateUpdated": "2024-08-05T14:09:17.776Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-3056 (GCVE-0-2017-3056)
Vulnerability from cvelistv5
Published
2017-04-12 14:00
Modified
2024-08-05 14:16
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Memory Corruption
Summary
Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability in the JavaScript engine, related to string manipulation. Successful exploitation could lead to arbitrary code execution.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier. |
Version: Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier. |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T14:16:28.215Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1038228",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1038228"
},
{
"name": "97556",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/97556"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier.",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier."
}
]
}
],
"datePublic": "2017-04-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability in the JavaScript engine, related to string manipulation. Successful exploitation could lead to arbitrary code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Memory Corruption",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T09:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "1038228",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1038228"
},
{
"name": "97556",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/97556"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2017-3056",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier.",
"version": {
"version_data": [
{
"version_value": "Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier."
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability in the JavaScript engine, related to string manipulation. Successful exploitation could lead to arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Memory Corruption"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1038228",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038228"
},
{
"name": "97556",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/97556"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2017-3056",
"datePublished": "2017-04-12T14:00:00",
"dateReserved": "2016-12-02T00:00:00",
"dateUpdated": "2024-08-05T14:16:28.215Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-7853 (GCVE-0-2016-7853)
Vulnerability from cvelistv5
Published
2016-10-21 17:00
Modified
2024-08-06 02:13
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, CVE-2016-7019, CVE-2016-7852, and CVE-2016-7854.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T02:13:20.030Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"name": "93496",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/93496"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-10-21T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, CVE-2016-7019, CVE-2016-7852, and CVE-2016-7854."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-11-25T19:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"name": "93496",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/93496"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-7853",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, CVE-2016-7019, CVE-2016-7852, and CVE-2016-7854."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"name": "93496",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93496"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2016-7853",
"datePublished": "2016-10-21T17:00:00",
"dateReserved": "2016-09-09T00:00:00",
"dateUpdated": "2024-08-06T02:13:20.030Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-3018 (GCVE-0-2017-3018)
Vulnerability from cvelistv5
Published
2017-04-12 14:00
Modified
2024-08-05 14:09
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Memory Corruption
Summary
Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability in the renderer functionality. Successful exploitation could lead to arbitrary code execution.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier. |
Version: Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier. |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T14:09:17.765Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1038228",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1038228"
},
{
"name": "97556",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/97556"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier.",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier."
}
]
}
],
"datePublic": "2017-04-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability in the renderer functionality. Successful exploitation could lead to arbitrary code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Memory Corruption",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T09:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "1038228",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1038228"
},
{
"name": "97556",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/97556"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2017-3018",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier.",
"version": {
"version_data": [
{
"version_value": "Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier."
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability in the renderer functionality. Successful exploitation could lead to arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Memory Corruption"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1038228",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038228"
},
{
"name": "97556",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/97556"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2017-3018",
"datePublished": "2017-04-12T14:00:00",
"dateReserved": "2016-12-02T00:00:00",
"dateUpdated": "2024-08-05T14:09:17.765Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-7018 (GCVE-0-2016-7018)
Vulnerability from cvelistv5
Published
2016-10-13 19:00
Modified
2024-08-06 01:50
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, and CVE-2016-7019.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T01:50:47.266Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1036986",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1036986"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"name": "93496",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/93496"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-10-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, and CVE-2016-7019."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-29T09:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "1036986",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1036986"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"name": "93496",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/93496"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-7018",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, and CVE-2016-7019."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1036986",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"name": "93496",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93496"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2016-7018",
"datePublished": "2016-10-13T19:00:00",
"dateReserved": "2016-08-23T00:00:00",
"dateUpdated": "2024-08-06T01:50:47.266Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-3057 (GCVE-0-2017-3057)
Vulnerability from cvelistv5
Published
2017-04-12 14:00
Modified
2024-08-05 14:16
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Use After Free
Summary
Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable use after free vulnerability in the JavaScript API related to the collaboration functionality. Successful exploitation could lead to arbitrary code execution.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier. |
Version: Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier. |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T14:16:27.542Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1038228",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1038228"
},
{
"name": "97550",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/97550"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier.",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier."
}
]
}
],
"datePublic": "2017-04-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable use after free vulnerability in the JavaScript API related to the collaboration functionality. Successful exploitation could lead to arbitrary code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Use After Free",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T09:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "1038228",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1038228"
},
{
"name": "97550",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/97550"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2017-3057",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier.",
"version": {
"version_data": [
{
"version_value": "Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier."
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable use after free vulnerability in the JavaScript API related to the collaboration functionality. Successful exploitation could lead to arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use After Free"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1038228",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038228"
},
{
"name": "97550",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/97550"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2017-3057",
"datePublished": "2017-04-12T14:00:00",
"dateReserved": "2016-12-02T00:00:00",
"dateUpdated": "2024-08-05T14:16:27.542Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-3021 (GCVE-0-2017-3021)
Vulnerability from cvelistv5
Published
2017-04-12 14:00
Modified
2024-08-05 14:09
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Information Disclosure
Summary
Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have a memory address leak vulnerability in the JPEG 2000 parser engine.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier. |
Version: Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier. |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T14:09:17.772Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "97554",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/97554"
},
{
"name": "1038228",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1038228"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier.",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier."
}
]
}
],
"datePublic": "2017-04-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have a memory address leak vulnerability in the JPEG 2000 parser engine."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information Disclosure",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T09:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "97554",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/97554"
},
{
"name": "1038228",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1038228"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2017-3021",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier.",
"version": {
"version_data": [
{
"version_value": "Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier."
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have a memory address leak vulnerability in the JPEG 2000 parser engine."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information Disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "97554",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/97554"
},
{
"name": "1038228",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038228"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2017-3021",
"datePublished": "2017-04-12T14:00:00",
"dateReserved": "2016-12-02T00:00:00",
"dateUpdated": "2024-08-05T14:09:17.772Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-11235 (GCVE-0-2017-11235)
Vulnerability from cvelistv5
Published
2017-08-11 19:00
Modified
2024-09-17 03:27
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Use After Free
Summary
Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable use after free vulnerability in the image conversion engine when decompressing JPEG data. Successful exploitation could lead to arbitrary code execution.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Adobe Systems Incorporated | Acrobat Reader |
Version: 2017.009.20058 and earlier Version: 2017.008.30051 and earlier Version: 2015.006.30306 and earlier Version: 11.0.20 and earlier |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T18:05:29.934Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"name": "1039098",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1039098"
},
{
"name": "100182",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/100182"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe Systems Incorporated",
"versions": [
{
"status": "affected",
"version": "2017.009.20058 and earlier"
},
{
"status": "affected",
"version": "2017.008.30051 and earlier"
},
{
"status": "affected",
"version": "2015.006.30306 and earlier"
},
{
"status": "affected",
"version": "11.0.20 and earlier"
}
]
}
],
"datePublic": "2017-08-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable use after free vulnerability in the image conversion engine when decompressing JPEG data. Successful exploitation could lead to arbitrary code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Use After Free",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-12T09:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"name": "1039098",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1039098"
},
{
"name": "100182",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/100182"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2017-08-08T00:00:00",
"ID": "CVE-2017-11235",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_value": "2017.009.20058 and earlier"
},
{
"version_value": "2017.008.30051 and earlier"
},
{
"version_value": "2015.006.30306 and earlier"
},
{
"version_value": "11.0.20 and earlier"
}
]
}
}
]
},
"vendor_name": "Adobe Systems Incorporated"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable use after free vulnerability in the image conversion engine when decompressing JPEG data. Successful exploitation could lead to arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use After Free"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"name": "1039098",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039098"
},
{
"name": "100182",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/100182"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2017-11235",
"datePublished": "2017-08-11T19:00:00Z",
"dateReserved": "2017-07-13T00:00:00",
"dateUpdated": "2024-09-17T03:27:45.021Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-6939 (GCVE-0-2016-6939)
Vulnerability from cvelistv5
Published
2016-10-13 19:00
Modified
2024-08-06 01:43
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Heap-based buffer overflow in Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-6994.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T01:43:38.545Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1036986",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1036986"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"name": "93487",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/93487"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-10-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-6994."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-29T09:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "1036986",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1036986"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"name": "93487",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/93487"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-6939",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Heap-based buffer overflow in Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-6994."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1036986",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"name": "93487",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93487"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2016-6939",
"datePublished": "2016-10-13T19:00:00",
"dateReserved": "2016-08-23T00:00:00",
"dateUpdated": "2024-08-06T01:43:38.545Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-6967 (GCVE-0-2016-6967)
Vulnerability from cvelistv5
Published
2016-10-13 19:00
Modified
2024-08-06 01:43
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1089, CVE-2016-1091, CVE-2016-6944, CVE-2016-6945, CVE-2016-6946, CVE-2016-6949, CVE-2016-6952, CVE-2016-6953, CVE-2016-6961, CVE-2016-6962, CVE-2016-6963, CVE-2016-6964, CVE-2016-6965, CVE-2016-6968, CVE-2016-6969, CVE-2016-6971, CVE-2016-6979, CVE-2016-6988, and CVE-2016-6993.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T01:43:38.785Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1036986",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1036986"
},
{
"name": "93491",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/93491"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-10-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1089, CVE-2016-1091, CVE-2016-6944, CVE-2016-6945, CVE-2016-6946, CVE-2016-6949, CVE-2016-6952, CVE-2016-6953, CVE-2016-6961, CVE-2016-6962, CVE-2016-6963, CVE-2016-6964, CVE-2016-6965, CVE-2016-6968, CVE-2016-6969, CVE-2016-6971, CVE-2016-6979, CVE-2016-6988, and CVE-2016-6993."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-29T09:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "1036986",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1036986"
},
{
"name": "93491",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/93491"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-6967",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1089, CVE-2016-1091, CVE-2016-6944, CVE-2016-6945, CVE-2016-6946, CVE-2016-6949, CVE-2016-6952, CVE-2016-6953, CVE-2016-6961, CVE-2016-6962, CVE-2016-6963, CVE-2016-6964, CVE-2016-6965, CVE-2016-6968, CVE-2016-6969, CVE-2016-6971, CVE-2016-6979, CVE-2016-6988, and CVE-2016-6993."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1036986",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"name": "93491",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93491"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2016-6967",
"datePublished": "2016-10-13T19:00:00",
"dateReserved": "2016-08-23T00:00:00",
"dateUpdated": "2024-08-06T01:43:38.785Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-6963 (GCVE-0-2016-6963)
Vulnerability from cvelistv5
Published
2016-10-13 19:00
Modified
2024-08-06 01:43
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1089, CVE-2016-1091, CVE-2016-6944, CVE-2016-6945, CVE-2016-6946, CVE-2016-6949, CVE-2016-6952, CVE-2016-6953, CVE-2016-6961, CVE-2016-6962, CVE-2016-6964, CVE-2016-6965, CVE-2016-6967, CVE-2016-6968, CVE-2016-6969, CVE-2016-6971, CVE-2016-6979, CVE-2016-6988, and CVE-2016-6993.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T01:43:38.795Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1036986",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1036986"
},
{
"name": "93491",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/93491"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-10-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1089, CVE-2016-1091, CVE-2016-6944, CVE-2016-6945, CVE-2016-6946, CVE-2016-6949, CVE-2016-6952, CVE-2016-6953, CVE-2016-6961, CVE-2016-6962, CVE-2016-6964, CVE-2016-6965, CVE-2016-6967, CVE-2016-6968, CVE-2016-6969, CVE-2016-6971, CVE-2016-6979, CVE-2016-6988, and CVE-2016-6993."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-29T09:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "1036986",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1036986"
},
{
"name": "93491",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/93491"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-6963",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1089, CVE-2016-1091, CVE-2016-6944, CVE-2016-6945, CVE-2016-6946, CVE-2016-6949, CVE-2016-6952, CVE-2016-6953, CVE-2016-6961, CVE-2016-6962, CVE-2016-6964, CVE-2016-6965, CVE-2016-6967, CVE-2016-6968, CVE-2016-6969, CVE-2016-6971, CVE-2016-6979, CVE-2016-6988, and CVE-2016-6993."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1036986",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"name": "93491",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93491"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2016-6963",
"datePublished": "2016-10-13T19:00:00",
"dateReserved": "2016-08-23T00:00:00",
"dateUpdated": "2024-08-06T01:43:38.795Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-6943 (GCVE-0-2016-6943)
Vulnerability from cvelistv5
Published
2016-10-13 19:00
Modified
2024-08-06 01:43
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T01:43:38.620Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1036986",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1036986"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"name": "93496",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/93496"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-10-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-29T09:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "1036986",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1036986"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"name": "93496",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/93496"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-6943",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1036986",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"name": "93496",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93496"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2016-6943",
"datePublished": "2016-10-13T19:00:00",
"dateReserved": "2016-08-23T00:00:00",
"dateUpdated": "2024-08-06T01:43:38.620Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-7017 (GCVE-0-2016-7017)
Vulnerability from cvelistv5
Published
2016-10-13 19:00
Modified
2024-08-06 01:50
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7018, and CVE-2016-7019.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T01:50:46.086Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1036986",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1036986"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"name": "93496",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/93496"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-10-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7018, and CVE-2016-7019."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-29T09:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "1036986",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1036986"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"name": "93496",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/93496"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-7017",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7018, and CVE-2016-7019."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1036986",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"name": "93496",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93496"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2016-7017",
"datePublished": "2016-10-13T19:00:00",
"dateReserved": "2016-08-23T00:00:00",
"dateUpdated": "2024-08-06T01:50:46.086Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-11251 (GCVE-0-2017-11251)
Vulnerability from cvelistv5
Published
2017-08-11 19:00
Modified
2024-09-17 03:03
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Memory Corruption
Summary
Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the JPEG 2000 parsing module. Successful exploitation could lead to arbitrary code execution.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Adobe Systems Incorporated | Acrobat Reader |
Version: 2017.009.20058 and earlier Version: 2017.008.30051 and earlier Version: 2015.006.30306 and earlier Version: 11.0.20 and earlier |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T18:05:29.440Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"name": "1039098",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1039098"
},
{
"name": "100179",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/100179"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe Systems Incorporated",
"versions": [
{
"status": "affected",
"version": "2017.009.20058 and earlier"
},
{
"status": "affected",
"version": "2017.008.30051 and earlier"
},
{
"status": "affected",
"version": "2015.006.30306 and earlier"
},
{
"status": "affected",
"version": "11.0.20 and earlier"
}
]
}
],
"datePublic": "2017-08-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the JPEG 2000 parsing module. Successful exploitation could lead to arbitrary code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Memory Corruption",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-12T09:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"name": "1039098",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1039098"
},
{
"name": "100179",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/100179"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2017-08-08T00:00:00",
"ID": "CVE-2017-11251",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_value": "2017.009.20058 and earlier"
},
{
"version_value": "2017.008.30051 and earlier"
},
{
"version_value": "2015.006.30306 and earlier"
},
{
"version_value": "11.0.20 and earlier"
}
]
}
}
]
},
"vendor_name": "Adobe Systems Incorporated"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the JPEG 2000 parsing module. Successful exploitation could lead to arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Memory Corruption"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"name": "1039098",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039098"
},
{
"name": "100179",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/100179"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2017-11251",
"datePublished": "2017-08-11T19:00:00Z",
"dateReserved": "2017-07-13T00:00:00",
"dateUpdated": "2024-09-17T03:03:14.814Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-1051 (GCVE-0-2016-1051)
Vulnerability from cvelistv5
Published
2016-05-11 10:00
Modified
2024-08-05 22:38
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1045, CVE-2016-1046, CVE-2016-1047, CVE-2016-1048, CVE-2016-1049, CVE-2016-1050, CVE-2016-1052, CVE-2016-1053, CVE-2016-1054, CVE-2016-1055, CVE-2016-1056, CVE-2016-1057, CVE-2016-1058, CVE-2016-1059, CVE-2016-1060, CVE-2016-1061, CVE-2016-1065, CVE-2016-1066, CVE-2016-1067, CVE-2016-1068, CVE-2016-1069, CVE-2016-1070, CVE-2016-1075, CVE-2016-1094, CVE-2016-1121, CVE-2016-1122, CVE-2016-4102, and CVE-2016-4107.
References
| ► | URL | Tags | |||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T22:38:41.638Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "90512",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/90512"
},
{
"name": "1035828",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1035828"
},
{
"name": "[debian-lts-announce] 20171105 [SECURITY] [DLA 1161-1] redis security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2017/11/msg00004.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-299"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-05-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1045, CVE-2016-1046, CVE-2016-1047, CVE-2016-1048, CVE-2016-1049, CVE-2016-1050, CVE-2016-1052, CVE-2016-1053, CVE-2016-1054, CVE-2016-1055, CVE-2016-1056, CVE-2016-1057, CVE-2016-1058, CVE-2016-1059, CVE-2016-1060, CVE-2016-1061, CVE-2016-1065, CVE-2016-1066, CVE-2016-1067, CVE-2016-1068, CVE-2016-1069, CVE-2016-1070, CVE-2016-1075, CVE-2016-1094, CVE-2016-1121, CVE-2016-1122, CVE-2016-4102, and CVE-2016-4107."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-02-02T10:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "90512",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/90512"
},
{
"name": "1035828",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1035828"
},
{
"name": "[debian-lts-announce] 20171105 [SECURITY] [DLA 1161-1] redis security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2017/11/msg00004.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-299"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-1051",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1045, CVE-2016-1046, CVE-2016-1047, CVE-2016-1048, CVE-2016-1049, CVE-2016-1050, CVE-2016-1052, CVE-2016-1053, CVE-2016-1054, CVE-2016-1055, CVE-2016-1056, CVE-2016-1057, CVE-2016-1058, CVE-2016-1059, CVE-2016-1060, CVE-2016-1061, CVE-2016-1065, CVE-2016-1066, CVE-2016-1067, CVE-2016-1068, CVE-2016-1069, CVE-2016-1070, CVE-2016-1075, CVE-2016-1094, CVE-2016-1121, CVE-2016-1122, CVE-2016-4102, and CVE-2016-4107."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "90512",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/90512"
},
{
"name": "1035828",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"name": "[debian-lts-announce] 20171105 [SECURITY] [DLA 1161-1] redis security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2017/11/msg00004.html"
},
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-16-299",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-299"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2016-1051",
"datePublished": "2016-05-11T10:00:00",
"dateReserved": "2015-12-22T00:00:00",
"dateUpdated": "2024-08-05T22:38:41.638Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-4192 (GCVE-0-2016-4192)
Vulnerability from cvelistv5
Published
2016-07-13 01:00
Modified
2024-08-06 00:17
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4191, CVE-2016-4193, CVE-2016-4194, CVE-2016-4195, CVE-2016-4196, CVE-2016-4197, CVE-2016-4198, CVE-2016-4199, CVE-2016-4200, CVE-2016-4201, CVE-2016-4202, CVE-2016-4203, CVE-2016-4204, CVE-2016-4205, CVE-2016-4206, CVE-2016-4207, CVE-2016-4208, CVE-2016-4211, CVE-2016-4212, CVE-2016-4213, CVE-2016-4214, CVE-2016-4250, CVE-2016-4251, CVE-2016-4252, and CVE-2016-4254.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T00:17:31.328Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "91716",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/91716"
},
{
"name": "1036281",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1036281"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-07-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4191, CVE-2016-4193, CVE-2016-4194, CVE-2016-4195, CVE-2016-4196, CVE-2016-4197, CVE-2016-4198, CVE-2016-4199, CVE-2016-4200, CVE-2016-4201, CVE-2016-4202, CVE-2016-4203, CVE-2016-4204, CVE-2016-4205, CVE-2016-4206, CVE-2016-4207, CVE-2016-4208, CVE-2016-4211, CVE-2016-4212, CVE-2016-4213, CVE-2016-4214, CVE-2016-4250, CVE-2016-4251, CVE-2016-4252, and CVE-2016-4254."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-31T09:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "91716",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/91716"
},
{
"name": "1036281",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1036281"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-4192",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4191, CVE-2016-4193, CVE-2016-4194, CVE-2016-4195, CVE-2016-4196, CVE-2016-4197, CVE-2016-4198, CVE-2016-4199, CVE-2016-4200, CVE-2016-4201, CVE-2016-4202, CVE-2016-4203, CVE-2016-4204, CVE-2016-4205, CVE-2016-4206, CVE-2016-4207, CVE-2016-4208, CVE-2016-4211, CVE-2016-4212, CVE-2016-4213, CVE-2016-4214, CVE-2016-4250, CVE-2016-4251, CVE-2016-4252, and CVE-2016-4254."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "91716",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/91716"
},
{
"name": "1036281",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036281"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2016-4192",
"datePublished": "2016-07-13T01:00:00",
"dateReserved": "2016-04-27T00:00:00",
"dateUpdated": "2024-08-06T00:17:31.328Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-3121 (GCVE-0-2017-3121)
Vulnerability from cvelistv5
Published
2017-08-11 19:00
Modified
2024-09-16 22:46
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Memory Corruption
Summary
Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the Enhanced Metafile Format (EMF) parser. Successful exploitation could lead to arbitrary code execution.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Adobe Systems Incorporated | Acrobat Reader |
Version: 2017.009.20058 and earlier Version: 2017.008.30051 and earlier Version: 2015.006.30306 and earlier Version: 11.0.20 and earlier |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T14:16:28.218Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "100180",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/100180"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"name": "1039098",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1039098"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe Systems Incorporated",
"versions": [
{
"status": "affected",
"version": "2017.009.20058 and earlier"
},
{
"status": "affected",
"version": "2017.008.30051 and earlier"
},
{
"status": "affected",
"version": "2015.006.30306 and earlier"
},
{
"status": "affected",
"version": "11.0.20 and earlier"
}
]
}
],
"datePublic": "2017-08-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the Enhanced Metafile Format (EMF) parser. Successful exploitation could lead to arbitrary code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Memory Corruption",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-12T09:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "100180",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/100180"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"name": "1039098",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1039098"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2017-08-08T00:00:00",
"ID": "CVE-2017-3121",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_value": "2017.009.20058 and earlier"
},
{
"version_value": "2017.008.30051 and earlier"
},
{
"version_value": "2015.006.30306 and earlier"
},
{
"version_value": "11.0.20 and earlier"
}
]
}
}
]
},
"vendor_name": "Adobe Systems Incorporated"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the Enhanced Metafile Format (EMF) parser. Successful exploitation could lead to arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Memory Corruption"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "100180",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/100180"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"name": "1039098",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039098"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2017-3121",
"datePublished": "2017-08-11T19:00:00Z",
"dateReserved": "2016-12-02T00:00:00",
"dateUpdated": "2024-09-16T22:46:55.185Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-11214 (GCVE-0-2017-11214)
Vulnerability from cvelistv5
Published
2017-08-11 19:00
Modified
2024-09-17 02:27
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Memory Corruption
Summary
Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conversion engine when processing Enhanced Metafile Format (EMF) data related to rendering a path. Successful exploitation could lead to arbitrary code execution.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Adobe Systems Incorporated | Acrobat Reader |
Version: 2017.009.20058 and earlier Version: 2017.008.30051 and earlier Version: 2015.006.30306 and earlier Version: 11.0.20 and earlier |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T18:05:28.783Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"name": "1039098",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1039098"
},
{
"name": "100179",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/100179"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe Systems Incorporated",
"versions": [
{
"status": "affected",
"version": "2017.009.20058 and earlier"
},
{
"status": "affected",
"version": "2017.008.30051 and earlier"
},
{
"status": "affected",
"version": "2015.006.30306 and earlier"
},
{
"status": "affected",
"version": "11.0.20 and earlier"
}
]
}
],
"datePublic": "2017-08-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conversion engine when processing Enhanced Metafile Format (EMF) data related to rendering a path. Successful exploitation could lead to arbitrary code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Memory Corruption",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-12T09:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"name": "1039098",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1039098"
},
{
"name": "100179",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/100179"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2017-08-08T00:00:00",
"ID": "CVE-2017-11214",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_value": "2017.009.20058 and earlier"
},
{
"version_value": "2017.008.30051 and earlier"
},
{
"version_value": "2015.006.30306 and earlier"
},
{
"version_value": "11.0.20 and earlier"
}
]
}
}
]
},
"vendor_name": "Adobe Systems Incorporated"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conversion engine when processing Enhanced Metafile Format (EMF) data related to rendering a path. Successful exploitation could lead to arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Memory Corruption"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"name": "1039098",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039098"
},
{
"name": "100179",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/100179"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2017-11214",
"datePublished": "2017-08-11T19:00:00Z",
"dateReserved": "2017-07-13T00:00:00",
"dateUpdated": "2024-09-17T02:27:54.823Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-1090 (GCVE-0-2016-1090)
Vulnerability from cvelistv5
Published
2016-05-11 10:00
Modified
2024-08-05 22:48
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Untrusted search path vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allows local users to gain privileges via a Trojan horse resource in an unspecified directory, a different vulnerability than CVE-2016-1087 and CVE-2016-4106.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T22:48:12.053Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1035828",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1035828"
},
{
"name": "90513",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/90513"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-05-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Untrusted search path vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allows local users to gain privileges via a Trojan horse resource in an unspecified directory, a different vulnerability than CVE-2016-1087 and CVE-2016-4106."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-11-29T16:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "1035828",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1035828"
},
{
"name": "90513",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/90513"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-1090",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Untrusted search path vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allows local users to gain privileges via a Trojan horse resource in an unspecified directory, a different vulnerability than CVE-2016-1087 and CVE-2016-4106."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1035828",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"name": "90513",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/90513"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2016-1090",
"datePublished": "2016-05-11T10:00:00",
"dateReserved": "2015-12-22T00:00:00",
"dateUpdated": "2024-08-05T22:48:12.053Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-6940 (GCVE-0-2016-6940)
Vulnerability from cvelistv5
Published
2016-10-13 19:00
Modified
2024-08-06 01:43
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T01:43:38.621Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1036986",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1036986"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"name": "93496",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/93496"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-10-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-29T09:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "1036986",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1036986"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"name": "93496",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/93496"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-6940",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1036986",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"name": "93496",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93496"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2016-6940",
"datePublished": "2016-10-13T19:00:00",
"dateReserved": "2016-08-23T00:00:00",
"dateUpdated": "2024-08-06T01:43:38.621Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-3045 (GCVE-0-2017-3045)
Vulnerability from cvelistv5
Published
2017-04-12 14:00
Modified
2024-08-05 14:16
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Information Disclosure
Summary
Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have a memory address leak vulnerability in the JPEG 2000 parser, related to the palette box.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier. |
Version: Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier. |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T14:16:27.331Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "97554",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/97554"
},
{
"name": "1038228",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1038228"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier.",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier."
}
]
}
],
"datePublic": "2017-04-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have a memory address leak vulnerability in the JPEG 2000 parser, related to the palette box."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information Disclosure",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T09:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "97554",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/97554"
},
{
"name": "1038228",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1038228"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2017-3045",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier.",
"version": {
"version_data": [
{
"version_value": "Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier."
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have a memory address leak vulnerability in the JPEG 2000 parser, related to the palette box."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information Disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "97554",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/97554"
},
{
"name": "1038228",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038228"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2017-3045",
"datePublished": "2017-04-12T14:00:00",
"dateReserved": "2016-12-02T00:00:00",
"dateUpdated": "2024-08-05T14:16:27.331Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-4208 (GCVE-0-2016-4208)
Vulnerability from cvelistv5
Published
2016-07-13 01:00
Modified
2024-08-06 00:25
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4191, CVE-2016-4192, CVE-2016-4193, CVE-2016-4194, CVE-2016-4195, CVE-2016-4196, CVE-2016-4197, CVE-2016-4198, CVE-2016-4199, CVE-2016-4200, CVE-2016-4201, CVE-2016-4202, CVE-2016-4203, CVE-2016-4204, CVE-2016-4205, CVE-2016-4206, CVE-2016-4207, CVE-2016-4211, CVE-2016-4212, CVE-2016-4213, CVE-2016-4214, CVE-2016-4250, CVE-2016-4251, CVE-2016-4252, and CVE-2016-4254.
References
| ► | URL | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T00:25:12.840Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "91716",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/91716"
},
{
"name": "1036281",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1036281"
},
{
"name": "40098",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/40098/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-07-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4191, CVE-2016-4192, CVE-2016-4193, CVE-2016-4194, CVE-2016-4195, CVE-2016-4196, CVE-2016-4197, CVE-2016-4198, CVE-2016-4199, CVE-2016-4200, CVE-2016-4201, CVE-2016-4202, CVE-2016-4203, CVE-2016-4204, CVE-2016-4205, CVE-2016-4206, CVE-2016-4207, CVE-2016-4211, CVE-2016-4212, CVE-2016-4213, CVE-2016-4214, CVE-2016-4250, CVE-2016-4251, CVE-2016-4252, and CVE-2016-4254."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-02T09:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "91716",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/91716"
},
{
"name": "1036281",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1036281"
},
{
"name": "40098",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/40098/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-4208",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4191, CVE-2016-4192, CVE-2016-4193, CVE-2016-4194, CVE-2016-4195, CVE-2016-4196, CVE-2016-4197, CVE-2016-4198, CVE-2016-4199, CVE-2016-4200, CVE-2016-4201, CVE-2016-4202, CVE-2016-4203, CVE-2016-4204, CVE-2016-4205, CVE-2016-4206, CVE-2016-4207, CVE-2016-4211, CVE-2016-4212, CVE-2016-4213, CVE-2016-4214, CVE-2016-4250, CVE-2016-4251, CVE-2016-4252, and CVE-2016-4254."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "91716",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/91716"
},
{
"name": "1036281",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036281"
},
{
"name": "40098",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/40098/"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2016-4208",
"datePublished": "2016-07-13T01:00:00",
"dateReserved": "2016-04-27T00:00:00",
"dateUpdated": "2024-08-06T00:25:12.840Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-4215 (GCVE-0-2016-4215)
Vulnerability from cvelistv5
Published
2016-07-13 01:00
Modified
2024-08-06 00:25
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to bypass JavaScript API execution restrictions via unspecified vectors.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T00:25:13.273Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1036281",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1036281"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html"
},
{
"name": "91712",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/91712"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-07-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to bypass JavaScript API execution restrictions via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-31T09:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "1036281",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1036281"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html"
},
{
"name": "91712",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/91712"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-4215",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to bypass JavaScript API execution restrictions via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1036281",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036281"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html"
},
{
"name": "91712",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/91712"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2016-4215",
"datePublished": "2016-07-13T01:00:00",
"dateReserved": "2016-04-27T00:00:00",
"dateUpdated": "2024-08-06T00:25:13.273Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-1091 (GCVE-0-2016-1091)
Vulnerability from cvelistv5
Published
2016-10-13 19:00
Modified
2024-08-05 22:48
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1089, CVE-2016-6944, CVE-2016-6945, CVE-2016-6946, CVE-2016-6949, CVE-2016-6952, CVE-2016-6953, CVE-2016-6961, CVE-2016-6962, CVE-2016-6963, CVE-2016-6964, CVE-2016-6965, CVE-2016-6967, CVE-2016-6968, CVE-2016-6969, CVE-2016-6971, CVE-2016-6979, CVE-2016-6988, and CVE-2016-6993.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T22:48:12.077Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1036986",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1036986"
},
{
"name": "93491",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/93491"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-10-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1089, CVE-2016-6944, CVE-2016-6945, CVE-2016-6946, CVE-2016-6949, CVE-2016-6952, CVE-2016-6953, CVE-2016-6961, CVE-2016-6962, CVE-2016-6963, CVE-2016-6964, CVE-2016-6965, CVE-2016-6967, CVE-2016-6968, CVE-2016-6969, CVE-2016-6971, CVE-2016-6979, CVE-2016-6988, and CVE-2016-6993."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-29T09:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "1036986",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1036986"
},
{
"name": "93491",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/93491"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-1091",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1089, CVE-2016-6944, CVE-2016-6945, CVE-2016-6946, CVE-2016-6949, CVE-2016-6952, CVE-2016-6953, CVE-2016-6961, CVE-2016-6962, CVE-2016-6963, CVE-2016-6964, CVE-2016-6965, CVE-2016-6967, CVE-2016-6968, CVE-2016-6969, CVE-2016-6971, CVE-2016-6979, CVE-2016-6988, and CVE-2016-6993."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1036986",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"name": "93491",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93491"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2016-1091",
"datePublished": "2016-10-13T19:00:00",
"dateReserved": "2015-12-22T00:00:00",
"dateUpdated": "2024-08-05T22:48:12.077Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-2962 (GCVE-0-2017-2962)
Vulnerability from cvelistv5
Published
2017-01-11 04:40
Modified
2024-08-05 14:09
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Type Confusion
Summary
Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable type confusion vulnerability in the XSLT engine related to localization functionality. Successful exploitation could lead to arbitrary code execution.
References
| ► | URL | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier. |
Version: Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier. |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T14:09:17.773Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "95340",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/95340"
},
{
"name": "1037574",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1037574"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-17-026"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier.",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier."
}
]
}
],
"datePublic": "2017-01-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable type confusion vulnerability in the XSLT engine related to localization functionality. Successful exploitation could lead to arbitrary code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Type Confusion",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-01-12T22:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "95340",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/95340"
},
{
"name": "1037574",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1037574"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-17-026"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2017-2962",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier.",
"version": {
"version_data": [
{
"version_value": "Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier."
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable type confusion vulnerability in the XSLT engine related to localization functionality. Successful exploitation could lead to arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Type Confusion"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "95340",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/95340"
},
{
"name": "1037574",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037574"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html"
},
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-17-026",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-17-026"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2017-2962",
"datePublished": "2017-01-11T04:40:00",
"dateReserved": "2016-12-02T00:00:00",
"dateUpdated": "2024-08-05T14:09:17.773Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-7011 (GCVE-0-2016-7011)
Vulnerability from cvelistv5
Published
2016-10-13 19:00
Modified
2024-08-06 01:50
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T01:50:47.433Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1036986",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1036986"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"name": "93496",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/93496"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-10-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-29T09:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "1036986",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1036986"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"name": "93496",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/93496"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-7011",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1036986",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"name": "93496",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93496"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2016-7011",
"datePublished": "2016-10-13T19:00:00",
"dateReserved": "2016-08-23T00:00:00",
"dateUpdated": "2024-08-06T01:50:47.433Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-3034 (GCVE-0-2017-3034)
Vulnerability from cvelistv5
Published
2017-04-12 14:00
Modified
2024-08-05 14:16
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Integer Overflow
Summary
Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable integer overflow vulnerability in the XML Forms Architecture (XFA) engine, related to layout functionality. Successful exploitation could lead to arbitrary code execution.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier. |
Version: Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier. |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T14:16:26.324Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "97548",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/97548"
},
{
"name": "1038228",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1038228"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier.",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier."
}
]
}
],
"datePublic": "2017-04-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable integer overflow vulnerability in the XML Forms Architecture (XFA) engine, related to layout functionality. Successful exploitation could lead to arbitrary code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Integer Overflow",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T09:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "97548",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/97548"
},
{
"name": "1038228",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1038228"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2017-3034",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier.",
"version": {
"version_data": [
{
"version_value": "Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier."
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable integer overflow vulnerability in the XML Forms Architecture (XFA) engine, related to layout functionality. Successful exploitation could lead to arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Integer Overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "97548",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/97548"
},
{
"name": "1038228",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038228"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2017-3034",
"datePublished": "2017-04-12T14:00:00",
"dateReserved": "2016-12-02T00:00:00",
"dateUpdated": "2024-08-05T14:16:26.324Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-1128 (GCVE-0-2016-1128)
Vulnerability from cvelistv5
Published
2016-05-11 10:00
Modified
2024-08-05 22:48
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T22:48:13.020Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1035828",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1035828"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-05-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-11-29T16:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "1035828",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1035828"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-1128",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1035828",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2016-1128",
"datePublished": "2016-05-11T10:00:00",
"dateReserved": "2015-12-22T00:00:00",
"dateUpdated": "2024-08-05T22:48:13.020Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-4197 (GCVE-0-2016-4197)
Vulnerability from cvelistv5
Published
2016-07-13 01:00
Modified
2024-08-06 00:17
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4191, CVE-2016-4192, CVE-2016-4193, CVE-2016-4194, CVE-2016-4195, CVE-2016-4196, CVE-2016-4198, CVE-2016-4199, CVE-2016-4200, CVE-2016-4201, CVE-2016-4202, CVE-2016-4203, CVE-2016-4204, CVE-2016-4205, CVE-2016-4206, CVE-2016-4207, CVE-2016-4208, CVE-2016-4211, CVE-2016-4212, CVE-2016-4213, CVE-2016-4214, CVE-2016-4250, CVE-2016-4251, CVE-2016-4252, and CVE-2016-4254.
References
| ► | URL | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T00:17:31.424Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "91716",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/91716"
},
{
"name": "1036281",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1036281"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-415"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-07-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4191, CVE-2016-4192, CVE-2016-4193, CVE-2016-4194, CVE-2016-4195, CVE-2016-4196, CVE-2016-4198, CVE-2016-4199, CVE-2016-4200, CVE-2016-4201, CVE-2016-4202, CVE-2016-4203, CVE-2016-4204, CVE-2016-4205, CVE-2016-4206, CVE-2016-4207, CVE-2016-4208, CVE-2016-4211, CVE-2016-4212, CVE-2016-4213, CVE-2016-4214, CVE-2016-4250, CVE-2016-4251, CVE-2016-4252, and CVE-2016-4254."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-31T09:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "91716",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/91716"
},
{
"name": "1036281",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1036281"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-415"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-4197",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4191, CVE-2016-4192, CVE-2016-4193, CVE-2016-4194, CVE-2016-4195, CVE-2016-4196, CVE-2016-4198, CVE-2016-4199, CVE-2016-4200, CVE-2016-4201, CVE-2016-4202, CVE-2016-4203, CVE-2016-4204, CVE-2016-4205, CVE-2016-4206, CVE-2016-4207, CVE-2016-4208, CVE-2016-4211, CVE-2016-4212, CVE-2016-4213, CVE-2016-4214, CVE-2016-4250, CVE-2016-4251, CVE-2016-4252, and CVE-2016-4254."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "91716",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/91716"
},
{
"name": "1036281",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036281"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html"
},
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-16-415",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-415"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2016-4197",
"datePublished": "2016-07-13T01:00:00",
"dateReserved": "2016-04-27T00:00:00",
"dateUpdated": "2024-08-06T00:17:31.424Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-11219 (GCVE-0-2017-11219)
Vulnerability from cvelistv5
Published
2017-08-11 19:00
Modified
2024-09-16 17:38
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Use After Free
Summary
Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable use after free vulnerability in the XFA rendering engine. Successful exploitation could lead to arbitrary code execution.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Adobe Systems Incorporated | Acrobat Reader |
Version: 2017.009.20058 and earlier Version: 2017.008.30051 and earlier Version: 2015.006.30306 and earlier Version: 11.0.20 and earlier |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T18:05:28.648Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"name": "1039098",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1039098"
},
{
"name": "100182",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/100182"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe Systems Incorporated",
"versions": [
{
"status": "affected",
"version": "2017.009.20058 and earlier"
},
{
"status": "affected",
"version": "2017.008.30051 and earlier"
},
{
"status": "affected",
"version": "2015.006.30306 and earlier"
},
{
"status": "affected",
"version": "11.0.20 and earlier"
}
]
}
],
"datePublic": "2017-08-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable use after free vulnerability in the XFA rendering engine. Successful exploitation could lead to arbitrary code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Use After Free",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-12T09:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"name": "1039098",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1039098"
},
{
"name": "100182",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/100182"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2017-08-08T00:00:00",
"ID": "CVE-2017-11219",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_value": "2017.009.20058 and earlier"
},
{
"version_value": "2017.008.30051 and earlier"
},
{
"version_value": "2015.006.30306 and earlier"
},
{
"version_value": "11.0.20 and earlier"
}
]
}
}
]
},
"vendor_name": "Adobe Systems Incorporated"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable use after free vulnerability in the XFA rendering engine. Successful exploitation could lead to arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use After Free"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"name": "1039098",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039098"
},
{
"name": "100182",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/100182"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2017-11219",
"datePublished": "2017-08-11T19:00:00Z",
"dateReserved": "2017-07-13T00:00:00",
"dateUpdated": "2024-09-16T17:38:39.407Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-11221 (GCVE-0-2017-11221)
Vulnerability from cvelistv5
Published
2017-08-11 19:00
Modified
2024-09-16 20:43
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Type Confusion
Summary
Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable type confusion vulnerability in the annotation functionality. Successful exploitation could lead to arbitrary code execution.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Adobe Systems Incorporated | Acrobat Reader |
Version: 2017.009.20058 and earlier Version: 2017.008.30051 and earlier Version: 2015.006.30306 and earlier Version: 11.0.20 and earlier |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T18:05:29.569Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"name": "100181",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/100181"
},
{
"name": "1039098",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1039098"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe Systems Incorporated",
"versions": [
{
"status": "affected",
"version": "2017.009.20058 and earlier"
},
{
"status": "affected",
"version": "2017.008.30051 and earlier"
},
{
"status": "affected",
"version": "2015.006.30306 and earlier"
},
{
"status": "affected",
"version": "11.0.20 and earlier"
}
]
}
],
"datePublic": "2017-08-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable type confusion vulnerability in the annotation functionality. Successful exploitation could lead to arbitrary code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Type Confusion",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-12T09:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"name": "100181",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/100181"
},
{
"name": "1039098",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1039098"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2017-08-08T00:00:00",
"ID": "CVE-2017-11221",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_value": "2017.009.20058 and earlier"
},
{
"version_value": "2017.008.30051 and earlier"
},
{
"version_value": "2015.006.30306 and earlier"
},
{
"version_value": "11.0.20 and earlier"
}
]
}
}
]
},
"vendor_name": "Adobe Systems Incorporated"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable type confusion vulnerability in the annotation functionality. Successful exploitation could lead to arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Type Confusion"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"name": "100181",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/100181"
},
{
"name": "1039098",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039098"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2017-11221",
"datePublished": "2017-08-11T19:00:00Z",
"dateReserved": "2017-07-13T00:00:00",
"dateUpdated": "2024-09-16T20:43:02.897Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-1089 (GCVE-0-2016-1089)
Vulnerability from cvelistv5
Published
2016-10-13 19:00
Modified
2024-08-05 22:48
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1091, CVE-2016-6944, CVE-2016-6945, CVE-2016-6946, CVE-2016-6949, CVE-2016-6952, CVE-2016-6953, CVE-2016-6961, CVE-2016-6962, CVE-2016-6963, CVE-2016-6964, CVE-2016-6965, CVE-2016-6967, CVE-2016-6968, CVE-2016-6969, CVE-2016-6971, CVE-2016-6979, CVE-2016-6988, and CVE-2016-6993.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T22:48:12.068Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1036986",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1036986"
},
{
"name": "93491",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/93491"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-10-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1091, CVE-2016-6944, CVE-2016-6945, CVE-2016-6946, CVE-2016-6949, CVE-2016-6952, CVE-2016-6953, CVE-2016-6961, CVE-2016-6962, CVE-2016-6963, CVE-2016-6964, CVE-2016-6965, CVE-2016-6967, CVE-2016-6968, CVE-2016-6969, CVE-2016-6971, CVE-2016-6979, CVE-2016-6988, and CVE-2016-6993."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-29T09:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "1036986",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1036986"
},
{
"name": "93491",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/93491"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-1089",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1091, CVE-2016-6944, CVE-2016-6945, CVE-2016-6946, CVE-2016-6949, CVE-2016-6952, CVE-2016-6953, CVE-2016-6961, CVE-2016-6962, CVE-2016-6963, CVE-2016-6964, CVE-2016-6965, CVE-2016-6967, CVE-2016-6968, CVE-2016-6969, CVE-2016-6971, CVE-2016-6979, CVE-2016-6988, and CVE-2016-6993."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1036986",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"name": "93491",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93491"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2016-1089",
"datePublished": "2016-10-13T19:00:00",
"dateReserved": "2015-12-22T00:00:00",
"dateUpdated": "2024-08-05T22:48:12.068Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-7014 (GCVE-0-2016-7014)
Vulnerability from cvelistv5
Published
2016-10-13 19:00
Modified
2024-08-06 01:50
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T01:50:47.185Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1036986",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1036986"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"name": "93496",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/93496"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-10-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-29T09:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "1036986",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1036986"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"name": "93496",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/93496"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-7014",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1036986",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"name": "93496",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93496"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2016-7014",
"datePublished": "2016-10-13T19:00:00",
"dateReserved": "2016-08-23T00:00:00",
"dateUpdated": "2024-08-06T01:50:47.185Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-7010 (GCVE-0-2016-7010)
Vulnerability from cvelistv5
Published
2016-10-13 19:00
Modified
2024-08-06 01:50
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T01:50:46.635Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1036986",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1036986"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"name": "93496",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/93496"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-10-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-29T09:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "1036986",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1036986"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"name": "93496",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/93496"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-7010",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1036986",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"name": "93496",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93496"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2016-7010",
"datePublished": "2016-10-13T19:00:00",
"dateReserved": "2016-08-23T00:00:00",
"dateUpdated": "2024-08-06T01:50:46.635Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-11226 (GCVE-0-2017-11226)
Vulnerability from cvelistv5
Published
2017-08-11 19:00
Modified
2024-09-16 19:10
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Memory Corruption
Summary
Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image processing engine when processing JPEG 2000 (JP2) code stream data. Successful exploitation could lead to arbitrary code execution.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Adobe Systems Incorporated | Acrobat Reader |
Version: 2017.009.20058 and earlier Version: 2017.008.30051 and earlier Version: 2015.006.30306 and earlier Version: 11.0.20 and earlier |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T18:05:29.952Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"name": "1039098",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1039098"
},
{
"name": "100179",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/100179"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe Systems Incorporated",
"versions": [
{
"status": "affected",
"version": "2017.009.20058 and earlier"
},
{
"status": "affected",
"version": "2017.008.30051 and earlier"
},
{
"status": "affected",
"version": "2015.006.30306 and earlier"
},
{
"status": "affected",
"version": "11.0.20 and earlier"
}
]
}
],
"datePublic": "2017-08-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image processing engine when processing JPEG 2000 (JP2) code stream data. Successful exploitation could lead to arbitrary code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Memory Corruption",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-12T09:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"name": "1039098",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1039098"
},
{
"name": "100179",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/100179"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2017-08-08T00:00:00",
"ID": "CVE-2017-11226",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_value": "2017.009.20058 and earlier"
},
{
"version_value": "2017.008.30051 and earlier"
},
{
"version_value": "2015.006.30306 and earlier"
},
{
"version_value": "11.0.20 and earlier"
}
]
}
}
]
},
"vendor_name": "Adobe Systems Incorporated"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image processing engine when processing JPEG 2000 (JP2) code stream data. Successful exploitation could lead to arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Memory Corruption"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"name": "1039098",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039098"
},
{
"name": "100179",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/100179"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2017-11226",
"datePublished": "2017-08-11T19:00:00Z",
"dateReserved": "2017-07-13T00:00:00",
"dateUpdated": "2024-09-16T19:10:19.332Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-6965 (GCVE-0-2016-6965)
Vulnerability from cvelistv5
Published
2016-10-13 19:00
Modified
2024-08-06 01:43
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1089, CVE-2016-1091, CVE-2016-6944, CVE-2016-6945, CVE-2016-6946, CVE-2016-6949, CVE-2016-6952, CVE-2016-6953, CVE-2016-6961, CVE-2016-6962, CVE-2016-6963, CVE-2016-6964, CVE-2016-6967, CVE-2016-6968, CVE-2016-6969, CVE-2016-6971, CVE-2016-6979, CVE-2016-6988, and CVE-2016-6993.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T01:43:38.749Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1036986",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1036986"
},
{
"name": "93491",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/93491"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-10-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1089, CVE-2016-1091, CVE-2016-6944, CVE-2016-6945, CVE-2016-6946, CVE-2016-6949, CVE-2016-6952, CVE-2016-6953, CVE-2016-6961, CVE-2016-6962, CVE-2016-6963, CVE-2016-6964, CVE-2016-6967, CVE-2016-6968, CVE-2016-6969, CVE-2016-6971, CVE-2016-6979, CVE-2016-6988, and CVE-2016-6993."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-29T09:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "1036986",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1036986"
},
{
"name": "93491",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/93491"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-6965",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1089, CVE-2016-1091, CVE-2016-6944, CVE-2016-6945, CVE-2016-6946, CVE-2016-6949, CVE-2016-6952, CVE-2016-6953, CVE-2016-6961, CVE-2016-6962, CVE-2016-6963, CVE-2016-6964, CVE-2016-6967, CVE-2016-6968, CVE-2016-6969, CVE-2016-6971, CVE-2016-6979, CVE-2016-6988, and CVE-2016-6993."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1036986",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"name": "93491",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93491"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2016-6965",
"datePublished": "2016-10-13T19:00:00",
"dateReserved": "2016-08-23T00:00:00",
"dateUpdated": "2024-08-06T01:43:38.749Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-4255 (GCVE-0-2016-4255)
Vulnerability from cvelistv5
Published
2016-07-13 01:00
Modified
2024-08-06 00:25
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors.
References
| ► | URL | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T00:25:13.986Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1036281",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1036281"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html"
},
{
"name": "91714",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/91714"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-420"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-07-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-31T09:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "1036281",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1036281"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html"
},
{
"name": "91714",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/91714"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-420"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-4255",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1036281",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036281"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html"
},
{
"name": "91714",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/91714"
},
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-16-420",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-420"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2016-4255",
"datePublished": "2016-07-13T01:00:00",
"dateReserved": "2016-04-27T00:00:00",
"dateUpdated": "2024-08-06T00:25:13.986Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-4119 (GCVE-0-2016-4119)
Vulnerability from cvelistv5
Published
2016-08-26 19:00
Modified
2024-08-06 00:17
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105.
References
| ► | URL | Tags |
|---|---|---|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T00:17:31.233Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://blog.fortinet.com/2016/06/06/analysis-of-use-after-free-vulnerability-cve-2016-4119-in-adobe-acrobat-and-reader"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-05-19T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-04-04T18:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://blog.fortinet.com/2016/06/06/analysis-of-use-after-free-vulnerability-cve-2016-4119-in-adobe-acrobat-and-reader"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-4119",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://blog.fortinet.com/2016/06/06/analysis-of-use-after-free-vulnerability-cve-2016-4119-in-adobe-acrobat-and-reader",
"refsource": "MISC",
"url": "https://blog.fortinet.com/2016/06/06/analysis-of-use-after-free-vulnerability-cve-2016-4119-in-adobe-acrobat-and-reader"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2016-4119",
"datePublished": "2016-08-26T19:00:00",
"dateReserved": "2016-04-27T00:00:00",
"dateUpdated": "2024-08-06T00:17:31.233Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-6968 (GCVE-0-2016-6968)
Vulnerability from cvelistv5
Published
2016-10-13 19:00
Modified
2024-08-06 01:43
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1089, CVE-2016-1091, CVE-2016-6944, CVE-2016-6945, CVE-2016-6946, CVE-2016-6949, CVE-2016-6952, CVE-2016-6953, CVE-2016-6961, CVE-2016-6962, CVE-2016-6963, CVE-2016-6964, CVE-2016-6965, CVE-2016-6967, CVE-2016-6969, CVE-2016-6971, CVE-2016-6979, CVE-2016-6988, and CVE-2016-6993.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T01:43:38.784Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1036986",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1036986"
},
{
"name": "93491",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/93491"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-10-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1089, CVE-2016-1091, CVE-2016-6944, CVE-2016-6945, CVE-2016-6946, CVE-2016-6949, CVE-2016-6952, CVE-2016-6953, CVE-2016-6961, CVE-2016-6962, CVE-2016-6963, CVE-2016-6964, CVE-2016-6965, CVE-2016-6967, CVE-2016-6969, CVE-2016-6971, CVE-2016-6979, CVE-2016-6988, and CVE-2016-6993."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-29T09:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "1036986",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1036986"
},
{
"name": "93491",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/93491"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-6968",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1089, CVE-2016-1091, CVE-2016-6944, CVE-2016-6945, CVE-2016-6946, CVE-2016-6949, CVE-2016-6952, CVE-2016-6953, CVE-2016-6961, CVE-2016-6962, CVE-2016-6963, CVE-2016-6964, CVE-2016-6965, CVE-2016-6967, CVE-2016-6969, CVE-2016-6971, CVE-2016-6979, CVE-2016-6988, and CVE-2016-6993."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1036986",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"name": "93491",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93491"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2016-6968",
"datePublished": "2016-10-13T19:00:00",
"dateReserved": "2016-08-23T00:00:00",
"dateUpdated": "2024-08-06T01:43:38.784Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-11229 (GCVE-0-2017-11229)
Vulnerability from cvelistv5
Published
2017-08-11 19:00
Modified
2024-09-16 22:45
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Security Bypass
Summary
Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has a security bypass vulnerability when manipulating Forms Data Format (FDF).
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Adobe Systems Incorporated | Acrobat Reader |
Version: 2017.009.20058 and earlier Version: 2017.008.30051 and earlier Version: 2015.006.30306 and earlier Version: 11.0.20 and earlier |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T18:05:30.447Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"name": "1039098",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1039098"
},
{
"name": "100186",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/100186"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe Systems Incorporated",
"versions": [
{
"status": "affected",
"version": "2017.009.20058 and earlier"
},
{
"status": "affected",
"version": "2017.008.30051 and earlier"
},
{
"status": "affected",
"version": "2015.006.30306 and earlier"
},
{
"status": "affected",
"version": "11.0.20 and earlier"
}
]
}
],
"datePublic": "2017-08-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has a security bypass vulnerability when manipulating Forms Data Format (FDF)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Security Bypass",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-12T09:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"name": "1039098",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1039098"
},
{
"name": "100186",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/100186"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2017-08-08T00:00:00",
"ID": "CVE-2017-11229",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_value": "2017.009.20058 and earlier"
},
{
"version_value": "2017.008.30051 and earlier"
},
{
"version_value": "2015.006.30306 and earlier"
},
{
"version_value": "11.0.20 and earlier"
}
]
}
}
]
},
"vendor_name": "Adobe Systems Incorporated"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has a security bypass vulnerability when manipulating Forms Data Format (FDF)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Security Bypass"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"name": "1039098",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039098"
},
{
"name": "100186",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/100186"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2017-11229",
"datePublished": "2017-08-11T19:00:00Z",
"dateReserved": "2017-07-13T00:00:00",
"dateUpdated": "2024-09-16T22:45:28.128Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-4098 (GCVE-0-2016-4098)
Vulnerability from cvelistv5
Published
2016-05-11 10:00
Modified
2024-08-06 00:17
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T00:17:30.974Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1035828",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1035828"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-05-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-11-29T16:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "1035828",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1035828"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-4098",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1035828",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2016-4098",
"datePublished": "2016-05-11T10:00:00",
"dateReserved": "2016-04-27T00:00:00",
"dateUpdated": "2024-08-06T00:17:30.974Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-11224 (GCVE-0-2017-11224)
Vulnerability from cvelistv5
Published
2017-08-11 19:00
Modified
2024-09-17 00:55
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Use After Free
Summary
Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable use after free vulnerability in the XFA layout engine. Successful exploitation could lead to arbitrary code execution.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Adobe Systems Incorporated | Acrobat Reader |
Version: 2017.009.20058 and earlier Version: 2017.008.30051 and earlier Version: 2015.006.30306 and earlier Version: 11.0.20 and earlier |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T18:05:29.932Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"name": "1039098",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1039098"
},
{
"name": "100182",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/100182"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe Systems Incorporated",
"versions": [
{
"status": "affected",
"version": "2017.009.20058 and earlier"
},
{
"status": "affected",
"version": "2017.008.30051 and earlier"
},
{
"status": "affected",
"version": "2015.006.30306 and earlier"
},
{
"status": "affected",
"version": "11.0.20 and earlier"
}
]
}
],
"datePublic": "2017-08-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable use after free vulnerability in the XFA layout engine. Successful exploitation could lead to arbitrary code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Use After Free",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-12T09:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"name": "1039098",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1039098"
},
{
"name": "100182",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/100182"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2017-08-08T00:00:00",
"ID": "CVE-2017-11224",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_value": "2017.009.20058 and earlier"
},
{
"version_value": "2017.008.30051 and earlier"
},
{
"version_value": "2015.006.30306 and earlier"
},
{
"version_value": "11.0.20 and earlier"
}
]
}
}
]
},
"vendor_name": "Adobe Systems Incorporated"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable use after free vulnerability in the XFA layout engine. Successful exploitation could lead to arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use After Free"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"name": "1039098",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039098"
},
{
"name": "100182",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/100182"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2017-11224",
"datePublished": "2017-08-11T19:00:00Z",
"dateReserved": "2017-07-13T00:00:00",
"dateUpdated": "2024-09-17T00:55:52.699Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-4201 (GCVE-0-2016-4201)
Vulnerability from cvelistv5
Published
2016-07-13 01:00
Modified
2024-08-06 00:17
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4191, CVE-2016-4192, CVE-2016-4193, CVE-2016-4194, CVE-2016-4195, CVE-2016-4196, CVE-2016-4197, CVE-2016-4198, CVE-2016-4199, CVE-2016-4200, CVE-2016-4202, CVE-2016-4203, CVE-2016-4204, CVE-2016-4205, CVE-2016-4206, CVE-2016-4207, CVE-2016-4208, CVE-2016-4211, CVE-2016-4212, CVE-2016-4213, CVE-2016-4214, CVE-2016-4250, CVE-2016-4251, CVE-2016-4252, and CVE-2016-4254.
References
| ► | URL | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T00:17:31.314Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "91716",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/91716"
},
{
"name": "1036281",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1036281"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html"
},
{
"name": "40101",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/40101/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-07-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4191, CVE-2016-4192, CVE-2016-4193, CVE-2016-4194, CVE-2016-4195, CVE-2016-4196, CVE-2016-4197, CVE-2016-4198, CVE-2016-4199, CVE-2016-4200, CVE-2016-4202, CVE-2016-4203, CVE-2016-4204, CVE-2016-4205, CVE-2016-4206, CVE-2016-4207, CVE-2016-4208, CVE-2016-4211, CVE-2016-4212, CVE-2016-4213, CVE-2016-4214, CVE-2016-4250, CVE-2016-4251, CVE-2016-4252, and CVE-2016-4254."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-02T09:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "91716",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/91716"
},
{
"name": "1036281",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1036281"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html"
},
{
"name": "40101",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/40101/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-4201",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4191, CVE-2016-4192, CVE-2016-4193, CVE-2016-4194, CVE-2016-4195, CVE-2016-4196, CVE-2016-4197, CVE-2016-4198, CVE-2016-4199, CVE-2016-4200, CVE-2016-4202, CVE-2016-4203, CVE-2016-4204, CVE-2016-4205, CVE-2016-4206, CVE-2016-4207, CVE-2016-4208, CVE-2016-4211, CVE-2016-4212, CVE-2016-4213, CVE-2016-4214, CVE-2016-4250, CVE-2016-4251, CVE-2016-4252, and CVE-2016-4254."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "91716",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/91716"
},
{
"name": "1036281",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036281"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html"
},
{
"name": "40101",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/40101/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2016-4201",
"datePublished": "2016-07-13T01:00:00",
"dateReserved": "2016-04-27T00:00:00",
"dateUpdated": "2024-08-06T00:17:31.314Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-11257 (GCVE-0-2017-11257)
Vulnerability from cvelistv5
Published
2017-08-11 19:00
Modified
2024-09-16 23:16
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Type Confusion
Summary
Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable type confusion vulnerability in the XFA layout engine. Successful exploitation could lead to arbitrary code execution.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Adobe Systems Incorporated | Acrobat Reader |
Version: 2017.009.20058 and earlier Version: 2017.008.30051 and earlier Version: 2015.006.30306 and earlier Version: 11.0.20 and earlier |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T18:05:29.602Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"name": "100181",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/100181"
},
{
"name": "1039098",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1039098"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe Systems Incorporated",
"versions": [
{
"status": "affected",
"version": "2017.009.20058 and earlier"
},
{
"status": "affected",
"version": "2017.008.30051 and earlier"
},
{
"status": "affected",
"version": "2015.006.30306 and earlier"
},
{
"status": "affected",
"version": "11.0.20 and earlier"
}
]
}
],
"datePublic": "2017-08-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable type confusion vulnerability in the XFA layout engine. Successful exploitation could lead to arbitrary code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Type Confusion",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-12T09:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"name": "100181",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/100181"
},
{
"name": "1039098",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1039098"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2017-08-08T00:00:00",
"ID": "CVE-2017-11257",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_value": "2017.009.20058 and earlier"
},
{
"version_value": "2017.008.30051 and earlier"
},
{
"version_value": "2015.006.30306 and earlier"
},
{
"version_value": "11.0.20 and earlier"
}
]
}
}
]
},
"vendor_name": "Adobe Systems Incorporated"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable type confusion vulnerability in the XFA layout engine. Successful exploitation could lead to arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Type Confusion"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"name": "100181",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/100181"
},
{
"name": "1039098",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039098"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2017-11257",
"datePublished": "2017-08-11T19:00:00Z",
"dateReserved": "2017-07-13T00:00:00",
"dateUpdated": "2024-09-16T23:16:33.654Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-1086 (GCVE-0-2016-1086)
Vulnerability from cvelistv5
Published
2016-05-11 10:00
Modified
2024-08-05 22:38
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T22:38:41.824Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1035828",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1035828"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-05-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-11-29T16:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "1035828",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1035828"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-1086",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1035828",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2016-1086",
"datePublished": "2016-05-11T10:00:00",
"dateReserved": "2015-12-22T00:00:00",
"dateUpdated": "2024-08-05T22:38:41.824Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-3016 (GCVE-0-2017-3016)
Vulnerability from cvelistv5
Published
2017-08-11 19:00
Modified
2024-09-16 16:17
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Memory Corruption
Summary
Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Adobe Systems Incorporated | Acrobat Reader |
Version: 2017.009.20058 and earlier Version: 2017.008.30051 and earlier Version: 2015.006.30306 and earlier Version: 11.0.20 and earlier |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T14:09:17.777Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"name": "1039098",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1039098"
},
{
"name": "100179",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/100179"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe Systems Incorporated",
"versions": [
{
"status": "affected",
"version": "2017.009.20058 and earlier"
},
{
"status": "affected",
"version": "2017.008.30051 and earlier"
},
{
"status": "affected",
"version": "2015.006.30306 and earlier"
},
{
"status": "affected",
"version": "11.0.20 and earlier"
}
]
}
],
"datePublic": "2017-08-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Memory Corruption",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-12T09:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"name": "1039098",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1039098"
},
{
"name": "100179",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/100179"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2017-08-08T00:00:00",
"ID": "CVE-2017-3016",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_value": "2017.009.20058 and earlier"
},
{
"version_value": "2017.008.30051 and earlier"
},
{
"version_value": "2015.006.30306 and earlier"
},
{
"version_value": "11.0.20 and earlier"
}
]
}
}
]
},
"vendor_name": "Adobe Systems Incorporated"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Memory Corruption"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"name": "1039098",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039098"
},
{
"name": "100179",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/100179"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2017-3016",
"datePublished": "2017-08-11T19:00:00Z",
"dateReserved": "2016-12-02T00:00:00",
"dateUpdated": "2024-09-16T16:17:40.404Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-1278 (GCVE-0-2010-1278)
Vulnerability from cvelistv5
Published
2010-04-22 14:00
Modified
2024-08-07 01:21
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Buffer overflow in the Atlcom.get_atlcom ActiveX control in gp.ocx in Adobe Download Manager, as used in Adobe Reader and Acrobat 8.x before 8.2 and 9.x before 9.3, allows remote attackers to execute arbitrary code via unspecified parameters.
References
| ► | URL | Tags | |||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T01:21:17.602Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-10-077/"
},
{
"name": "oval:org.mitre.oval:def:7500",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7500"
},
{
"name": "20100421 ZDI-10-077: Adobe Download Manager Atlcom.get_atlcom ActiveX Control Remote Code Execution Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/510868/100/0/threaded"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.adobe.com/support/security/bulletins/apsb10-02.html"
},
{
"name": "1023908",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1023908"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-04-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the Atlcom.get_atlcom ActiveX control in gp.ocx in Adobe Download Manager, as used in Adobe Reader and Acrobat 8.x before 8.2 and 9.x before 9.3, allows remote attackers to execute arbitrary code via unspecified parameters."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-10T18:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-10-077/"
},
{
"name": "oval:org.mitre.oval:def:7500",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7500"
},
{
"name": "20100421 ZDI-10-077: Adobe Download Manager Atlcom.get_atlcom ActiveX Control Remote Code Execution Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/510868/100/0/threaded"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.adobe.com/support/security/bulletins/apsb10-02.html"
},
{
"name": "1023908",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1023908"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2010-1278",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in the Atlcom.get_atlcom ActiveX control in gp.ocx in Adobe Download Manager, as used in Adobe Reader and Acrobat 8.x before 8.2 and 9.x before 9.3, allows remote attackers to execute arbitrary code via unspecified parameters."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-10-077/",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-10-077/"
},
{
"name": "oval:org.mitre.oval:def:7500",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7500"
},
{
"name": "20100421 ZDI-10-077: Adobe Download Manager Atlcom.get_atlcom ActiveX Control Remote Code Execution Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/510868/100/0/threaded"
},
{
"name": "http://www.adobe.com/support/security/bulletins/apsb10-02.html",
"refsource": "CONFIRM",
"url": "http://www.adobe.com/support/security/bulletins/apsb10-02.html"
},
{
"name": "1023908",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1023908"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2010-1278",
"datePublished": "2010-04-22T14:00:00",
"dateReserved": "2010-04-06T00:00:00",
"dateUpdated": "2024-08-07T01:21:17.602Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-2949 (GCVE-0-2017-2949)
Vulnerability from cvelistv5
Published
2017-01-11 04:40
Modified
2024-08-05 14:09
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Heap Overflow
Summary
Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable heap overflow vulnerability in the XSLT engine. Successful exploitation could lead to arbitrary code execution.
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier. |
Version: Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier. |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T14:09:17.757Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-17-005"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-17-020"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-17-006"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-17-009"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-17-007"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-17-029"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-17-008"
},
{
"name": "95344",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/95344"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-17-017"
},
{
"name": "1037574",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1037574"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-17-028"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-17-016"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-17-011"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-17-019"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-17-015"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-17-012"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-17-018"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-17-013"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier.",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier."
}
]
}
],
"datePublic": "2017-01-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable heap overflow vulnerability in the XSLT engine. Successful exploitation could lead to arbitrary code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Heap Overflow",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-01-12T22:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-17-005"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-17-020"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-17-006"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-17-009"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-17-007"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-17-029"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-17-008"
},
{
"name": "95344",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/95344"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-17-017"
},
{
"name": "1037574",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1037574"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-17-028"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-17-016"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-17-011"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-17-019"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-17-015"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-17-012"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-17-018"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-17-013"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2017-2949",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier.",
"version": {
"version_data": [
{
"version_value": "Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier."
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable heap overflow vulnerability in the XSLT engine. Successful exploitation could lead to arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Heap Overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-17-005",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-17-005"
},
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-17-020",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-17-020"
},
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-17-006",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-17-006"
},
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-17-009",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-17-009"
},
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-17-007",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-17-007"
},
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-17-029",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-17-029"
},
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-17-008",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-17-008"
},
{
"name": "95344",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/95344"
},
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-17-017",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-17-017"
},
{
"name": "1037574",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037574"
},
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-17-028",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-17-028"
},
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-17-016",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-17-016"
},
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-17-011",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-17-011"
},
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-17-019",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-17-019"
},
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-17-015",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-17-015"
},
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-17-012",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-17-012"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html"
},
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-17-018",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-17-018"
},
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-17-013",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-17-013"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2017-2949",
"datePublished": "2017-01-11T04:40:00",
"dateReserved": "2016-12-02T00:00:00",
"dateUpdated": "2024-08-05T14:09:17.757Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-6955 (GCVE-0-2016-6955)
Vulnerability from cvelistv5
Published
2016-10-13 19:00
Modified
2024-08-06 01:43
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T01:43:38.587Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1036986",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1036986"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"name": "93496",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/93496"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-10-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-29T09:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "1036986",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1036986"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"name": "93496",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/93496"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-6955",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1036986",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"name": "93496",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93496"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2016-6955",
"datePublished": "2016-10-13T19:00:00",
"dateReserved": "2016-08-23T00:00:00",
"dateUpdated": "2024-08-06T01:43:38.587Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-2942 (GCVE-0-2017-2942)
Vulnerability from cvelistv5
Published
2017-01-11 04:40
Modified
2024-08-05 14:09
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Heap Overflow
Summary
Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable heap overflow vulnerability when processing TIFF image data. Successful exploitation could lead to arbitrary code execution.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier. |
Version: Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier. |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T14:09:17.798Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "95344",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/95344"
},
{
"name": "1037574",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1037574"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier.",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier."
}
]
}
],
"datePublic": "2017-01-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable heap overflow vulnerability when processing TIFF image data. Successful exploitation could lead to arbitrary code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Heap Overflow",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-01-12T22:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "95344",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/95344"
},
{
"name": "1037574",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1037574"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2017-2942",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier.",
"version": {
"version_data": [
{
"version_value": "Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier."
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable heap overflow vulnerability when processing TIFF image data. Successful exploitation could lead to arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Heap Overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "95344",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/95344"
},
{
"name": "1037574",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037574"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2017-2942",
"datePublished": "2017-01-11T04:40:00",
"dateReserved": "2016-12-02T00:00:00",
"dateUpdated": "2024-08-05T14:09:17.798Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-3065 (GCVE-0-2017-3065)
Vulnerability from cvelistv5
Published
2017-04-12 14:00
Modified
2024-08-05 14:16
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Memory Corruption
Summary
Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability in the font manipulation functionality. Successful exploitation could lead to arbitrary code execution.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier. |
Version: Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier. |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T14:16:27.484Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1038228",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1038228"
},
{
"name": "97556",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/97556"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier.",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier."
}
]
}
],
"datePublic": "2017-04-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability in the font manipulation functionality. Successful exploitation could lead to arbitrary code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Memory Corruption",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T09:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "1038228",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1038228"
},
{
"name": "97556",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/97556"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2017-3065",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier.",
"version": {
"version_data": [
{
"version_value": "Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier."
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability in the font manipulation functionality. Successful exploitation could lead to arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Memory Corruption"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1038228",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038228"
},
{
"name": "97556",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/97556"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2017-3065",
"datePublished": "2017-04-12T14:00:00",
"dateReserved": "2016-12-02T00:00:00",
"dateUpdated": "2024-08-05T14:16:27.484Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2011-4373 (GCVE-0-2011-4373)
Vulnerability from cvelistv5
Published
2012-01-10 21:00
Modified
2024-08-07 00:09
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Adobe Reader and Acrobat before 9.5, and 10.x before 10.1.2, on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-4370 and CVE-2011-4372.
References
| ► | URL | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T00:09:18.370Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "51350",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/51350"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.adobe.com/support/security/bulletins/apsb12-01.html"
},
{
"name": "oval:org.mitre.oval:def:14615",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14615"
},
{
"name": "1026496",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1026496"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-01-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 9.5, and 10.x before 10.1.2, on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-4370 and CVE-2011-4372."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-18T12:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "51350",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/51350"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.adobe.com/support/security/bulletins/apsb12-01.html"
},
{
"name": "oval:org.mitre.oval:def:14615",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14615"
},
{
"name": "1026496",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1026496"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2011-4373",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Reader and Acrobat before 9.5, and 10.x before 10.1.2, on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-4370 and CVE-2011-4372."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "51350",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/51350"
},
{
"name": "http://www.adobe.com/support/security/bulletins/apsb12-01.html",
"refsource": "CONFIRM",
"url": "http://www.adobe.com/support/security/bulletins/apsb12-01.html"
},
{
"name": "oval:org.mitre.oval:def:14615",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14615"
},
{
"name": "1026496",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1026496"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2011-4373",
"datePublished": "2012-01-10T21:00:00",
"dateReserved": "2011-11-04T00:00:00",
"dateUpdated": "2024-08-07T00:09:18.370Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-4101 (GCVE-0-2016-4101)
Vulnerability from cvelistv5
Published
2016-05-11 10:00
Modified
2024-08-06 00:17
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T00:17:31.183Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1035828",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1035828"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-05-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-11-29T16:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "1035828",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1035828"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-4101",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1035828",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2016-4101",
"datePublished": "2016-05-11T10:00:00",
"dateReserved": "2016-04-27T00:00:00",
"dateUpdated": "2024-08-06T00:17:31.183Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-11246 (GCVE-0-2017-11246)
Vulnerability from cvelistv5
Published
2017-08-11 19:00
Modified
2024-09-16 19:41
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Memory Corruption
Summary
Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conversion engine when parsing JPEG data. Successful exploitation could lead to arbitrary code execution.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Adobe Systems Incorporated | Acrobat Reader |
Version: 2017.009.20058 and earlier Version: 2017.008.30051 and earlier Version: 2015.006.30306 and earlier Version: 11.0.20 and earlier |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T18:05:29.907Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "100184",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/100184"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"name": "1039098",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1039098"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe Systems Incorporated",
"versions": [
{
"status": "affected",
"version": "2017.009.20058 and earlier"
},
{
"status": "affected",
"version": "2017.008.30051 and earlier"
},
{
"status": "affected",
"version": "2015.006.30306 and earlier"
},
{
"status": "affected",
"version": "11.0.20 and earlier"
}
]
}
],
"datePublic": "2017-08-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conversion engine when parsing JPEG data. Successful exploitation could lead to arbitrary code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Memory Corruption",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-12T09:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "100184",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/100184"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"name": "1039098",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1039098"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2017-08-08T00:00:00",
"ID": "CVE-2017-11246",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_value": "2017.009.20058 and earlier"
},
{
"version_value": "2017.008.30051 and earlier"
},
{
"version_value": "2015.006.30306 and earlier"
},
{
"version_value": "11.0.20 and earlier"
}
]
}
}
]
},
"vendor_name": "Adobe Systems Incorporated"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conversion engine when parsing JPEG data. Successful exploitation could lead to arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Memory Corruption"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "100184",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/100184"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"name": "1039098",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039098"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2017-11246",
"datePublished": "2017-08-11T19:00:00Z",
"dateReserved": "2017-07-13T00:00:00",
"dateUpdated": "2024-09-16T19:41:38.200Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-2940 (GCVE-0-2017-2940)
Vulnerability from cvelistv5
Published
2017-01-11 04:40
Modified
2024-08-05 14:09
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Memory Corruption
Summary
Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable memory corruption vulnerability when processing JPEG 2000 files. Successful exploitation could lead to arbitrary code execution.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier. |
Version: Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier. |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T14:09:17.750Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "95345",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/95345"
},
{
"name": "1037574",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1037574"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier.",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier."
}
]
}
],
"datePublic": "2017-01-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable memory corruption vulnerability when processing JPEG 2000 files. Successful exploitation could lead to arbitrary code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Memory Corruption",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-01-12T22:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "95345",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/95345"
},
{
"name": "1037574",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1037574"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2017-2940",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier.",
"version": {
"version_data": [
{
"version_value": "Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier."
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable memory corruption vulnerability when processing JPEG 2000 files. Successful exploitation could lead to arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Memory Corruption"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "95345",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/95345"
},
{
"name": "1037574",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037574"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2017-2940",
"datePublished": "2017-01-11T04:40:00",
"dateReserved": "2016-12-02T00:00:00",
"dateUpdated": "2024-08-05T14:09:17.750Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-7003 (GCVE-0-2016-7003)
Vulnerability from cvelistv5
Published
2016-10-13 19:00
Modified
2024-08-06 01:50
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T01:50:46.086Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1036986",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1036986"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"name": "93496",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/93496"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-10-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-29T09:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "1036986",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1036986"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"name": "93496",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/93496"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-7003",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1036986",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"name": "93496",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93496"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2016-7003",
"datePublished": "2016-10-13T19:00:00",
"dateReserved": "2016-08-23T00:00:00",
"dateUpdated": "2024-08-06T01:50:46.086Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-11252 (GCVE-0-2017-11252)
Vulnerability from cvelistv5
Published
2017-08-11 19:00
Modified
2024-09-17 01:46
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Memory Corruption
Summary
Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the Adobe Graphics Manager (AGM) module. Successful exploitation could lead to arbitrary code execution.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Adobe Systems Incorporated | Acrobat Reader |
Version: 2017.009.20058 and earlier Version: 2017.008.30051 and earlier Version: 2015.006.30306 and earlier Version: 11.0.20 and earlier |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T18:05:29.971Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "100184",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/100184"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"name": "1039098",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1039098"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe Systems Incorporated",
"versions": [
{
"status": "affected",
"version": "2017.009.20058 and earlier"
},
{
"status": "affected",
"version": "2017.008.30051 and earlier"
},
{
"status": "affected",
"version": "2015.006.30306 and earlier"
},
{
"status": "affected",
"version": "11.0.20 and earlier"
}
]
}
],
"datePublic": "2017-08-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the Adobe Graphics Manager (AGM) module. Successful exploitation could lead to arbitrary code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Memory Corruption",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-12T09:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "100184",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/100184"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"name": "1039098",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1039098"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2017-08-08T00:00:00",
"ID": "CVE-2017-11252",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_value": "2017.009.20058 and earlier"
},
{
"version_value": "2017.008.30051 and earlier"
},
{
"version_value": "2015.006.30306 and earlier"
},
{
"version_value": "11.0.20 and earlier"
}
]
}
}
]
},
"vendor_name": "Adobe Systems Incorporated"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the Adobe Graphics Manager (AGM) module. Successful exploitation could lead to arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Memory Corruption"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "100184",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/100184"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"name": "1039098",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039098"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2017-11252",
"datePublished": "2017-08-11T19:00:00Z",
"dateReserved": "2017-07-13T00:00:00",
"dateUpdated": "2024-09-17T01:46:16.560Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-3023 (GCVE-0-2017-3023)
Vulnerability from cvelistv5
Published
2017-04-12 14:00
Modified
2024-08-05 14:16
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Memory Corruption
Summary
Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability in the JPEG 2000 code-stream tile functionality. Successful exploitation could lead to arbitrary code execution.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier. |
Version: Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier. |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T14:16:26.309Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1038228",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1038228"
},
{
"name": "97556",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/97556"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier.",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier."
}
]
}
],
"datePublic": "2017-04-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability in the JPEG 2000 code-stream tile functionality. Successful exploitation could lead to arbitrary code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Memory Corruption",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T09:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "1038228",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1038228"
},
{
"name": "97556",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/97556"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2017-3023",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier.",
"version": {
"version_data": [
{
"version_value": "Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier."
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability in the JPEG 2000 code-stream tile functionality. Successful exploitation could lead to arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Memory Corruption"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1038228",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038228"
},
{
"name": "97556",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/97556"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2017-3023",
"datePublished": "2017-04-12T14:00:00",
"dateReserved": "2016-12-02T00:00:00",
"dateUpdated": "2024-08-05T14:16:26.309Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-6970 (GCVE-0-2016-6970)
Vulnerability from cvelistv5
Published
2016-10-13 19:00
Modified
2024-08-06 01:43
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T01:43:38.871Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1036986",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1036986"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"name": "93496",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/93496"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-10-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-29T09:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "1036986",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1036986"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"name": "93496",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/93496"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-6970",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1036986",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"name": "93496",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93496"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2016-6970",
"datePublished": "2016-10-13T19:00:00",
"dateReserved": "2016-08-23T00:00:00",
"dateUpdated": "2024-08-06T01:43:38.871Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-11209 (GCVE-0-2017-11209)
Vulnerability from cvelistv5
Published
2017-08-11 19:00
Modified
2024-09-17 04:00
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Memory Corruption
Summary
Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability that occurs when reading a JPEG file embedded within XML Paper Specification (XPS) file. Successful exploitation could lead to arbitrary code execution.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Adobe Systems Incorporated | Acrobat Reader |
Version: 2017.009.20058 and earlier Version: 2017.008.30051 and earlier Version: 2015.006.30306 and earlier Version: 11.0.20 and earlier |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T18:05:28.767Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "100184",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/100184"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"name": "1039098",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1039098"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe Systems Incorporated",
"versions": [
{
"status": "affected",
"version": "2017.009.20058 and earlier"
},
{
"status": "affected",
"version": "2017.008.30051 and earlier"
},
{
"status": "affected",
"version": "2015.006.30306 and earlier"
},
{
"status": "affected",
"version": "11.0.20 and earlier"
}
]
}
],
"datePublic": "2017-08-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability that occurs when reading a JPEG file embedded within XML Paper Specification (XPS) file. Successful exploitation could lead to arbitrary code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Memory Corruption",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-12T09:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "100184",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/100184"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"name": "1039098",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1039098"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2017-08-08T00:00:00",
"ID": "CVE-2017-11209",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_value": "2017.009.20058 and earlier"
},
{
"version_value": "2017.008.30051 and earlier"
},
{
"version_value": "2015.006.30306 and earlier"
},
{
"version_value": "11.0.20 and earlier"
}
]
}
}
]
},
"vendor_name": "Adobe Systems Incorporated"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability that occurs when reading a JPEG file embedded within XML Paper Specification (XPS) file. Successful exploitation could lead to arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Memory Corruption"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "100184",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/100184"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"name": "1039098",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039098"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2017-11209",
"datePublished": "2017-08-11T19:00:00Z",
"dateReserved": "2017-07-13T00:00:00",
"dateUpdated": "2024-09-17T04:00:22.316Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-6951 (GCVE-0-2016-6951)
Vulnerability from cvelistv5
Published
2016-10-13 19:00
Modified
2024-08-06 01:43
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T01:43:38.747Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1036986",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1036986"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"name": "93496",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/93496"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-10-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-29T09:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "1036986",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1036986"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"name": "93496",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/93496"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-6951",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1036986",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"name": "93496",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93496"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2016-6951",
"datePublished": "2016-10-13T19:00:00",
"dateReserved": "2016-08-23T00:00:00",
"dateUpdated": "2024-08-06T01:43:38.747Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-1042 (GCVE-0-2016-1042)
Vulnerability from cvelistv5
Published
2016-05-11 10:00
Modified
2024-08-05 22:38
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to bypass JavaScript API execution restrictions via unspecified vectors, a different vulnerability than CVE-2016-1038, CVE-2016-1039, CVE-2016-1040, CVE-2016-1041, CVE-2016-1044, CVE-2016-1062, and CVE-2016-1117.
References
| ► | URL | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T22:38:41.544Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1035828",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1035828"
},
{
"name": "90517",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/90517"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-287"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-05-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to bypass JavaScript API execution restrictions via unspecified vectors, a different vulnerability than CVE-2016-1038, CVE-2016-1039, CVE-2016-1040, CVE-2016-1041, CVE-2016-1044, CVE-2016-1062, and CVE-2016-1117."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-11-29T16:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "1035828",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1035828"
},
{
"name": "90517",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/90517"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-287"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-1042",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to bypass JavaScript API execution restrictions via unspecified vectors, a different vulnerability than CVE-2016-1038, CVE-2016-1039, CVE-2016-1040, CVE-2016-1041, CVE-2016-1044, CVE-2016-1062, and CVE-2016-1117."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1035828",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"name": "90517",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/90517"
},
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-16-287",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-287"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2016-1042",
"datePublished": "2016-05-11T10:00:00",
"dateReserved": "2015-12-22T00:00:00",
"dateUpdated": "2024-08-05T22:38:41.544Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-2953 (GCVE-0-2017-2953)
Vulnerability from cvelistv5
Published
2017-01-11 04:40
Modified
2024-08-05 14:09
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Memory Corruption
Summary
Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable memory corruption vulnerability in the image conversion module when processing a TIFF image. Successful exploitation could lead to arbitrary code execution.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier. |
Version: Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier. |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T14:09:17.807Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "95345",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/95345"
},
{
"name": "1037574",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1037574"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier.",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier."
}
]
}
],
"datePublic": "2017-01-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable memory corruption vulnerability in the image conversion module when processing a TIFF image. Successful exploitation could lead to arbitrary code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Memory Corruption",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-01-12T22:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "95345",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/95345"
},
{
"name": "1037574",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1037574"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2017-2953",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier.",
"version": {
"version_data": [
{
"version_value": "Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier."
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable memory corruption vulnerability in the image conversion module when processing a TIFF image. Successful exploitation could lead to arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Memory Corruption"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "95345",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/95345"
},
{
"name": "1037574",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037574"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2017-2953",
"datePublished": "2017-01-11T04:40:00",
"dateReserved": "2016-12-02T00:00:00",
"dateUpdated": "2024-08-05T14:09:17.807Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-3053 (GCVE-0-2017-3053)
Vulnerability from cvelistv5
Published
2017-04-12 14:00
Modified
2024-08-05 14:16
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Information Disclosure
Summary
Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have a memory address leak vulnerability in the image conversion engine, related to parsing of the APP13 segment in JPEG files.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier. |
Version: Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier. |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T14:16:27.405Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "97554",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/97554"
},
{
"name": "1038228",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1038228"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier.",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier."
}
]
}
],
"datePublic": "2017-04-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have a memory address leak vulnerability in the image conversion engine, related to parsing of the APP13 segment in JPEG files."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information Disclosure",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T09:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "97554",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/97554"
},
{
"name": "1038228",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1038228"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2017-3053",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier.",
"version": {
"version_data": [
{
"version_value": "Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier."
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have a memory address leak vulnerability in the image conversion engine, related to parsing of the APP13 segment in JPEG files."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information Disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "97554",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/97554"
},
{
"name": "1038228",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038228"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2017-3053",
"datePublished": "2017-04-12T14:00:00",
"dateReserved": "2016-12-02T00:00:00",
"dateUpdated": "2024-08-05T14:16:27.405Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-4107 (GCVE-0-2016-4107)
Vulnerability from cvelistv5
Published
2016-05-11 10:00
Modified
2024-08-06 00:17
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1045, CVE-2016-1046, CVE-2016-1047, CVE-2016-1048, CVE-2016-1049, CVE-2016-1050, CVE-2016-1051, CVE-2016-1052, CVE-2016-1053, CVE-2016-1054, CVE-2016-1055, CVE-2016-1056, CVE-2016-1057, CVE-2016-1058, CVE-2016-1059, CVE-2016-1060, CVE-2016-1061, CVE-2016-1065, CVE-2016-1066, CVE-2016-1067, CVE-2016-1068, CVE-2016-1069, CVE-2016-1070, CVE-2016-1075, CVE-2016-1094, CVE-2016-1121, CVE-2016-1122, and CVE-2016-4102.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T00:17:31.038Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "90512",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/90512"
},
{
"name": "1035828",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1035828"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-05-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1045, CVE-2016-1046, CVE-2016-1047, CVE-2016-1048, CVE-2016-1049, CVE-2016-1050, CVE-2016-1051, CVE-2016-1052, CVE-2016-1053, CVE-2016-1054, CVE-2016-1055, CVE-2016-1056, CVE-2016-1057, CVE-2016-1058, CVE-2016-1059, CVE-2016-1060, CVE-2016-1061, CVE-2016-1065, CVE-2016-1066, CVE-2016-1067, CVE-2016-1068, CVE-2016-1069, CVE-2016-1070, CVE-2016-1075, CVE-2016-1094, CVE-2016-1121, CVE-2016-1122, and CVE-2016-4102."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-11-29T16:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "90512",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/90512"
},
{
"name": "1035828",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1035828"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-4107",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1045, CVE-2016-1046, CVE-2016-1047, CVE-2016-1048, CVE-2016-1049, CVE-2016-1050, CVE-2016-1051, CVE-2016-1052, CVE-2016-1053, CVE-2016-1054, CVE-2016-1055, CVE-2016-1056, CVE-2016-1057, CVE-2016-1058, CVE-2016-1059, CVE-2016-1060, CVE-2016-1061, CVE-2016-1065, CVE-2016-1066, CVE-2016-1067, CVE-2016-1068, CVE-2016-1069, CVE-2016-1070, CVE-2016-1075, CVE-2016-1094, CVE-2016-1121, CVE-2016-1122, and CVE-2016-4102."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "90512",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/90512"
},
{
"name": "1035828",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2016-4107",
"datePublished": "2016-05-11T10:00:00",
"dateReserved": "2016-04-27T00:00:00",
"dateUpdated": "2024-08-06T00:17:31.038Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-3031 (GCVE-0-2017-3031)
Vulnerability from cvelistv5
Published
2017-04-12 14:00
Modified
2024-08-05 14:16
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Information Disclosure
Summary
Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have a memory address leak vulnerability in the XSLT engine.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier. |
Version: Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier. |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T14:16:26.316Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "97554",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/97554"
},
{
"name": "1038228",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1038228"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier.",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier."
}
]
}
],
"datePublic": "2017-04-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have a memory address leak vulnerability in the XSLT engine."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information Disclosure",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T09:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "97554",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/97554"
},
{
"name": "1038228",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1038228"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2017-3031",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier.",
"version": {
"version_data": [
{
"version_value": "Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier."
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have a memory address leak vulnerability in the XSLT engine."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information Disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "97554",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/97554"
},
{
"name": "1038228",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038228"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2017-3031",
"datePublished": "2017-04-12T14:00:00",
"dateReserved": "2016-12-02T00:00:00",
"dateUpdated": "2024-08-05T14:16:26.316Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-3124 (GCVE-0-2017-3124)
Vulnerability from cvelistv5
Published
2017-08-11 19:00
Modified
2024-09-17 02:26
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Memory Corruption
Summary
Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the picture exchange (PCX) file format parsing module. Successful exploitation could lead to arbitrary code execution.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Adobe Systems Incorporated | Acrobat Reader |
Version: 2017.009.20058 and earlier Version: 2017.008.30051 and earlier Version: 2015.006.30306 and earlier Version: 11.0.20 and earlier |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T14:16:28.093Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"name": "1039098",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1039098"
},
{
"name": "100179",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/100179"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe Systems Incorporated",
"versions": [
{
"status": "affected",
"version": "2017.009.20058 and earlier"
},
{
"status": "affected",
"version": "2017.008.30051 and earlier"
},
{
"status": "affected",
"version": "2015.006.30306 and earlier"
},
{
"status": "affected",
"version": "11.0.20 and earlier"
}
]
}
],
"datePublic": "2017-08-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the picture exchange (PCX) file format parsing module. Successful exploitation could lead to arbitrary code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Memory Corruption",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-12T09:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"name": "1039098",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1039098"
},
{
"name": "100179",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/100179"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2017-08-08T00:00:00",
"ID": "CVE-2017-3124",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_value": "2017.009.20058 and earlier"
},
{
"version_value": "2017.008.30051 and earlier"
},
{
"version_value": "2015.006.30306 and earlier"
},
{
"version_value": "11.0.20 and earlier"
}
]
}
}
]
},
"vendor_name": "Adobe Systems Incorporated"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the picture exchange (PCX) file format parsing module. Successful exploitation could lead to arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Memory Corruption"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"name": "1039098",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039098"
},
{
"name": "100179",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/100179"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2017-3124",
"datePublished": "2017-08-11T19:00:00Z",
"dateReserved": "2016-12-02T00:00:00",
"dateUpdated": "2024-09-17T02:26:24.536Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-1060 (GCVE-0-2016-1060)
Vulnerability from cvelistv5
Published
2016-05-11 10:00
Modified
2024-08-05 22:38
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1045, CVE-2016-1046, CVE-2016-1047, CVE-2016-1048, CVE-2016-1049, CVE-2016-1050, CVE-2016-1051, CVE-2016-1052, CVE-2016-1053, CVE-2016-1054, CVE-2016-1055, CVE-2016-1056, CVE-2016-1057, CVE-2016-1058, CVE-2016-1059, CVE-2016-1061, CVE-2016-1065, CVE-2016-1066, CVE-2016-1067, CVE-2016-1068, CVE-2016-1069, CVE-2016-1070, CVE-2016-1075, CVE-2016-1094, CVE-2016-1121, CVE-2016-1122, CVE-2016-4102, and CVE-2016-4107.
References
| ► | URL | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T22:38:41.732Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "90512",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/90512"
},
{
"name": "1035828",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1035828"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-308"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-05-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1045, CVE-2016-1046, CVE-2016-1047, CVE-2016-1048, CVE-2016-1049, CVE-2016-1050, CVE-2016-1051, CVE-2016-1052, CVE-2016-1053, CVE-2016-1054, CVE-2016-1055, CVE-2016-1056, CVE-2016-1057, CVE-2016-1058, CVE-2016-1059, CVE-2016-1061, CVE-2016-1065, CVE-2016-1066, CVE-2016-1067, CVE-2016-1068, CVE-2016-1069, CVE-2016-1070, CVE-2016-1075, CVE-2016-1094, CVE-2016-1121, CVE-2016-1122, CVE-2016-4102, and CVE-2016-4107."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-11-29T16:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "90512",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/90512"
},
{
"name": "1035828",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1035828"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-308"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-1060",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1045, CVE-2016-1046, CVE-2016-1047, CVE-2016-1048, CVE-2016-1049, CVE-2016-1050, CVE-2016-1051, CVE-2016-1052, CVE-2016-1053, CVE-2016-1054, CVE-2016-1055, CVE-2016-1056, CVE-2016-1057, CVE-2016-1058, CVE-2016-1059, CVE-2016-1061, CVE-2016-1065, CVE-2016-1066, CVE-2016-1067, CVE-2016-1068, CVE-2016-1069, CVE-2016-1070, CVE-2016-1075, CVE-2016-1094, CVE-2016-1121, CVE-2016-1122, CVE-2016-4102, and CVE-2016-4107."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "90512",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/90512"
},
{
"name": "1035828",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-16-308",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-308"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2016-1060",
"datePublished": "2016-05-11T10:00:00",
"dateReserved": "2015-12-22T00:00:00",
"dateUpdated": "2024-08-05T22:38:41.732Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-2958 (GCVE-0-2017-2958)
Vulnerability from cvelistv5
Published
2017-01-11 04:40
Modified
2024-08-05 14:09
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Use After Free
Summary
Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable use after free vulnerability in the JavaScript engine. Successful exploitation could lead to arbitrary code execution.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier. |
Version: Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier. |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T14:09:17.869Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1037574",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1037574"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html"
},
{
"name": "95343",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/95343"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier.",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier."
}
]
}
],
"datePublic": "2017-01-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable use after free vulnerability in the JavaScript engine. Successful exploitation could lead to arbitrary code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Use After Free",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-01-12T22:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "1037574",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1037574"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html"
},
{
"name": "95343",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/95343"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2017-2958",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier.",
"version": {
"version_data": [
{
"version_value": "Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier."
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable use after free vulnerability in the JavaScript engine. Successful exploitation could lead to arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use After Free"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1037574",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037574"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html"
},
{
"name": "95343",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/95343"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2017-2958",
"datePublished": "2017-01-11T04:40:00",
"dateReserved": "2016-12-02T00:00:00",
"dateUpdated": "2024-08-05T14:09:17.869Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-3032 (GCVE-0-2017-3032)
Vulnerability from cvelistv5
Published
2017-04-12 14:00
Modified
2024-08-05 14:16
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Information Disclosure
Summary
Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have a memory address leak vulnerability in the JPEG 2000 code-stream parser.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier. |
Version: Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier. |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T14:16:26.314Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "97554",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/97554"
},
{
"name": "1038228",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1038228"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier.",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier."
}
]
}
],
"datePublic": "2017-04-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have a memory address leak vulnerability in the JPEG 2000 code-stream parser."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information Disclosure",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T09:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "97554",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/97554"
},
{
"name": "1038228",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1038228"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2017-3032",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier.",
"version": {
"version_data": [
{
"version_value": "Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier."
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have a memory address leak vulnerability in the JPEG 2000 code-stream parser."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information Disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "97554",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/97554"
},
{
"name": "1038228",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038228"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2017-3032",
"datePublished": "2017-04-12T14:00:00",
"dateReserved": "2016-12-02T00:00:00",
"dateUpdated": "2024-08-05T14:16:26.314Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-2952 (GCVE-0-2017-2952)
Vulnerability from cvelistv5
Published
2017-01-11 04:40
Modified
2024-08-05 14:09
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Buffer Overflow / Underflow
Summary
Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable buffer overflow / underflow vulnerability in the image conversion module related to parsing tags in TIFF files. Successful exploitation could lead to arbitrary code execution.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier. |
Version: Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier. |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T14:09:17.802Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "95346",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/95346"
},
{
"name": "1037574",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1037574"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier.",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier."
}
]
}
],
"datePublic": "2017-01-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable buffer overflow / underflow vulnerability in the image conversion module related to parsing tags in TIFF files. Successful exploitation could lead to arbitrary code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Buffer Overflow / Underflow",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-01-12T22:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "95346",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/95346"
},
{
"name": "1037574",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1037574"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2017-2952",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier.",
"version": {
"version_data": [
{
"version_value": "Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier."
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable buffer overflow / underflow vulnerability in the image conversion module related to parsing tags in TIFF files. Successful exploitation could lead to arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Buffer Overflow / Underflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "95346",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/95346"
},
{
"name": "1037574",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037574"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2017-2952",
"datePublished": "2017-01-11T04:40:00",
"dateReserved": "2016-12-02T00:00:00",
"dateUpdated": "2024-08-05T14:09:17.802Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-7001 (GCVE-0-2016-7001)
Vulnerability from cvelistv5
Published
2016-10-13 19:00
Modified
2024-08-06 01:50
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T01:50:46.138Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1036986",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1036986"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"name": "93496",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/93496"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-10-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-29T09:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "1036986",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1036986"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"name": "93496",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/93496"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-7001",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1036986",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"name": "93496",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93496"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2016-7001",
"datePublished": "2016-10-13T19:00:00",
"dateReserved": "2016-08-23T00:00:00",
"dateUpdated": "2024-08-06T01:50:46.138Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-6952 (GCVE-0-2016-6952)
Vulnerability from cvelistv5
Published
2016-10-13 19:00
Modified
2024-08-06 01:43
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1089, CVE-2016-1091, CVE-2016-6944, CVE-2016-6945, CVE-2016-6946, CVE-2016-6949, CVE-2016-6953, CVE-2016-6961, CVE-2016-6962, CVE-2016-6963, CVE-2016-6964, CVE-2016-6965, CVE-2016-6967, CVE-2016-6968, CVE-2016-6969, CVE-2016-6971, CVE-2016-6979, CVE-2016-6988, and CVE-2016-6993.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T01:43:38.753Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1036986",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1036986"
},
{
"name": "93491",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/93491"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-10-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1089, CVE-2016-1091, CVE-2016-6944, CVE-2016-6945, CVE-2016-6946, CVE-2016-6949, CVE-2016-6953, CVE-2016-6961, CVE-2016-6962, CVE-2016-6963, CVE-2016-6964, CVE-2016-6965, CVE-2016-6967, CVE-2016-6968, CVE-2016-6969, CVE-2016-6971, CVE-2016-6979, CVE-2016-6988, and CVE-2016-6993."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-29T09:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "1036986",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1036986"
},
{
"name": "93491",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/93491"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-6952",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1089, CVE-2016-1091, CVE-2016-6944, CVE-2016-6945, CVE-2016-6946, CVE-2016-6949, CVE-2016-6953, CVE-2016-6961, CVE-2016-6962, CVE-2016-6963, CVE-2016-6964, CVE-2016-6965, CVE-2016-6967, CVE-2016-6968, CVE-2016-6969, CVE-2016-6971, CVE-2016-6979, CVE-2016-6988, and CVE-2016-6993."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1036986",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"name": "93491",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93491"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2016-6952",
"datePublished": "2016-10-13T19:00:00",
"dateReserved": "2016-08-23T00:00:00",
"dateUpdated": "2024-08-06T01:43:38.753Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-3014 (GCVE-0-2017-3014)
Vulnerability from cvelistv5
Published
2017-04-12 14:00
Modified
2024-08-05 14:09
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Use After Free
Summary
Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable use after free vulnerability in XML Forms Architecture (XFA) related to reset form functionality. Successful exploitation could lead to arbitrary code execution.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier. |
Version: Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier. |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T14:09:17.919Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1038228",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1038228"
},
{
"name": "97550",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/97550"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier.",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier."
}
]
}
],
"datePublic": "2017-04-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable use after free vulnerability in XML Forms Architecture (XFA) related to reset form functionality. Successful exploitation could lead to arbitrary code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Use After Free",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T09:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "1038228",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1038228"
},
{
"name": "97550",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/97550"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2017-3014",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier.",
"version": {
"version_data": [
{
"version_value": "Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier."
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable use after free vulnerability in XML Forms Architecture (XFA) related to reset form functionality. Successful exploitation could lead to arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use After Free"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1038228",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038228"
},
{
"name": "97550",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/97550"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2017-3014",
"datePublished": "2017-04-12T14:00:00",
"dateReserved": "2016-12-02T00:00:00",
"dateUpdated": "2024-08-05T14:09:17.919Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-1078 (GCVE-0-2016-1078)
Vulnerability from cvelistv5
Published
2016-05-11 10:00
Modified
2024-08-05 22:38
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T22:38:41.594Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-325"
},
{
"name": "1035828",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1035828"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-05-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-11-29T16:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-325"
},
{
"name": "1035828",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1035828"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-1078",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-16-325",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-325"
},
{
"name": "1035828",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2016-1078",
"datePublished": "2016-05-11T10:00:00",
"dateReserved": "2015-12-22T00:00:00",
"dateUpdated": "2024-08-05T22:38:41.594Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-2950 (GCVE-0-2017-2950)
Vulnerability from cvelistv5
Published
2017-01-11 04:40
Modified
2024-08-05 14:09
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Use After Free
Summary
Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable use after free vulnerability in the XFA engine, related to layout functionality. Successful exploitation could lead to arbitrary code execution.
References
| ► | URL | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier. |
Version: Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier. |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T14:09:17.796Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-17-021"
},
{
"name": "1037574",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1037574"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html"
},
{
"name": "95343",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/95343"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier.",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier."
}
]
}
],
"datePublic": "2017-01-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable use after free vulnerability in the XFA engine, related to layout functionality. Successful exploitation could lead to arbitrary code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Use After Free",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-01-12T22:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-17-021"
},
{
"name": "1037574",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1037574"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html"
},
{
"name": "95343",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/95343"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2017-2950",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier.",
"version": {
"version_data": [
{
"version_value": "Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier."
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable use after free vulnerability in the XFA engine, related to layout functionality. Successful exploitation could lead to arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use After Free"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-17-021",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-17-021"
},
{
"name": "1037574",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037574"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html"
},
{
"name": "95343",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/95343"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2017-2950",
"datePublished": "2017-01-11T04:40:00",
"dateReserved": "2016-12-02T00:00:00",
"dateUpdated": "2024-08-05T14:09:17.796Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-6950 (GCVE-0-2016-6950)
Vulnerability from cvelistv5
Published
2016-10-13 19:00
Modified
2024-08-06 01:43
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T01:43:38.588Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1036986",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1036986"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"name": "93496",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/93496"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-10-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-29T09:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "1036986",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1036986"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"name": "93496",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/93496"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-6950",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1036986",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"name": "93496",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93496"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2016-6950",
"datePublished": "2016-10-13T19:00:00",
"dateReserved": "2016-08-23T00:00:00",
"dateUpdated": "2024-08-06T01:43:38.588Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-16042 (GCVE-0-2018-16042)
Vulnerability from cvelistv5
Published
2019-01-18 17:00
Modified
2024-08-05 10:10
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008.20080 and earlier, 2019.008.20081 and earlier, 2017.011.30106 and earlier version, 2017.011.30105 and earlier version, 2015.006.30457 and earlier, and 2015.006.30456 and earlier have a security bypass vulnerability. Successful exploitation could lead to information disclosure.
References
| ► | URL | Tags | |||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T10:10:05.952Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "106159",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/106159"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb18-41.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://pdf-insecurity.org/signature/evaluation_2018.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://pdf-insecurity.org/signature/signature.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.pdfa.org/recently-identified-pdf-digital-signature-vulnerabilities/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2019-01-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008.20080 and earlier, 2019.008.20081 and earlier, 2017.011.30106 and earlier version, 2017.011.30105 and earlier version, 2015.006.30457 and earlier, and 2015.006.30456 and earlier have a security bypass vulnerability. Successful exploitation could lead to information disclosure."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-01-07T17:53:30",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "106159",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/106159"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb18-41.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://pdf-insecurity.org/signature/evaluation_2018.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://pdf-insecurity.org/signature/signature.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.pdfa.org/recently-identified-pdf-digital-signature-vulnerabilities/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2018-16042",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008.20080 and earlier, 2019.008.20081 and earlier, 2017.011.30106 and earlier version, 2017.011.30105 and earlier version, 2015.006.30457 and earlier, and 2015.006.30456 and earlier have a security bypass vulnerability. Successful exploitation could lead to information disclosure."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "106159",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/106159"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb18-41.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb18-41.html"
},
{
"name": "https://pdf-insecurity.org/signature/evaluation_2018.html",
"refsource": "MISC",
"url": "https://pdf-insecurity.org/signature/evaluation_2018.html"
},
{
"name": "https://pdf-insecurity.org/signature/signature.html",
"refsource": "MISC",
"url": "https://pdf-insecurity.org/signature/signature.html"
},
{
"name": "https://www.pdfa.org/recently-identified-pdf-digital-signature-vulnerabilities/",
"refsource": "MISC",
"url": "https://www.pdfa.org/recently-identified-pdf-digital-signature-vulnerabilities/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2018-16042",
"datePublished": "2019-01-18T17:00:00",
"dateReserved": "2018-08-28T00:00:00",
"dateUpdated": "2024-08-05T10:10:05.952Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-1058 (GCVE-0-2016-1058)
Vulnerability from cvelistv5
Published
2016-05-11 10:00
Modified
2024-08-05 22:38
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1045, CVE-2016-1046, CVE-2016-1047, CVE-2016-1048, CVE-2016-1049, CVE-2016-1050, CVE-2016-1051, CVE-2016-1052, CVE-2016-1053, CVE-2016-1054, CVE-2016-1055, CVE-2016-1056, CVE-2016-1057, CVE-2016-1059, CVE-2016-1060, CVE-2016-1061, CVE-2016-1065, CVE-2016-1066, CVE-2016-1067, CVE-2016-1068, CVE-2016-1069, CVE-2016-1070, CVE-2016-1075, CVE-2016-1094, CVE-2016-1121, CVE-2016-1122, CVE-2016-4102, and CVE-2016-4107.
References
| ► | URL | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T22:38:41.596Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-306"
},
{
"name": "90512",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/90512"
},
{
"name": "1035828",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1035828"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-05-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1045, CVE-2016-1046, CVE-2016-1047, CVE-2016-1048, CVE-2016-1049, CVE-2016-1050, CVE-2016-1051, CVE-2016-1052, CVE-2016-1053, CVE-2016-1054, CVE-2016-1055, CVE-2016-1056, CVE-2016-1057, CVE-2016-1059, CVE-2016-1060, CVE-2016-1061, CVE-2016-1065, CVE-2016-1066, CVE-2016-1067, CVE-2016-1068, CVE-2016-1069, CVE-2016-1070, CVE-2016-1075, CVE-2016-1094, CVE-2016-1121, CVE-2016-1122, CVE-2016-4102, and CVE-2016-4107."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-11-29T16:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-306"
},
{
"name": "90512",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/90512"
},
{
"name": "1035828",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1035828"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-1058",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1045, CVE-2016-1046, CVE-2016-1047, CVE-2016-1048, CVE-2016-1049, CVE-2016-1050, CVE-2016-1051, CVE-2016-1052, CVE-2016-1053, CVE-2016-1054, CVE-2016-1055, CVE-2016-1056, CVE-2016-1057, CVE-2016-1059, CVE-2016-1060, CVE-2016-1061, CVE-2016-1065, CVE-2016-1066, CVE-2016-1067, CVE-2016-1068, CVE-2016-1069, CVE-2016-1070, CVE-2016-1075, CVE-2016-1094, CVE-2016-1121, CVE-2016-1122, CVE-2016-4102, and CVE-2016-4107."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-16-306",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-306"
},
{
"name": "90512",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/90512"
},
{
"name": "1035828",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2016-1058",
"datePublished": "2016-05-11T10:00:00",
"dateReserved": "2015-12-22T00:00:00",
"dateUpdated": "2024-08-05T22:38:41.596Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2011-4370 (GCVE-0-2011-4370)
Vulnerability from cvelistv5
Published
2012-01-10 21:00
Modified
2024-08-07 00:09
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Adobe Reader and Acrobat before 9.5, and 10.x before 10.1.2, on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-4372 and CVE-2011-4373.
References
| ► | URL | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T00:09:18.230Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.adobe.com/support/security/bulletins/apsb12-01.html"
},
{
"name": "51348",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/51348"
},
{
"name": "oval:org.mitre.oval:def:14801",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14801"
},
{
"name": "1026496",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1026496"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-01-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 9.5, and 10.x before 10.1.2, on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-4372 and CVE-2011-4373."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-18T12:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.adobe.com/support/security/bulletins/apsb12-01.html"
},
{
"name": "51348",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/51348"
},
{
"name": "oval:org.mitre.oval:def:14801",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14801"
},
{
"name": "1026496",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1026496"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2011-4370",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Reader and Acrobat before 9.5, and 10.x before 10.1.2, on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-4372 and CVE-2011-4373."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.adobe.com/support/security/bulletins/apsb12-01.html",
"refsource": "CONFIRM",
"url": "http://www.adobe.com/support/security/bulletins/apsb12-01.html"
},
{
"name": "51348",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/51348"
},
{
"name": "oval:org.mitre.oval:def:14801",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14801"
},
{
"name": "1026496",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1026496"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2011-4370",
"datePublished": "2012-01-10T21:00:00",
"dateReserved": "2011-11-04T00:00:00",
"dateUpdated": "2024-08-07T00:09:18.230Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-6960 (GCVE-0-2016-6960)
Vulnerability from cvelistv5
Published
2016-10-13 19:00
Modified
2024-08-06 01:43
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T01:43:38.809Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1036986",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1036986"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"name": "93496",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/93496"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-10-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-29T09:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "1036986",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1036986"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"name": "93496",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/93496"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-6960",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1036986",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"name": "93496",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93496"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2016-6960",
"datePublished": "2016-10-13T19:00:00",
"dateReserved": "2016-08-23T00:00:00",
"dateUpdated": "2024-08-06T01:43:38.809Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-2960 (GCVE-0-2017-2960)
Vulnerability from cvelistv5
Published
2017-01-11 04:40
Modified
2024-08-05 14:09
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Memory Corruption
Summary
Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable memory corruption vulnerability in the image conversion engine, related to parsing of EXIF metadata. Successful exploitation could lead to arbitrary code execution.
References
| ► | URL | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier. |
Version: Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier. |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T14:09:17.792Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "95345",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/95345"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-17-024"
},
{
"name": "1037574",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1037574"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier.",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier."
}
]
}
],
"datePublic": "2017-01-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable memory corruption vulnerability in the image conversion engine, related to parsing of EXIF metadata. Successful exploitation could lead to arbitrary code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Memory Corruption",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-01-12T22:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "95345",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/95345"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-17-024"
},
{
"name": "1037574",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1037574"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2017-2960",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier.",
"version": {
"version_data": [
{
"version_value": "Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier."
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable memory corruption vulnerability in the image conversion engine, related to parsing of EXIF metadata. Successful exploitation could lead to arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Memory Corruption"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "95345",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/95345"
},
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-17-024",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-17-024"
},
{
"name": "1037574",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037574"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2017-2960",
"datePublished": "2017-01-11T04:40:00",
"dateReserved": "2016-12-02T00:00:00",
"dateUpdated": "2024-08-05T14:09:17.792Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-6995 (GCVE-0-2016-6995)
Vulnerability from cvelistv5
Published
2016-10-13 19:00
Modified
2024-08-06 01:50
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T01:50:46.138Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1036986",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1036986"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"name": "93496",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/93496"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-10-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-29T09:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "1036986",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1036986"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"name": "93496",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/93496"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-6995",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1036986",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"name": "93496",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93496"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2016-6995",
"datePublished": "2016-10-13T19:00:00",
"dateReserved": "2016-08-23T00:00:00",
"dateUpdated": "2024-08-06T01:50:46.138Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-3039 (GCVE-0-2017-3039)
Vulnerability from cvelistv5
Published
2017-04-12 14:00
Modified
2024-08-05 14:16
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Memory Corruption
Summary
Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability in the PPKLite security handler. Successful exploitation could lead to arbitrary code execution.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier. |
Version: Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier. |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T14:16:26.464Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1038228",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1038228"
},
{
"name": "97556",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/97556"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier.",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier."
}
]
}
],
"datePublic": "2017-04-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability in the PPKLite security handler. Successful exploitation could lead to arbitrary code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Memory Corruption",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T09:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "1038228",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1038228"
},
{
"name": "97556",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/97556"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2017-3039",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier.",
"version": {
"version_data": [
{
"version_value": "Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier."
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability in the PPKLite security handler. Successful exploitation could lead to arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Memory Corruption"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1038228",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038228"
},
{
"name": "97556",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/97556"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2017-3039",
"datePublished": "2017-04-12T14:00:00",
"dateReserved": "2016-12-02T00:00:00",
"dateUpdated": "2024-08-05T14:16:26.464Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-1066 (GCVE-0-2016-1066)
Vulnerability from cvelistv5
Published
2016-05-11 10:00
Modified
2024-08-05 22:38
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1045, CVE-2016-1046, CVE-2016-1047, CVE-2016-1048, CVE-2016-1049, CVE-2016-1050, CVE-2016-1051, CVE-2016-1052, CVE-2016-1053, CVE-2016-1054, CVE-2016-1055, CVE-2016-1056, CVE-2016-1057, CVE-2016-1058, CVE-2016-1059, CVE-2016-1060, CVE-2016-1061, CVE-2016-1065, CVE-2016-1067, CVE-2016-1068, CVE-2016-1069, CVE-2016-1070, CVE-2016-1075, CVE-2016-1094, CVE-2016-1121, CVE-2016-1122, CVE-2016-4102, and CVE-2016-4107.
References
| ► | URL | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T22:38:41.618Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "90512",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/90512"
},
{
"name": "1035828",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1035828"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-313"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-05-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1045, CVE-2016-1046, CVE-2016-1047, CVE-2016-1048, CVE-2016-1049, CVE-2016-1050, CVE-2016-1051, CVE-2016-1052, CVE-2016-1053, CVE-2016-1054, CVE-2016-1055, CVE-2016-1056, CVE-2016-1057, CVE-2016-1058, CVE-2016-1059, CVE-2016-1060, CVE-2016-1061, CVE-2016-1065, CVE-2016-1067, CVE-2016-1068, CVE-2016-1069, CVE-2016-1070, CVE-2016-1075, CVE-2016-1094, CVE-2016-1121, CVE-2016-1122, CVE-2016-4102, and CVE-2016-4107."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-11-29T16:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "90512",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/90512"
},
{
"name": "1035828",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1035828"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-313"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-1066",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1045, CVE-2016-1046, CVE-2016-1047, CVE-2016-1048, CVE-2016-1049, CVE-2016-1050, CVE-2016-1051, CVE-2016-1052, CVE-2016-1053, CVE-2016-1054, CVE-2016-1055, CVE-2016-1056, CVE-2016-1057, CVE-2016-1058, CVE-2016-1059, CVE-2016-1060, CVE-2016-1061, CVE-2016-1065, CVE-2016-1067, CVE-2016-1068, CVE-2016-1069, CVE-2016-1070, CVE-2016-1075, CVE-2016-1094, CVE-2016-1121, CVE-2016-1122, CVE-2016-4102, and CVE-2016-4107."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "90512",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/90512"
},
{
"name": "1035828",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-16-313",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-313"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2016-1066",
"datePublished": "2016-05-11T10:00:00",
"dateReserved": "2015-12-22T00:00:00",
"dateUpdated": "2024-08-05T22:38:41.618Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-11241 (GCVE-0-2017-11241)
Vulnerability from cvelistv5
Published
2017-08-11 19:00
Modified
2024-09-16 17:08
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Heap Overflow
Summary
Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable heap overflow vulnerability in the image conversion engine when processing Enhanced Metafile Format (EMF) data related to polygons. Successful exploitation could lead to arbitrary code execution.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Adobe Systems Incorporated | Acrobat Reader |
Version: 2017.009.20058 and earlier Version: 2017.008.30051 and earlier Version: 2015.006.30306 and earlier Version: 11.0.20 and earlier |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T18:05:29.895Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "100180",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/100180"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"name": "1039098",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1039098"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe Systems Incorporated",
"versions": [
{
"status": "affected",
"version": "2017.009.20058 and earlier"
},
{
"status": "affected",
"version": "2017.008.30051 and earlier"
},
{
"status": "affected",
"version": "2015.006.30306 and earlier"
},
{
"status": "affected",
"version": "11.0.20 and earlier"
}
]
}
],
"datePublic": "2017-08-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable heap overflow vulnerability in the image conversion engine when processing Enhanced Metafile Format (EMF) data related to polygons. Successful exploitation could lead to arbitrary code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Heap Overflow",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-12T09:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "100180",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/100180"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"name": "1039098",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1039098"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2017-08-08T00:00:00",
"ID": "CVE-2017-11241",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_value": "2017.009.20058 and earlier"
},
{
"version_value": "2017.008.30051 and earlier"
},
{
"version_value": "2015.006.30306 and earlier"
},
{
"version_value": "11.0.20 and earlier"
}
]
}
}
]
},
"vendor_name": "Adobe Systems Incorporated"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable heap overflow vulnerability in the image conversion engine when processing Enhanced Metafile Format (EMF) data related to polygons. Successful exploitation could lead to arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Heap Overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "100180",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/100180"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"name": "1039098",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039098"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2017-11241",
"datePublished": "2017-08-11T19:00:00Z",
"dateReserved": "2017-07-13T00:00:00",
"dateUpdated": "2024-09-16T17:08:51.597Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-3036 (GCVE-0-2017-3036)
Vulnerability from cvelistv5
Published
2017-04-12 14:00
Modified
2024-08-05 14:16
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Memory Corruption
Summary
Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability in image conversion related to processing of the PCX (picture exchange) file format. Successful exploitation could lead to arbitrary code execution.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier. |
Version: Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier. |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T14:16:26.440Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1038228",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1038228"
},
{
"name": "97556",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/97556"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier.",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier."
}
]
}
],
"datePublic": "2017-04-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability in image conversion related to processing of the PCX (picture exchange) file format. Successful exploitation could lead to arbitrary code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Memory Corruption",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T09:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "1038228",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1038228"
},
{
"name": "97556",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/97556"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2017-3036",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier.",
"version": {
"version_data": [
{
"version_value": "Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier."
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability in image conversion related to processing of the PCX (picture exchange) file format. Successful exploitation could lead to arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Memory Corruption"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1038228",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038228"
},
{
"name": "97556",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/97556"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2017-3036",
"datePublished": "2017-04-12T14:00:00",
"dateReserved": "2016-12-02T00:00:00",
"dateUpdated": "2024-08-05T14:16:26.440Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-3048 (GCVE-0-2017-3048)
Vulnerability from cvelistv5
Published
2017-04-12 14:00
Modified
2024-08-05 14:16
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Heap Overflow
Summary
Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable heap overflow vulnerability in the image conversion engine, related to internal scan line representation in TIFF files. Successful exploitation could lead to arbitrary code execution.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier. |
Version: Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier. |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T14:16:26.425Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1038228",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1038228"
},
{
"name": "97549",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/97549"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier.",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier."
}
]
}
],
"datePublic": "2017-04-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable heap overflow vulnerability in the image conversion engine, related to internal scan line representation in TIFF files. Successful exploitation could lead to arbitrary code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Heap Overflow",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T09:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "1038228",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1038228"
},
{
"name": "97549",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/97549"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2017-3048",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier.",
"version": {
"version_data": [
{
"version_value": "Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier."
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable heap overflow vulnerability in the image conversion engine, related to internal scan line representation in TIFF files. Successful exploitation could lead to arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Heap Overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1038228",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038228"
},
{
"name": "97549",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/97549"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2017-3048",
"datePublished": "2017-04-12T14:00:00",
"dateReserved": "2016-12-02T00:00:00",
"dateUpdated": "2024-08-05T14:16:26.425Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-6973 (GCVE-0-2016-6973)
Vulnerability from cvelistv5
Published
2016-10-13 19:00
Modified
2024-08-06 01:43
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T01:43:38.747Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1036986",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1036986"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"name": "93496",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/93496"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-10-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-29T09:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "1036986",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1036986"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"name": "93496",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/93496"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-6973",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1036986",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"name": "93496",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93496"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2016-6973",
"datePublished": "2016-10-13T19:00:00",
"dateReserved": "2016-08-23T00:00:00",
"dateUpdated": "2024-08-06T01:43:38.747Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-3009 (GCVE-0-2017-3009)
Vulnerability from cvelistv5
Published
2017-03-31 15:00
Modified
2024-08-05 14:09
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Buffer Overflow
Summary
Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable buffer overflow vulnerability in the JPEG2000 parser. Successful exploitation could lead to information disclosure.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier. |
Version: Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier. |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T14:09:17.796Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "97302",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/97302"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier.",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier."
}
]
}
],
"datePublic": "2017-03-31T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable buffer overflow vulnerability in the JPEG2000 parser. Successful exploitation could lead to information disclosure."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Buffer Overflow",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-04-04T09:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "97302",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/97302"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2017-3009",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier.",
"version": {
"version_data": [
{
"version_value": "Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier."
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable buffer overflow vulnerability in the JPEG2000 parser. Successful exploitation could lead to information disclosure."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Buffer Overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "97302",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/97302"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2017-3009",
"datePublished": "2017-03-31T15:00:00",
"dateReserved": "2016-12-02T00:00:00",
"dateUpdated": "2024-08-05T14:09:17.796Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-3113 (GCVE-0-2017-3113)
Vulnerability from cvelistv5
Published
2017-08-11 19:00
Modified
2024-09-16 19:04
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Use After Free
Summary
Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable use after free vulnerability in JavaScript engine when creating large strings. Successful exploitation could lead to arbitrary code execution.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Adobe Systems Incorporated | Acrobat Reader |
Version: 2017.009.20058 and earlier Version: 2017.008.30051 and earlier Version: 2015.006.30306 and earlier Version: 11.0.20 and earlier |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T14:16:27.951Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"name": "1039098",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1039098"
},
{
"name": "100182",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/100182"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe Systems Incorporated",
"versions": [
{
"status": "affected",
"version": "2017.009.20058 and earlier"
},
{
"status": "affected",
"version": "2017.008.30051 and earlier"
},
{
"status": "affected",
"version": "2015.006.30306 and earlier"
},
{
"status": "affected",
"version": "11.0.20 and earlier"
}
]
}
],
"datePublic": "2017-08-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable use after free vulnerability in JavaScript engine when creating large strings. Successful exploitation could lead to arbitrary code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Use After Free",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-12T09:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"name": "1039098",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1039098"
},
{
"name": "100182",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/100182"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2017-08-08T00:00:00",
"ID": "CVE-2017-3113",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_value": "2017.009.20058 and earlier"
},
{
"version_value": "2017.008.30051 and earlier"
},
{
"version_value": "2015.006.30306 and earlier"
},
{
"version_value": "11.0.20 and earlier"
}
]
}
}
]
},
"vendor_name": "Adobe Systems Incorporated"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable use after free vulnerability in JavaScript engine when creating large strings. Successful exploitation could lead to arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use After Free"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"name": "1039098",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039098"
},
{
"name": "100182",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/100182"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2017-3113",
"datePublished": "2017-08-11T19:00:00Z",
"dateReserved": "2016-12-02T00:00:00",
"dateUpdated": "2024-09-16T19:04:10.506Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-6964 (GCVE-0-2016-6964)
Vulnerability from cvelistv5
Published
2016-10-13 19:00
Modified
2024-08-06 01:43
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1089, CVE-2016-1091, CVE-2016-6944, CVE-2016-6945, CVE-2016-6946, CVE-2016-6949, CVE-2016-6952, CVE-2016-6953, CVE-2016-6961, CVE-2016-6962, CVE-2016-6963, CVE-2016-6965, CVE-2016-6967, CVE-2016-6968, CVE-2016-6969, CVE-2016-6971, CVE-2016-6979, CVE-2016-6988, and CVE-2016-6993.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T01:43:38.800Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1036986",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1036986"
},
{
"name": "93491",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/93491"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-10-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1089, CVE-2016-1091, CVE-2016-6944, CVE-2016-6945, CVE-2016-6946, CVE-2016-6949, CVE-2016-6952, CVE-2016-6953, CVE-2016-6961, CVE-2016-6962, CVE-2016-6963, CVE-2016-6965, CVE-2016-6967, CVE-2016-6968, CVE-2016-6969, CVE-2016-6971, CVE-2016-6979, CVE-2016-6988, and CVE-2016-6993."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-29T09:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "1036986",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1036986"
},
{
"name": "93491",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/93491"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-6964",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1089, CVE-2016-1091, CVE-2016-6944, CVE-2016-6945, CVE-2016-6946, CVE-2016-6949, CVE-2016-6952, CVE-2016-6953, CVE-2016-6961, CVE-2016-6962, CVE-2016-6963, CVE-2016-6965, CVE-2016-6967, CVE-2016-6968, CVE-2016-6969, CVE-2016-6971, CVE-2016-6979, CVE-2016-6988, and CVE-2016-6993."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1036986",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"name": "93491",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93491"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2016-6964",
"datePublished": "2016-10-13T19:00:00",
"dateReserved": "2016-08-23T00:00:00",
"dateUpdated": "2024-08-06T01:43:38.800Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-11231 (GCVE-0-2017-11231)
Vulnerability from cvelistv5
Published
2017-08-11 19:00
Modified
2024-09-16 20:32
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Use After Free
Summary
Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable use after free vulnerability in Acrobat/Reader rendering engine. Successful exploitation could lead to arbitrary code execution.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Adobe Systems Incorporated | Acrobat Reader |
Version: 2017.009.20058 and earlier Version: 2017.008.30051 and earlier Version: 2015.006.30306 and earlier Version: 11.0.20 and earlier |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T18:05:30.152Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"name": "1039098",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1039098"
},
{
"name": "100182",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/100182"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe Systems Incorporated",
"versions": [
{
"status": "affected",
"version": "2017.009.20058 and earlier"
},
{
"status": "affected",
"version": "2017.008.30051 and earlier"
},
{
"status": "affected",
"version": "2015.006.30306 and earlier"
},
{
"status": "affected",
"version": "11.0.20 and earlier"
}
]
}
],
"datePublic": "2017-08-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable use after free vulnerability in Acrobat/Reader rendering engine. Successful exploitation could lead to arbitrary code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Use After Free",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-12T09:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"name": "1039098",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1039098"
},
{
"name": "100182",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/100182"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2017-08-08T00:00:00",
"ID": "CVE-2017-11231",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_value": "2017.009.20058 and earlier"
},
{
"version_value": "2017.008.30051 and earlier"
},
{
"version_value": "2015.006.30306 and earlier"
},
{
"version_value": "11.0.20 and earlier"
}
]
}
}
]
},
"vendor_name": "Adobe Systems Incorporated"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable use after free vulnerability in Acrobat/Reader rendering engine. Successful exploitation could lead to arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use After Free"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"name": "1039098",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039098"
},
{
"name": "100182",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/100182"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2017-11231",
"datePublished": "2017-08-11T19:00:00Z",
"dateReserved": "2017-07-13T00:00:00",
"dateUpdated": "2024-09-16T20:32:37.501Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-1062 (GCVE-0-2016-1062)
Vulnerability from cvelistv5
Published
2016-05-11 10:00
Modified
2024-08-05 22:38
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to bypass JavaScript API execution restrictions via unspecified vectors, a different vulnerability than CVE-2016-1038, CVE-2016-1039, CVE-2016-1040, CVE-2016-1041, CVE-2016-1042, CVE-2016-1044, and CVE-2016-1117.
References
| ► | URL | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T22:38:41.582Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1035828",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1035828"
},
{
"name": "90517",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/90517"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-310"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-05-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to bypass JavaScript API execution restrictions via unspecified vectors, a different vulnerability than CVE-2016-1038, CVE-2016-1039, CVE-2016-1040, CVE-2016-1041, CVE-2016-1042, CVE-2016-1044, and CVE-2016-1117."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-11-29T16:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "1035828",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1035828"
},
{
"name": "90517",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/90517"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-310"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-1062",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to bypass JavaScript API execution restrictions via unspecified vectors, a different vulnerability than CVE-2016-1038, CVE-2016-1039, CVE-2016-1040, CVE-2016-1041, CVE-2016-1042, CVE-2016-1044, and CVE-2016-1117."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1035828",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"name": "90517",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/90517"
},
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-16-310",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-310"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2016-1062",
"datePublished": "2016-05-11T10:00:00",
"dateReserved": "2015-12-22T00:00:00",
"dateUpdated": "2024-08-05T22:38:41.582Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-4088 (GCVE-0-2016-4088)
Vulnerability from cvelistv5
Published
2016-05-11 10:00
Modified
2024-08-06 00:17
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T00:17:30.833Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1035828",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1035828"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-05-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-11-29T16:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "1035828",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1035828"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-4088",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1035828",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2016-4088",
"datePublished": "2016-05-11T10:00:00",
"dateReserved": "2016-04-27T00:00:00",
"dateUpdated": "2024-08-06T00:17:30.833Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-4105 (GCVE-0-2016-4105)
Vulnerability from cvelistv5
Published
2016-05-11 10:00
Modified
2024-08-06 00:17
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, and CVE-2016-4104.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T00:17:30.962Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1035828",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1035828"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-05-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, and CVE-2016-4104."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-11-29T16:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "1035828",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1035828"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-4105",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, and CVE-2016-4104."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1035828",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2016-4105",
"datePublished": "2016-05-11T10:00:00",
"dateReserved": "2016-04-27T00:00:00",
"dateUpdated": "2024-08-06T00:17:30.962Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-6953 (GCVE-0-2016-6953)
Vulnerability from cvelistv5
Published
2016-10-13 19:00
Modified
2024-08-06 01:43
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1089, CVE-2016-1091, CVE-2016-6944, CVE-2016-6945, CVE-2016-6946, CVE-2016-6949, CVE-2016-6952, CVE-2016-6961, CVE-2016-6962, CVE-2016-6963, CVE-2016-6964, CVE-2016-6965, CVE-2016-6967, CVE-2016-6968, CVE-2016-6969, CVE-2016-6971, CVE-2016-6979, CVE-2016-6988, and CVE-2016-6993.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T01:43:38.849Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1036986",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1036986"
},
{
"name": "93491",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/93491"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-10-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1089, CVE-2016-1091, CVE-2016-6944, CVE-2016-6945, CVE-2016-6946, CVE-2016-6949, CVE-2016-6952, CVE-2016-6961, CVE-2016-6962, CVE-2016-6963, CVE-2016-6964, CVE-2016-6965, CVE-2016-6967, CVE-2016-6968, CVE-2016-6969, CVE-2016-6971, CVE-2016-6979, CVE-2016-6988, and CVE-2016-6993."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-29T09:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "1036986",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1036986"
},
{
"name": "93491",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/93491"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-6953",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1089, CVE-2016-1091, CVE-2016-6944, CVE-2016-6945, CVE-2016-6946, CVE-2016-6949, CVE-2016-6952, CVE-2016-6961, CVE-2016-6962, CVE-2016-6963, CVE-2016-6964, CVE-2016-6965, CVE-2016-6967, CVE-2016-6968, CVE-2016-6969, CVE-2016-6971, CVE-2016-6979, CVE-2016-6988, and CVE-2016-6993."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1036986",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"name": "93491",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93491"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2016-6953",
"datePublished": "2016-10-13T19:00:00",
"dateReserved": "2016-08-23T00:00:00",
"dateUpdated": "2024-08-06T01:43:38.849Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-7008 (GCVE-0-2016-7008)
Vulnerability from cvelistv5
Published
2016-10-13 19:00
Modified
2024-08-06 01:50
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T01:50:46.669Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1036986",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1036986"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"name": "93496",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/93496"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-10-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-29T09:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "1036986",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1036986"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"name": "93496",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/93496"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-7008",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1036986",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"name": "93496",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93496"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2016-7008",
"datePublished": "2016-10-13T19:00:00",
"dateReserved": "2016-08-23T00:00:00",
"dateUpdated": "2024-08-06T01:50:46.669Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-1079 (GCVE-0-2016-1079)
Vulnerability from cvelistv5
Published
2016-05-11 10:00
Modified
2024-08-05 22:38
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to obtain sensitive information from process memory via unspecified vectors, a different vulnerability than CVE-2016-1092.
References
| ► | URL | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T22:38:41.624Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-326"
},
{
"name": "1035828",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1035828"
},
{
"name": "90511",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/90511"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-05-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to obtain sensitive information from process memory via unspecified vectors, a different vulnerability than CVE-2016-1092."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-11-29T16:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-326"
},
{
"name": "1035828",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1035828"
},
{
"name": "90511",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/90511"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-1079",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to obtain sensitive information from process memory via unspecified vectors, a different vulnerability than CVE-2016-1092."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-16-326",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-326"
},
{
"name": "1035828",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"name": "90511",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/90511"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2016-1079",
"datePublished": "2016-05-11T10:00:00",
"dateReserved": "2015-12-22T00:00:00",
"dateUpdated": "2024-08-05T22:38:41.624Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-2944 (GCVE-0-2017-2944)
Vulnerability from cvelistv5
Published
2017-01-11 04:40
Modified
2024-08-05 14:09
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Memory Corruption
Summary
Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable memory corruption vulnerability when parsing crafted TIFF image files. Successful exploitation could lead to arbitrary code execution.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier. |
Version: Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier. |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T14:09:17.768Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "95345",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/95345"
},
{
"name": "1037574",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1037574"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier.",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier."
}
]
}
],
"datePublic": "2017-01-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable memory corruption vulnerability when parsing crafted TIFF image files. Successful exploitation could lead to arbitrary code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Memory Corruption",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-01-12T22:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "95345",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/95345"
},
{
"name": "1037574",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1037574"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2017-2944",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier.",
"version": {
"version_data": [
{
"version_value": "Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier."
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable memory corruption vulnerability when parsing crafted TIFF image files. Successful exploitation could lead to arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Memory Corruption"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "95345",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/95345"
},
{
"name": "1037574",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037574"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2017-2944",
"datePublished": "2017-01-11T04:40:00",
"dateReserved": "2016-12-02T00:00:00",
"dateUpdated": "2024-08-05T14:09:17.768Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-6945 (GCVE-0-2016-6945)
Vulnerability from cvelistv5
Published
2016-10-13 19:00
Modified
2024-08-06 01:43
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1089, CVE-2016-1091, CVE-2016-6944, CVE-2016-6946, CVE-2016-6949, CVE-2016-6952, CVE-2016-6953, CVE-2016-6961, CVE-2016-6962, CVE-2016-6963, CVE-2016-6964, CVE-2016-6965, CVE-2016-6967, CVE-2016-6968, CVE-2016-6969, CVE-2016-6971, CVE-2016-6979, CVE-2016-6988, and CVE-2016-6993.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T01:43:38.783Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1036986",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1036986"
},
{
"name": "93491",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/93491"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-10-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1089, CVE-2016-1091, CVE-2016-6944, CVE-2016-6946, CVE-2016-6949, CVE-2016-6952, CVE-2016-6953, CVE-2016-6961, CVE-2016-6962, CVE-2016-6963, CVE-2016-6964, CVE-2016-6965, CVE-2016-6967, CVE-2016-6968, CVE-2016-6969, CVE-2016-6971, CVE-2016-6979, CVE-2016-6988, and CVE-2016-6993."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-29T09:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "1036986",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1036986"
},
{
"name": "93491",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/93491"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-6945",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1089, CVE-2016-1091, CVE-2016-6944, CVE-2016-6946, CVE-2016-6949, CVE-2016-6952, CVE-2016-6953, CVE-2016-6961, CVE-2016-6962, CVE-2016-6963, CVE-2016-6964, CVE-2016-6965, CVE-2016-6967, CVE-2016-6968, CVE-2016-6969, CVE-2016-6971, CVE-2016-6979, CVE-2016-6988, and CVE-2016-6993."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1036986",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"name": "93491",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93491"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2016-6945",
"datePublished": "2016-10-13T19:00:00",
"dateReserved": "2016-08-23T00:00:00",
"dateUpdated": "2024-08-06T01:43:38.783Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-4093 (GCVE-0-2016-4093)
Vulnerability from cvelistv5
Published
2016-05-11 10:00
Modified
2024-08-06 00:17
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T00:17:30.878Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1035828",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1035828"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-05-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-11-29T16:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "1035828",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1035828"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-4093",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1035828",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2016-4093",
"datePublished": "2016-05-11T10:00:00",
"dateReserved": "2016-04-27T00:00:00",
"dateUpdated": "2024-08-06T00:17:30.878Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-4207 (GCVE-0-2016-4207)
Vulnerability from cvelistv5
Published
2016-07-13 01:00
Modified
2024-08-06 00:25
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4191, CVE-2016-4192, CVE-2016-4193, CVE-2016-4194, CVE-2016-4195, CVE-2016-4196, CVE-2016-4197, CVE-2016-4198, CVE-2016-4199, CVE-2016-4200, CVE-2016-4201, CVE-2016-4202, CVE-2016-4203, CVE-2016-4204, CVE-2016-4205, CVE-2016-4206, CVE-2016-4208, CVE-2016-4211, CVE-2016-4212, CVE-2016-4213, CVE-2016-4214, CVE-2016-4250, CVE-2016-4251, CVE-2016-4252, and CVE-2016-4254.
References
| ► | URL | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T00:25:12.837Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "91716",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/91716"
},
{
"name": "1036281",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1036281"
},
{
"name": "40099",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/40099/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-07-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4191, CVE-2016-4192, CVE-2016-4193, CVE-2016-4194, CVE-2016-4195, CVE-2016-4196, CVE-2016-4197, CVE-2016-4198, CVE-2016-4199, CVE-2016-4200, CVE-2016-4201, CVE-2016-4202, CVE-2016-4203, CVE-2016-4204, CVE-2016-4205, CVE-2016-4206, CVE-2016-4208, CVE-2016-4211, CVE-2016-4212, CVE-2016-4213, CVE-2016-4214, CVE-2016-4250, CVE-2016-4251, CVE-2016-4252, and CVE-2016-4254."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-02T09:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "91716",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/91716"
},
{
"name": "1036281",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1036281"
},
{
"name": "40099",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/40099/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-4207",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4191, CVE-2016-4192, CVE-2016-4193, CVE-2016-4194, CVE-2016-4195, CVE-2016-4196, CVE-2016-4197, CVE-2016-4198, CVE-2016-4199, CVE-2016-4200, CVE-2016-4201, CVE-2016-4202, CVE-2016-4203, CVE-2016-4204, CVE-2016-4205, CVE-2016-4206, CVE-2016-4208, CVE-2016-4211, CVE-2016-4212, CVE-2016-4213, CVE-2016-4214, CVE-2016-4250, CVE-2016-4251, CVE-2016-4252, and CVE-2016-4254."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "91716",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/91716"
},
{
"name": "1036281",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036281"
},
{
"name": "40099",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/40099/"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2016-4207",
"datePublished": "2016-07-13T01:00:00",
"dateReserved": "2016-04-27T00:00:00",
"dateUpdated": "2024-08-06T00:25:12.837Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-1054 (GCVE-0-2016-1054)
Vulnerability from cvelistv5
Published
2016-05-11 10:00
Modified
2024-08-05 22:38
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1045, CVE-2016-1046, CVE-2016-1047, CVE-2016-1048, CVE-2016-1049, CVE-2016-1050, CVE-2016-1051, CVE-2016-1052, CVE-2016-1053, CVE-2016-1055, CVE-2016-1056, CVE-2016-1057, CVE-2016-1058, CVE-2016-1059, CVE-2016-1060, CVE-2016-1061, CVE-2016-1065, CVE-2016-1066, CVE-2016-1067, CVE-2016-1068, CVE-2016-1069, CVE-2016-1070, CVE-2016-1075, CVE-2016-1094, CVE-2016-1121, CVE-2016-1122, CVE-2016-4102, and CVE-2016-4107.
References
| ► | URL | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T22:38:41.730Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "90512",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/90512"
},
{
"name": "1035828",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1035828"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-302"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-05-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1045, CVE-2016-1046, CVE-2016-1047, CVE-2016-1048, CVE-2016-1049, CVE-2016-1050, CVE-2016-1051, CVE-2016-1052, CVE-2016-1053, CVE-2016-1055, CVE-2016-1056, CVE-2016-1057, CVE-2016-1058, CVE-2016-1059, CVE-2016-1060, CVE-2016-1061, CVE-2016-1065, CVE-2016-1066, CVE-2016-1067, CVE-2016-1068, CVE-2016-1069, CVE-2016-1070, CVE-2016-1075, CVE-2016-1094, CVE-2016-1121, CVE-2016-1122, CVE-2016-4102, and CVE-2016-4107."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-11-29T16:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "90512",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/90512"
},
{
"name": "1035828",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1035828"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-302"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-1054",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1045, CVE-2016-1046, CVE-2016-1047, CVE-2016-1048, CVE-2016-1049, CVE-2016-1050, CVE-2016-1051, CVE-2016-1052, CVE-2016-1053, CVE-2016-1055, CVE-2016-1056, CVE-2016-1057, CVE-2016-1058, CVE-2016-1059, CVE-2016-1060, CVE-2016-1061, CVE-2016-1065, CVE-2016-1066, CVE-2016-1067, CVE-2016-1068, CVE-2016-1069, CVE-2016-1070, CVE-2016-1075, CVE-2016-1094, CVE-2016-1121, CVE-2016-1122, CVE-2016-4102, and CVE-2016-4107."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "90512",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/90512"
},
{
"name": "1035828",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-16-302",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-302"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2016-1054",
"datePublished": "2016-05-11T10:00:00",
"dateReserved": "2015-12-22T00:00:00",
"dateUpdated": "2024-08-05T22:38:41.730Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-7009 (GCVE-0-2016-7009)
Vulnerability from cvelistv5
Published
2016-10-13 19:00
Modified
2024-08-06 01:50
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T01:50:47.483Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1036986",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1036986"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"name": "93496",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/93496"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-10-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-29T09:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "1036986",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1036986"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"name": "93496",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/93496"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-7009",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1036986",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"name": "93496",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93496"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2016-7009",
"datePublished": "2016-10-13T19:00:00",
"dateReserved": "2016-08-23T00:00:00",
"dateUpdated": "2024-08-06T01:50:47.483Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-6944 (GCVE-0-2016-6944)
Vulnerability from cvelistv5
Published
2016-10-13 19:00
Modified
2024-08-06 01:43
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1089, CVE-2016-1091, CVE-2016-6945, CVE-2016-6946, CVE-2016-6949, CVE-2016-6952, CVE-2016-6953, CVE-2016-6961, CVE-2016-6962, CVE-2016-6963, CVE-2016-6964, CVE-2016-6965, CVE-2016-6967, CVE-2016-6968, CVE-2016-6969, CVE-2016-6971, CVE-2016-6979, CVE-2016-6988, and CVE-2016-6993.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T01:43:38.556Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1036986",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1036986"
},
{
"name": "93491",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/93491"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-10-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1089, CVE-2016-1091, CVE-2016-6945, CVE-2016-6946, CVE-2016-6949, CVE-2016-6952, CVE-2016-6953, CVE-2016-6961, CVE-2016-6962, CVE-2016-6963, CVE-2016-6964, CVE-2016-6965, CVE-2016-6967, CVE-2016-6968, CVE-2016-6969, CVE-2016-6971, CVE-2016-6979, CVE-2016-6988, and CVE-2016-6993."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-29T09:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "1036986",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1036986"
},
{
"name": "93491",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/93491"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-6944",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1089, CVE-2016-1091, CVE-2016-6945, CVE-2016-6946, CVE-2016-6949, CVE-2016-6952, CVE-2016-6953, CVE-2016-6961, CVE-2016-6962, CVE-2016-6963, CVE-2016-6964, CVE-2016-6965, CVE-2016-6967, CVE-2016-6968, CVE-2016-6969, CVE-2016-6971, CVE-2016-6979, CVE-2016-6988, and CVE-2016-6993."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1036986",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"name": "93491",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93491"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2016-6944",
"datePublished": "2016-10-13T19:00:00",
"dateReserved": "2016-08-23T00:00:00",
"dateUpdated": "2024-08-06T01:43:38.556Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-7002 (GCVE-0-2016-7002)
Vulnerability from cvelistv5
Published
2016-10-13 19:00
Modified
2024-08-06 01:50
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T01:50:46.643Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1036986",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1036986"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"name": "93496",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/93496"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-10-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-29T09:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "1036986",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1036986"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"name": "93496",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/93496"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-7002",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1036986",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"name": "93496",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93496"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2016-7002",
"datePublished": "2016-10-13T19:00:00",
"dateReserved": "2016-08-23T00:00:00",
"dateUpdated": "2024-08-06T01:50:46.643Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-1071 (GCVE-0-2016-1071)
Vulnerability from cvelistv5
Published
2016-05-11 10:00
Modified
2024-08-05 22:38
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T22:38:41.888Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-319"
},
{
"name": "1035828",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1035828"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-05-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-11-29T16:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-319"
},
{
"name": "1035828",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1035828"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-1071",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-16-319",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-319"
},
{
"name": "1035828",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2016-1071",
"datePublished": "2016-05-11T10:00:00",
"dateReserved": "2015-12-22T00:00:00",
"dateUpdated": "2024-08-05T22:38:41.888Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-3117 (GCVE-0-2017-3117)
Vulnerability from cvelistv5
Published
2017-08-11 19:00
Modified
2024-09-16 19:10
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Heap Overflow
Summary
Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable heap overflow vulnerability in the plugin that handles links within the PDF. Successful exploitation could lead to arbitrary code execution.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Adobe Systems Incorporated | Acrobat Reader |
Version: 2017.009.20058 and earlier Version: 2017.008.30051 and earlier Version: 2015.006.30306 and earlier Version: 11.0.20 and earlier |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T14:16:28.172Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "100180",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/100180"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"name": "1039098",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1039098"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe Systems Incorporated",
"versions": [
{
"status": "affected",
"version": "2017.009.20058 and earlier"
},
{
"status": "affected",
"version": "2017.008.30051 and earlier"
},
{
"status": "affected",
"version": "2015.006.30306 and earlier"
},
{
"status": "affected",
"version": "11.0.20 and earlier"
}
]
}
],
"datePublic": "2017-08-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable heap overflow vulnerability in the plugin that handles links within the PDF. Successful exploitation could lead to arbitrary code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Heap Overflow",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-12T09:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "100180",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/100180"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"name": "1039098",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1039098"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2017-08-08T00:00:00",
"ID": "CVE-2017-3117",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_value": "2017.009.20058 and earlier"
},
{
"version_value": "2017.008.30051 and earlier"
},
{
"version_value": "2015.006.30306 and earlier"
},
{
"version_value": "11.0.20 and earlier"
}
]
}
}
]
},
"vendor_name": "Adobe Systems Incorporated"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable heap overflow vulnerability in the plugin that handles links within the PDF. Successful exploitation could lead to arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Heap Overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "100180",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/100180"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"name": "1039098",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039098"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2017-3117",
"datePublished": "2017-08-11T19:00:00Z",
"dateReserved": "2016-12-02T00:00:00",
"dateUpdated": "2024-09-16T19:10:03.290Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-4191 (GCVE-0-2016-4191)
Vulnerability from cvelistv5
Published
2016-07-13 01:00
Modified
2024-08-06 00:17
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4192, CVE-2016-4193, CVE-2016-4194, CVE-2016-4195, CVE-2016-4196, CVE-2016-4197, CVE-2016-4198, CVE-2016-4199, CVE-2016-4200, CVE-2016-4201, CVE-2016-4202, CVE-2016-4203, CVE-2016-4204, CVE-2016-4205, CVE-2016-4206, CVE-2016-4207, CVE-2016-4208, CVE-2016-4211, CVE-2016-4212, CVE-2016-4213, CVE-2016-4214, CVE-2016-4250, CVE-2016-4251, CVE-2016-4252, and CVE-2016-4254.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T00:17:31.347Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "91716",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/91716"
},
{
"name": "1036281",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1036281"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-07-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4192, CVE-2016-4193, CVE-2016-4194, CVE-2016-4195, CVE-2016-4196, CVE-2016-4197, CVE-2016-4198, CVE-2016-4199, CVE-2016-4200, CVE-2016-4201, CVE-2016-4202, CVE-2016-4203, CVE-2016-4204, CVE-2016-4205, CVE-2016-4206, CVE-2016-4207, CVE-2016-4208, CVE-2016-4211, CVE-2016-4212, CVE-2016-4213, CVE-2016-4214, CVE-2016-4250, CVE-2016-4251, CVE-2016-4252, and CVE-2016-4254."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-31T09:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "91716",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/91716"
},
{
"name": "1036281",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1036281"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-4191",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4192, CVE-2016-4193, CVE-2016-4194, CVE-2016-4195, CVE-2016-4196, CVE-2016-4197, CVE-2016-4198, CVE-2016-4199, CVE-2016-4200, CVE-2016-4201, CVE-2016-4202, CVE-2016-4203, CVE-2016-4204, CVE-2016-4205, CVE-2016-4206, CVE-2016-4207, CVE-2016-4208, CVE-2016-4211, CVE-2016-4212, CVE-2016-4213, CVE-2016-4214, CVE-2016-4250, CVE-2016-4251, CVE-2016-4252, and CVE-2016-4254."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "91716",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/91716"
},
{
"name": "1036281",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036281"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2016-4191",
"datePublished": "2016-07-13T01:00:00",
"dateReserved": "2016-04-27T00:00:00",
"dateUpdated": "2024-08-06T00:17:31.347Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-4094 (GCVE-0-2016-4094)
Vulnerability from cvelistv5
Published
2016-05-11 10:00
Modified
2024-08-06 00:17
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T00:17:30.871Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1035828",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1035828"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-05-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-11-29T16:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "1035828",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1035828"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-4094",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1035828",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2016-4094",
"datePublished": "2016-05-11T10:00:00",
"dateReserved": "2016-04-27T00:00:00",
"dateUpdated": "2024-08-06T00:17:30.871Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-3035 (GCVE-0-2017-3035)
Vulnerability from cvelistv5
Published
2017-04-12 14:00
Modified
2024-08-05 14:16
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Use After Free
Summary
Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable use after free vulnerability in the XML Forms Architecture (XFA) engine. Successful exploitation could lead to arbitrary code execution.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier. |
Version: Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier. |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T14:16:26.438Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1038228",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1038228"
},
{
"name": "97550",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/97550"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier.",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier."
}
]
}
],
"datePublic": "2017-04-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable use after free vulnerability in the XML Forms Architecture (XFA) engine. Successful exploitation could lead to arbitrary code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Use After Free",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T09:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "1038228",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1038228"
},
{
"name": "97550",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/97550"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2017-3035",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier.",
"version": {
"version_data": [
{
"version_value": "Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier."
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable use after free vulnerability in the XML Forms Architecture (XFA) engine. Successful exploitation could lead to arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use After Free"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1038228",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038228"
},
{
"name": "97550",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/97550"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2017-3035",
"datePublished": "2017-04-12T14:00:00",
"dateReserved": "2016-12-02T00:00:00",
"dateUpdated": "2024-08-05T14:16:26.438Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-1041 (GCVE-0-2016-1041)
Vulnerability from cvelistv5
Published
2016-05-11 10:00
Modified
2024-08-05 22:38
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to bypass JavaScript API execution restrictions via unspecified vectors, a different vulnerability than CVE-2016-1038, CVE-2016-1039, CVE-2016-1040, CVE-2016-1042, CVE-2016-1044, CVE-2016-1062, and CVE-2016-1117.
References
| ► | URL | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T22:38:41.812Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-288"
},
{
"name": "1035828",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1035828"
},
{
"name": "90517",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/90517"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-05-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to bypass JavaScript API execution restrictions via unspecified vectors, a different vulnerability than CVE-2016-1038, CVE-2016-1039, CVE-2016-1040, CVE-2016-1042, CVE-2016-1044, CVE-2016-1062, and CVE-2016-1117."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-11-29T16:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-288"
},
{
"name": "1035828",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1035828"
},
{
"name": "90517",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/90517"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-1041",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to bypass JavaScript API execution restrictions via unspecified vectors, a different vulnerability than CVE-2016-1038, CVE-2016-1039, CVE-2016-1040, CVE-2016-1042, CVE-2016-1044, CVE-2016-1062, and CVE-2016-1117."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-16-288",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-288"
},
{
"name": "1035828",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"name": "90517",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/90517"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2016-1041",
"datePublished": "2016-05-11T10:00:00",
"dateReserved": "2015-12-22T00:00:00",
"dateUpdated": "2024-08-05T22:38:41.812Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-1053 (GCVE-0-2016-1053)
Vulnerability from cvelistv5
Published
2016-05-11 10:00
Modified
2024-08-05 22:38
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1045, CVE-2016-1046, CVE-2016-1047, CVE-2016-1048, CVE-2016-1049, CVE-2016-1050, CVE-2016-1051, CVE-2016-1052, CVE-2016-1054, CVE-2016-1055, CVE-2016-1056, CVE-2016-1057, CVE-2016-1058, CVE-2016-1059, CVE-2016-1060, CVE-2016-1061, CVE-2016-1065, CVE-2016-1066, CVE-2016-1067, CVE-2016-1068, CVE-2016-1069, CVE-2016-1070, CVE-2016-1075, CVE-2016-1094, CVE-2016-1121, CVE-2016-1122, CVE-2016-4102, and CVE-2016-4107.
References
| ► | URL | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T22:38:41.599Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "90512",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/90512"
},
{
"name": "1035828",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1035828"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-301"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-05-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1045, CVE-2016-1046, CVE-2016-1047, CVE-2016-1048, CVE-2016-1049, CVE-2016-1050, CVE-2016-1051, CVE-2016-1052, CVE-2016-1054, CVE-2016-1055, CVE-2016-1056, CVE-2016-1057, CVE-2016-1058, CVE-2016-1059, CVE-2016-1060, CVE-2016-1061, CVE-2016-1065, CVE-2016-1066, CVE-2016-1067, CVE-2016-1068, CVE-2016-1069, CVE-2016-1070, CVE-2016-1075, CVE-2016-1094, CVE-2016-1121, CVE-2016-1122, CVE-2016-4102, and CVE-2016-4107."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-11-29T16:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "90512",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/90512"
},
{
"name": "1035828",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1035828"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-301"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-1053",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1045, CVE-2016-1046, CVE-2016-1047, CVE-2016-1048, CVE-2016-1049, CVE-2016-1050, CVE-2016-1051, CVE-2016-1052, CVE-2016-1054, CVE-2016-1055, CVE-2016-1056, CVE-2016-1057, CVE-2016-1058, CVE-2016-1059, CVE-2016-1060, CVE-2016-1061, CVE-2016-1065, CVE-2016-1066, CVE-2016-1067, CVE-2016-1068, CVE-2016-1069, CVE-2016-1070, CVE-2016-1075, CVE-2016-1094, CVE-2016-1121, CVE-2016-1122, CVE-2016-4102, and CVE-2016-4107."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "90512",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/90512"
},
{
"name": "1035828",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-16-301",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-301"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2016-1053",
"datePublished": "2016-05-11T10:00:00",
"dateReserved": "2015-12-22T00:00:00",
"dateUpdated": "2024-08-05T22:38:41.599Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-3055 (GCVE-0-2017-3055)
Vulnerability from cvelistv5
Published
2017-04-12 14:00
Modified
2024-08-05 14:16
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Heap Overflow
Summary
Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable heap overflow vulnerability in JPEG 2000 parsing of the fragment list tag. Successful exploitation could lead to arbitrary code execution.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier. |
Version: Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier. |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T14:16:27.480Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1038228",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1038228"
},
{
"name": "97549",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/97549"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier.",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier."
}
]
}
],
"datePublic": "2017-04-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable heap overflow vulnerability in JPEG 2000 parsing of the fragment list tag. Successful exploitation could lead to arbitrary code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Heap Overflow",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T09:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "1038228",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1038228"
},
{
"name": "97549",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/97549"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2017-3055",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier.",
"version": {
"version_data": [
{
"version_value": "Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier."
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable heap overflow vulnerability in JPEG 2000 parsing of the fragment list tag. Successful exploitation could lead to arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Heap Overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1038228",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038228"
},
{
"name": "97549",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/97549"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2017-3055",
"datePublished": "2017-04-12T14:00:00",
"dateReserved": "2016-12-02T00:00:00",
"dateUpdated": "2024-08-05T14:16:27.480Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-6969 (GCVE-0-2016-6969)
Vulnerability from cvelistv5
Published
2016-10-13 19:00
Modified
2024-08-06 01:43
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1089, CVE-2016-1091, CVE-2016-6944, CVE-2016-6945, CVE-2016-6946, CVE-2016-6949, CVE-2016-6952, CVE-2016-6953, CVE-2016-6961, CVE-2016-6962, CVE-2016-6963, CVE-2016-6964, CVE-2016-6965, CVE-2016-6967, CVE-2016-6968, CVE-2016-6971, CVE-2016-6979, CVE-2016-6988, and CVE-2016-6993.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T01:43:38.855Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1036986",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1036986"
},
{
"name": "93491",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/93491"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-10-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1089, CVE-2016-1091, CVE-2016-6944, CVE-2016-6945, CVE-2016-6946, CVE-2016-6949, CVE-2016-6952, CVE-2016-6953, CVE-2016-6961, CVE-2016-6962, CVE-2016-6963, CVE-2016-6964, CVE-2016-6965, CVE-2016-6967, CVE-2016-6968, CVE-2016-6971, CVE-2016-6979, CVE-2016-6988, and CVE-2016-6993."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-29T09:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "1036986",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1036986"
},
{
"name": "93491",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/93491"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-6969",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1089, CVE-2016-1091, CVE-2016-6944, CVE-2016-6945, CVE-2016-6946, CVE-2016-6949, CVE-2016-6952, CVE-2016-6953, CVE-2016-6961, CVE-2016-6962, CVE-2016-6963, CVE-2016-6964, CVE-2016-6965, CVE-2016-6967, CVE-2016-6968, CVE-2016-6971, CVE-2016-6979, CVE-2016-6988, and CVE-2016-6993."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1036986",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"name": "93491",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93491"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2016-6969",
"datePublished": "2016-10-13T19:00:00",
"dateReserved": "2016-08-23T00:00:00",
"dateUpdated": "2024-08-06T01:43:38.855Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-4214 (GCVE-0-2016-4214)
Vulnerability from cvelistv5
Published
2016-07-13 01:00
Modified
2024-08-06 00:25
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4191, CVE-2016-4192, CVE-2016-4193, CVE-2016-4194, CVE-2016-4195, CVE-2016-4196, CVE-2016-4197, CVE-2016-4198, CVE-2016-4199, CVE-2016-4200, CVE-2016-4201, CVE-2016-4202, CVE-2016-4203, CVE-2016-4204, CVE-2016-4205, CVE-2016-4206, CVE-2016-4207, CVE-2016-4208, CVE-2016-4211, CVE-2016-4212, CVE-2016-4213, CVE-2016-4250, CVE-2016-4251, CVE-2016-4252, and CVE-2016-4254.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T00:25:13.195Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "91716",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/91716"
},
{
"name": "1036281",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1036281"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-07-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4191, CVE-2016-4192, CVE-2016-4193, CVE-2016-4194, CVE-2016-4195, CVE-2016-4196, CVE-2016-4197, CVE-2016-4198, CVE-2016-4199, CVE-2016-4200, CVE-2016-4201, CVE-2016-4202, CVE-2016-4203, CVE-2016-4204, CVE-2016-4205, CVE-2016-4206, CVE-2016-4207, CVE-2016-4208, CVE-2016-4211, CVE-2016-4212, CVE-2016-4213, CVE-2016-4250, CVE-2016-4251, CVE-2016-4252, and CVE-2016-4254."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-31T09:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "91716",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/91716"
},
{
"name": "1036281",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1036281"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-4214",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4191, CVE-2016-4192, CVE-2016-4193, CVE-2016-4194, CVE-2016-4195, CVE-2016-4196, CVE-2016-4197, CVE-2016-4198, CVE-2016-4199, CVE-2016-4200, CVE-2016-4201, CVE-2016-4202, CVE-2016-4203, CVE-2016-4204, CVE-2016-4205, CVE-2016-4206, CVE-2016-4207, CVE-2016-4208, CVE-2016-4211, CVE-2016-4212, CVE-2016-4213, CVE-2016-4250, CVE-2016-4251, CVE-2016-4252, and CVE-2016-4254."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "91716",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/91716"
},
{
"name": "1036281",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036281"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2016-4214",
"datePublished": "2016-07-13T01:00:00",
"dateReserved": "2016-04-27T00:00:00",
"dateUpdated": "2024-08-06T00:25:13.195Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-4193 (GCVE-0-2016-4193)
Vulnerability from cvelistv5
Published
2016-07-13 01:00
Modified
2024-08-06 00:17
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4191, CVE-2016-4192, CVE-2016-4194, CVE-2016-4195, CVE-2016-4196, CVE-2016-4197, CVE-2016-4198, CVE-2016-4199, CVE-2016-4200, CVE-2016-4201, CVE-2016-4202, CVE-2016-4203, CVE-2016-4204, CVE-2016-4205, CVE-2016-4206, CVE-2016-4207, CVE-2016-4208, CVE-2016-4211, CVE-2016-4212, CVE-2016-4213, CVE-2016-4214, CVE-2016-4250, CVE-2016-4251, CVE-2016-4252, and CVE-2016-4254.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T00:17:31.457Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "91716",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/91716"
},
{
"name": "1036281",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1036281"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-07-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4191, CVE-2016-4192, CVE-2016-4194, CVE-2016-4195, CVE-2016-4196, CVE-2016-4197, CVE-2016-4198, CVE-2016-4199, CVE-2016-4200, CVE-2016-4201, CVE-2016-4202, CVE-2016-4203, CVE-2016-4204, CVE-2016-4205, CVE-2016-4206, CVE-2016-4207, CVE-2016-4208, CVE-2016-4211, CVE-2016-4212, CVE-2016-4213, CVE-2016-4214, CVE-2016-4250, CVE-2016-4251, CVE-2016-4252, and CVE-2016-4254."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-31T09:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "91716",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/91716"
},
{
"name": "1036281",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1036281"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-4193",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4191, CVE-2016-4192, CVE-2016-4194, CVE-2016-4195, CVE-2016-4196, CVE-2016-4197, CVE-2016-4198, CVE-2016-4199, CVE-2016-4200, CVE-2016-4201, CVE-2016-4202, CVE-2016-4203, CVE-2016-4204, CVE-2016-4205, CVE-2016-4206, CVE-2016-4207, CVE-2016-4208, CVE-2016-4211, CVE-2016-4212, CVE-2016-4213, CVE-2016-4214, CVE-2016-4250, CVE-2016-4251, CVE-2016-4252, and CVE-2016-4254."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "91716",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/91716"
},
{
"name": "1036281",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036281"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2016-4193",
"datePublished": "2016-07-13T01:00:00",
"dateReserved": "2016-04-27T00:00:00",
"dateUpdated": "2024-08-06T00:17:31.457Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-4099 (GCVE-0-2016-4099)
Vulnerability from cvelistv5
Published
2016-05-11 10:00
Modified
2024-08-06 00:17
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T00:17:31.026Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1035828",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1035828"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-05-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-11-29T16:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "1035828",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1035828"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-4099",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1035828",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2016-4099",
"datePublished": "2016-05-11T10:00:00",
"dateReserved": "2016-04-27T00:00:00",
"dateUpdated": "2024-08-06T00:17:31.026Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-11263 (GCVE-0-2017-11263)
Vulnerability from cvelistv5
Published
2017-08-11 19:00
Modified
2024-09-17 03:47
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Memory Corruption
Summary
Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the internal data structure manipulation related to document encoding. Successful exploitation could lead to arbitrary code execution.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Adobe Systems Incorporated | Acrobat Reader |
Version: 2017.009.20058 and earlier Version: 2017.008.30051 and earlier Version: 2015.006.30306 and earlier Version: 11.0.20 and earlier |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T18:05:29.589Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"name": "1039098",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1039098"
},
{
"name": "100179",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/100179"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe Systems Incorporated",
"versions": [
{
"status": "affected",
"version": "2017.009.20058 and earlier"
},
{
"status": "affected",
"version": "2017.008.30051 and earlier"
},
{
"status": "affected",
"version": "2015.006.30306 and earlier"
},
{
"status": "affected",
"version": "11.0.20 and earlier"
}
]
}
],
"datePublic": "2017-08-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the internal data structure manipulation related to document encoding. Successful exploitation could lead to arbitrary code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Memory Corruption",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-12T09:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"name": "1039098",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1039098"
},
{
"name": "100179",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/100179"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2017-08-08T00:00:00",
"ID": "CVE-2017-11263",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_value": "2017.009.20058 and earlier"
},
{
"version_value": "2017.008.30051 and earlier"
},
{
"version_value": "2015.006.30306 and earlier"
},
{
"version_value": "11.0.20 and earlier"
}
]
}
}
]
},
"vendor_name": "Adobe Systems Incorporated"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the internal data structure manipulation related to document encoding. Successful exploitation could lead to arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Memory Corruption"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"name": "1039098",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039098"
},
{
"name": "100179",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/100179"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2017-11263",
"datePublished": "2017-08-11T19:00:00Z",
"dateReserved": "2017-07-13T00:00:00",
"dateUpdated": "2024-09-17T03:47:52.809Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-7852 (GCVE-0-2016-7852)
Vulnerability from cvelistv5
Published
2016-10-21 17:00
Modified
2024-08-06 02:13
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, CVE-2016-7019, CVE-2016-7853, and CVE-2016-7854.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T02:13:20.242Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"name": "93496",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/93496"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-10-21T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, CVE-2016-7019, CVE-2016-7853, and CVE-2016-7854."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-11-25T19:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"name": "93496",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/93496"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-7852",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, CVE-2016-7019, CVE-2016-7853, and CVE-2016-7854."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"name": "93496",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93496"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2016-7852",
"datePublished": "2016-10-21T17:00:00",
"dateReserved": "2016-09-09T00:00:00",
"dateUpdated": "2024-08-06T02:13:20.242Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-11256 (GCVE-0-2017-11256)
Vulnerability from cvelistv5
Published
2017-08-11 19:00
Modified
2024-09-16 17:14
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Use After Free
Summary
Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable use after free vulnerability when generating content using XFA layout engine. Successful exploitation could lead to arbitrary code execution.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Adobe Systems Incorporated | Acrobat Reader |
Version: 2017.009.20058 and earlier Version: 2017.008.30051 and earlier Version: 2015.006.30306 and earlier Version: 11.0.20 and earlier |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T18:05:30.093Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"name": "1039098",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1039098"
},
{
"name": "100182",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/100182"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe Systems Incorporated",
"versions": [
{
"status": "affected",
"version": "2017.009.20058 and earlier"
},
{
"status": "affected",
"version": "2017.008.30051 and earlier"
},
{
"status": "affected",
"version": "2015.006.30306 and earlier"
},
{
"status": "affected",
"version": "11.0.20 and earlier"
}
]
}
],
"datePublic": "2017-08-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable use after free vulnerability when generating content using XFA layout engine. Successful exploitation could lead to arbitrary code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Use After Free",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-12T09:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"name": "1039098",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1039098"
},
{
"name": "100182",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/100182"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2017-08-08T00:00:00",
"ID": "CVE-2017-11256",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_value": "2017.009.20058 and earlier"
},
{
"version_value": "2017.008.30051 and earlier"
},
{
"version_value": "2015.006.30306 and earlier"
},
{
"version_value": "11.0.20 and earlier"
}
]
}
}
]
},
"vendor_name": "Adobe Systems Incorporated"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable use after free vulnerability when generating content using XFA layout engine. Successful exploitation could lead to arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use After Free"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"name": "1039098",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039098"
},
{
"name": "100182",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/100182"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2017-11256",
"datePublished": "2017-08-11T19:00:00Z",
"dateReserved": "2017-07-13T00:00:00",
"dateUpdated": "2024-09-16T17:14:10.996Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-3012 (GCVE-0-2017-3012)
Vulnerability from cvelistv5
Published
2017-04-12 14:00
Modified
2024-08-05 14:09
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Insecure Library Loading (DLL hijacking)
Summary
Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an insecure library loading (DLL hijacking) vulnerability in the OCR plugin.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier. |
Version: Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier. |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T14:09:17.802Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1038228",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1038228"
},
{
"name": "97547",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/97547"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier.",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier."
}
]
}
],
"datePublic": "2017-04-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an insecure library loading (DLL hijacking) vulnerability in the OCR plugin."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Insecure Library Loading (DLL hijacking)",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T09:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "1038228",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1038228"
},
{
"name": "97547",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/97547"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2017-3012",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier.",
"version": {
"version_data": [
{
"version_value": "Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier."
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an insecure library loading (DLL hijacking) vulnerability in the OCR plugin."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Insecure Library Loading (DLL hijacking)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1038228",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038228"
},
{
"name": "97547",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/97547"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2017-3012",
"datePublished": "2017-04-12T14:00:00",
"dateReserved": "2016-12-02T00:00:00",
"dateUpdated": "2024-08-05T14:09:17.802Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-11258 (GCVE-0-2017-11258)
Vulnerability from cvelistv5
Published
2017-08-11 19:00
Modified
2024-09-16 20:31
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Memory Corruption
Summary
Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conversion engine when processing Enhanced Metafile Format (EMF) private data and the embedded GIF image. Successful exploitation could lead to arbitrary code execution.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Adobe Systems Incorporated | Acrobat Reader |
Version: 2017.009.20058 and earlier Version: 2017.008.30051 and earlier Version: 2015.006.30306 and earlier Version: 11.0.20 and earlier |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T18:05:30.335Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "100184",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/100184"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"name": "1039098",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1039098"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe Systems Incorporated",
"versions": [
{
"status": "affected",
"version": "2017.009.20058 and earlier"
},
{
"status": "affected",
"version": "2017.008.30051 and earlier"
},
{
"status": "affected",
"version": "2015.006.30306 and earlier"
},
{
"status": "affected",
"version": "11.0.20 and earlier"
}
]
}
],
"datePublic": "2017-08-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conversion engine when processing Enhanced Metafile Format (EMF) private data and the embedded GIF image. Successful exploitation could lead to arbitrary code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Memory Corruption",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-12T09:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "100184",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/100184"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"name": "1039098",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1039098"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2017-08-08T00:00:00",
"ID": "CVE-2017-11258",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_value": "2017.009.20058 and earlier"
},
{
"version_value": "2017.008.30051 and earlier"
},
{
"version_value": "2015.006.30306 and earlier"
},
{
"version_value": "11.0.20 and earlier"
}
]
}
}
]
},
"vendor_name": "Adobe Systems Incorporated"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conversion engine when processing Enhanced Metafile Format (EMF) private data and the embedded GIF image. Successful exploitation could lead to arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Memory Corruption"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "100184",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/100184"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"name": "1039098",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039098"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2017-11258",
"datePublished": "2017-08-11T19:00:00Z",
"dateReserved": "2017-07-13T00:00:00",
"dateUpdated": "2024-09-16T20:31:35.934Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-2970 (GCVE-0-2017-2970)
Vulnerability from cvelistv5
Published
2017-01-24 07:40
Modified
2024-08-05 14:09
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Heap Overflow
Summary
Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable heap overflow vulnerability in the XSLT engine related to template manipulation. Successful exploitation could lead to arbitrary code execution.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier. |
Version: Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier. |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T14:09:17.791Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "95690",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/95690"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier.",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier."
}
]
}
],
"datePublic": "2017-01-24T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable heap overflow vulnerability in the XSLT engine related to template manipulation. Successful exploitation could lead to arbitrary code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Heap Overflow",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-01-24T10:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "95690",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/95690"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2017-2970",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier.",
"version": {
"version_data": [
{
"version_value": "Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier."
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable heap overflow vulnerability in the XSLT engine related to template manipulation. Successful exploitation could lead to arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Heap Overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "95690",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/95690"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2017-2970",
"datePublished": "2017-01-24T07:40:00",
"dateReserved": "2016-12-02T00:00:00",
"dateUpdated": "2024-08-05T14:09:17.791Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-11249 (GCVE-0-2017-11249)
Vulnerability from cvelistv5
Published
2017-08-11 19:00
Modified
2024-09-17 01:47
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Memory Corruption
Summary
Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conversion engine when parsing an invalid Enhanced Metafile Format (EMF) record. Successful exploitation could lead to arbitrary code execution.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Adobe Systems Incorporated | Acrobat Reader |
Version: 2017.009.20058 and earlier Version: 2017.008.30051 and earlier Version: 2015.006.30306 and earlier Version: 11.0.20 and earlier |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T18:05:29.918Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "100184",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/100184"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"name": "1039098",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1039098"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe Systems Incorporated",
"versions": [
{
"status": "affected",
"version": "2017.009.20058 and earlier"
},
{
"status": "affected",
"version": "2017.008.30051 and earlier"
},
{
"status": "affected",
"version": "2015.006.30306 and earlier"
},
{
"status": "affected",
"version": "11.0.20 and earlier"
}
]
}
],
"datePublic": "2017-08-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conversion engine when parsing an invalid Enhanced Metafile Format (EMF) record. Successful exploitation could lead to arbitrary code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Memory Corruption",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-12T09:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "100184",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/100184"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"name": "1039098",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1039098"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2017-08-08T00:00:00",
"ID": "CVE-2017-11249",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_value": "2017.009.20058 and earlier"
},
{
"version_value": "2017.008.30051 and earlier"
},
{
"version_value": "2015.006.30306 and earlier"
},
{
"version_value": "11.0.20 and earlier"
}
]
}
}
]
},
"vendor_name": "Adobe Systems Incorporated"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conversion engine when parsing an invalid Enhanced Metafile Format (EMF) record. Successful exploitation could lead to arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Memory Corruption"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "100184",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/100184"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"name": "1039098",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039098"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2017-11249",
"datePublished": "2017-08-11T19:00:00Z",
"dateReserved": "2017-07-13T00:00:00",
"dateUpdated": "2024-09-17T01:47:01.254Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-3120 (GCVE-0-2017-3120)
Vulnerability from cvelistv5
Published
2017-08-11 19:00
Modified
2024-09-16 16:32
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Use After Free
Summary
Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable use after free vulnerability in the XFA parsing engine when handling certain types of internal instructions. Successful exploitation could lead to arbitrary code execution.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Adobe Systems Incorporated | Acrobat Reader |
Version: 2017.009.20058 and earlier Version: 2017.008.30051 and earlier Version: 2015.006.30306 and earlier Version: 11.0.20 and earlier |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T14:16:28.026Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"name": "1039098",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1039098"
},
{
"name": "100182",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/100182"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe Systems Incorporated",
"versions": [
{
"status": "affected",
"version": "2017.009.20058 and earlier"
},
{
"status": "affected",
"version": "2017.008.30051 and earlier"
},
{
"status": "affected",
"version": "2015.006.30306 and earlier"
},
{
"status": "affected",
"version": "11.0.20 and earlier"
}
]
}
],
"datePublic": "2017-08-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable use after free vulnerability in the XFA parsing engine when handling certain types of internal instructions. Successful exploitation could lead to arbitrary code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Use After Free",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-12T09:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"name": "1039098",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1039098"
},
{
"name": "100182",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/100182"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2017-08-08T00:00:00",
"ID": "CVE-2017-3120",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_value": "2017.009.20058 and earlier"
},
{
"version_value": "2017.008.30051 and earlier"
},
{
"version_value": "2015.006.30306 and earlier"
},
{
"version_value": "11.0.20 and earlier"
}
]
}
}
]
},
"vendor_name": "Adobe Systems Incorporated"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable use after free vulnerability in the XFA parsing engine when handling certain types of internal instructions. Successful exploitation could lead to arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use After Free"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"name": "1039098",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039098"
},
{
"name": "100182",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/100182"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2017-3120",
"datePublished": "2017-08-11T19:00:00Z",
"dateReserved": "2016-12-02T00:00:00",
"dateUpdated": "2024-09-16T16:32:29.678Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-6956 (GCVE-0-2016-6956)
Vulnerability from cvelistv5
Published
2016-10-13 19:00
Modified
2024-08-06 01:43
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T01:43:38.810Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1036986",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1036986"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"name": "93496",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/93496"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-10-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-29T09:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "1036986",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1036986"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"name": "93496",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/93496"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-6956",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1036986",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"name": "93496",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93496"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2016-6956",
"datePublished": "2016-10-13T19:00:00",
"dateReserved": "2016-08-23T00:00:00",
"dateUpdated": "2024-08-06T01:43:38.810Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-3118 (GCVE-0-2017-3118)
Vulnerability from cvelistv5
Published
2017-08-11 19:00
Modified
2024-09-16 22:36
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Security Bypass
Summary
Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has a security bypass vulnerability related to execution of malicious attachments.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Adobe Systems Incorporated | Acrobat Reader |
Version: 2017.009.20058 and earlier Version: 2017.008.30051 and earlier Version: 2015.006.30306 and earlier Version: 11.0.20 and earlier |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T14:16:27.963Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"name": "1039098",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1039098"
},
{
"name": "100189",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/100189"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe Systems Incorporated",
"versions": [
{
"status": "affected",
"version": "2017.009.20058 and earlier"
},
{
"status": "affected",
"version": "2017.008.30051 and earlier"
},
{
"status": "affected",
"version": "2015.006.30306 and earlier"
},
{
"status": "affected",
"version": "11.0.20 and earlier"
}
]
}
],
"datePublic": "2017-08-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has a security bypass vulnerability related to execution of malicious attachments."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Security Bypass",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-12T09:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"name": "1039098",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1039098"
},
{
"name": "100189",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/100189"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2017-08-08T00:00:00",
"ID": "CVE-2017-3118",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_value": "2017.009.20058 and earlier"
},
{
"version_value": "2017.008.30051 and earlier"
},
{
"version_value": "2015.006.30306 and earlier"
},
{
"version_value": "11.0.20 and earlier"
}
]
}
}
]
},
"vendor_name": "Adobe Systems Incorporated"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has a security bypass vulnerability related to execution of malicious attachments."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Security Bypass"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"name": "1039098",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039098"
},
{
"name": "100189",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/100189"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2017-3118",
"datePublished": "2017-08-11T19:00:00Z",
"dateReserved": "2016-12-02T00:00:00",
"dateUpdated": "2024-09-16T22:36:13.682Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-4252 (GCVE-0-2016-4252)
Vulnerability from cvelistv5
Published
2016-07-13 01:00
Modified
2024-08-06 00:25
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4191, CVE-2016-4192, CVE-2016-4193, CVE-2016-4194, CVE-2016-4195, CVE-2016-4196, CVE-2016-4197, CVE-2016-4198, CVE-2016-4199, CVE-2016-4200, CVE-2016-4201, CVE-2016-4202, CVE-2016-4203, CVE-2016-4204, CVE-2016-4205, CVE-2016-4206, CVE-2016-4207, CVE-2016-4208, CVE-2016-4211, CVE-2016-4212, CVE-2016-4213, CVE-2016-4214, CVE-2016-4250, CVE-2016-4251, and CVE-2016-4254.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T00:25:14.107Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "91716",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/91716"
},
{
"name": "1036281",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1036281"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-07-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4191, CVE-2016-4192, CVE-2016-4193, CVE-2016-4194, CVE-2016-4195, CVE-2016-4196, CVE-2016-4197, CVE-2016-4198, CVE-2016-4199, CVE-2016-4200, CVE-2016-4201, CVE-2016-4202, CVE-2016-4203, CVE-2016-4204, CVE-2016-4205, CVE-2016-4206, CVE-2016-4207, CVE-2016-4208, CVE-2016-4211, CVE-2016-4212, CVE-2016-4213, CVE-2016-4214, CVE-2016-4250, CVE-2016-4251, and CVE-2016-4254."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-31T09:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "91716",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/91716"
},
{
"name": "1036281",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1036281"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-4252",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4191, CVE-2016-4192, CVE-2016-4193, CVE-2016-4194, CVE-2016-4195, CVE-2016-4196, CVE-2016-4197, CVE-2016-4198, CVE-2016-4199, CVE-2016-4200, CVE-2016-4201, CVE-2016-4202, CVE-2016-4203, CVE-2016-4204, CVE-2016-4205, CVE-2016-4206, CVE-2016-4207, CVE-2016-4208, CVE-2016-4211, CVE-2016-4212, CVE-2016-4213, CVE-2016-4214, CVE-2016-4250, CVE-2016-4251, and CVE-2016-4254."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "91716",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/91716"
},
{
"name": "1036281",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036281"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2016-4252",
"datePublished": "2016-07-13T01:00:00",
"dateReserved": "2016-04-27T00:00:00",
"dateUpdated": "2024-08-06T00:25:14.107Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-2959 (GCVE-0-2017-2959)
Vulnerability from cvelistv5
Published
2017-01-11 04:40
Modified
2024-08-05 14:09
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Heap Overflow
Summary
Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable heap overflow vulnerability in the image conversion engine, related to parsing of color profile metadata. Successful exploitation could lead to arbitrary code execution.
References
| ► | URL | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier. |
Version: Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier. |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T14:09:17.790Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "95344",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/95344"
},
{
"name": "1037574",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1037574"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-17-023"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier.",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier."
}
]
}
],
"datePublic": "2017-01-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable heap overflow vulnerability in the image conversion engine, related to parsing of color profile metadata. Successful exploitation could lead to arbitrary code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Heap Overflow",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-01-12T22:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "95344",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/95344"
},
{
"name": "1037574",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1037574"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-17-023"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2017-2959",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier.",
"version": {
"version_data": [
{
"version_value": "Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier."
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable heap overflow vulnerability in the image conversion engine, related to parsing of color profile metadata. Successful exploitation could lead to arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Heap Overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "95344",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/95344"
},
{
"name": "1037574",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037574"
},
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-17-023",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-17-023"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2017-2959",
"datePublished": "2017-01-11T04:40:00",
"dateReserved": "2016-12-02T00:00:00",
"dateUpdated": "2024-08-05T14:09:17.790Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-1080 (GCVE-0-2016-1080)
Vulnerability from cvelistv5
Published
2016-05-11 10:00
Modified
2024-08-05 22:38
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T22:38:41.821Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1035828",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1035828"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-327"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-05-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-11-29T16:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "1035828",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1035828"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-327"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-1080",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1035828",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-16-327",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-327"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2016-1080",
"datePublished": "2016-05-11T10:00:00",
"dateReserved": "2015-12-22T00:00:00",
"dateUpdated": "2024-08-05T22:38:41.821Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-11262 (GCVE-0-2017-11262)
Vulnerability from cvelistv5
Published
2017-08-11 19:00
Modified
2024-09-16 17:43
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Memory Corruption
Summary
Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conversion engine when processing Enhanced Metafile Format (EMF) data related to drawing ASCII text string. Successful exploitation could lead to arbitrary code execution.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Adobe Systems Incorporated | Acrobat Reader |
Version: 2017.009.20058 and earlier Version: 2017.008.30051 and earlier Version: 2015.006.30306 and earlier Version: 11.0.20 and earlier |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T18:05:29.988Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"name": "1039098",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1039098"
},
{
"name": "100179",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/100179"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe Systems Incorporated",
"versions": [
{
"status": "affected",
"version": "2017.009.20058 and earlier"
},
{
"status": "affected",
"version": "2017.008.30051 and earlier"
},
{
"status": "affected",
"version": "2015.006.30306 and earlier"
},
{
"status": "affected",
"version": "11.0.20 and earlier"
}
]
}
],
"datePublic": "2017-08-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conversion engine when processing Enhanced Metafile Format (EMF) data related to drawing ASCII text string. Successful exploitation could lead to arbitrary code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Memory Corruption",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-12T09:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"name": "1039098",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1039098"
},
{
"name": "100179",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/100179"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2017-08-08T00:00:00",
"ID": "CVE-2017-11262",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_value": "2017.009.20058 and earlier"
},
{
"version_value": "2017.008.30051 and earlier"
},
{
"version_value": "2015.006.30306 and earlier"
},
{
"version_value": "11.0.20 and earlier"
}
]
}
}
]
},
"vendor_name": "Adobe Systems Incorporated"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conversion engine when processing Enhanced Metafile Format (EMF) data related to drawing ASCII text string. Successful exploitation could lead to arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Memory Corruption"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"name": "1039098",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039098"
},
{
"name": "100179",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/100179"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2017-11262",
"datePublished": "2017-08-11T19:00:00Z",
"dateReserved": "2017-07-13T00:00:00",
"dateUpdated": "2024-09-16T17:43:36.103Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-1083 (GCVE-0-2016-1083)
Vulnerability from cvelistv5
Published
2016-05-11 10:00
Modified
2024-08-05 22:38
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T22:38:41.793Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1035828",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1035828"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-05-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-11-29T16:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "1035828",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1035828"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-1083",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1035828",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2016-1083",
"datePublished": "2016-05-11T10:00:00",
"dateReserved": "2015-12-22T00:00:00",
"dateUpdated": "2024-08-05T22:38:41.793Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-2965 (GCVE-0-2017-2965)
Vulnerability from cvelistv5
Published
2017-01-11 04:40
Modified
2024-08-05 14:09
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Memory Corruption
Summary
Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable memory corruption vulnerability in the image conversion engine, related to TIFF file parsing. Successful exploitation could lead to arbitrary code execution.
References
| ► | URL | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier. |
Version: Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier. |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T14:09:17.756Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "95345",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/95345"
},
{
"name": "1037574",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1037574"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-17-010"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier.",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier."
}
]
}
],
"datePublic": "2017-01-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable memory corruption vulnerability in the image conversion engine, related to TIFF file parsing. Successful exploitation could lead to arbitrary code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Memory Corruption",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-01-12T22:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "95345",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/95345"
},
{
"name": "1037574",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1037574"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-17-010"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2017-2965",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier.",
"version": {
"version_data": [
{
"version_value": "Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier."
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable memory corruption vulnerability in the image conversion engine, related to TIFF file parsing. Successful exploitation could lead to arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Memory Corruption"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "95345",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/95345"
},
{
"name": "1037574",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037574"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html"
},
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-17-010",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-17-010"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2017-2965",
"datePublished": "2017-01-11T04:40:00",
"dateReserved": "2016-12-02T00:00:00",
"dateUpdated": "2024-08-05T14:09:17.756Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-6966 (GCVE-0-2016-6966)
Vulnerability from cvelistv5
Published
2016-10-13 19:00
Modified
2024-08-06 01:43
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T01:43:38.730Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1036986",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1036986"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"name": "93496",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/93496"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-10-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-29T09:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "1036986",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1036986"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"name": "93496",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/93496"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-6966",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1036986",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"name": "93496",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93496"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2016-6966",
"datePublished": "2016-10-13T19:00:00",
"dateReserved": "2016-08-23T00:00:00",
"dateUpdated": "2024-08-06T01:43:38.730Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2011-4371 (GCVE-0-2011-4371)
Vulnerability from cvelistv5
Published
2012-01-10 21:00
Modified
2024-08-07 00:09
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Adobe Reader and Acrobat before 9.5, and 10.x before 10.1.2, on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.
References
| ► | URL | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T00:09:18.361Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.adobe.com/support/security/bulletins/apsb12-01.html"
},
{
"name": "51351",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/51351"
},
{
"name": "oval:org.mitre.oval:def:14809",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14809"
},
{
"name": "1026496",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1026496"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-01-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 9.5, and 10.x before 10.1.2, on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-18T12:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.adobe.com/support/security/bulletins/apsb12-01.html"
},
{
"name": "51351",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/51351"
},
{
"name": "oval:org.mitre.oval:def:14809",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14809"
},
{
"name": "1026496",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1026496"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2011-4371",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Reader and Acrobat before 9.5, and 10.x before 10.1.2, on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.adobe.com/support/security/bulletins/apsb12-01.html",
"refsource": "CONFIRM",
"url": "http://www.adobe.com/support/security/bulletins/apsb12-01.html"
},
{
"name": "51351",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/51351"
},
{
"name": "oval:org.mitre.oval:def:14809",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14809"
},
{
"name": "1026496",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1026496"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2011-4371",
"datePublished": "2012-01-10T21:00:00",
"dateReserved": "2011-11-04T00:00:00",
"dateUpdated": "2024-08-07T00:09:18.361Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-6976 (GCVE-0-2016-6976)
Vulnerability from cvelistv5
Published
2016-10-13 19:00
Modified
2024-08-06 01:50
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T01:50:46.069Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1036986",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1036986"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"name": "93496",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/93496"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-10-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-29T09:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "1036986",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1036986"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"name": "93496",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/93496"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-6976",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1036986",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"name": "93496",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93496"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2016-6976",
"datePublished": "2016-10-13T19:00:00",
"dateReserved": "2016-08-23T00:00:00",
"dateUpdated": "2024-08-06T01:50:46.069Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-11223 (GCVE-0-2017-11223)
Vulnerability from cvelistv5
Published
2017-08-11 19:00
Modified
2024-09-16 21:03
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Use After Free
Summary
Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable use after free vulnerability in the core of the XFA engine. Successful exploitation could lead to arbitrary code execution.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Adobe Systems Incorporated | Acrobat Reader |
Version: 2017.009.20058 and earlier Version: 2017.008.30051 and earlier Version: 2015.006.30306 and earlier Version: 11.0.20 and earlier |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T18:05:29.546Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"name": "1039098",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1039098"
},
{
"name": "100182",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/100182"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe Systems Incorporated",
"versions": [
{
"status": "affected",
"version": "2017.009.20058 and earlier"
},
{
"status": "affected",
"version": "2017.008.30051 and earlier"
},
{
"status": "affected",
"version": "2015.006.30306 and earlier"
},
{
"status": "affected",
"version": "11.0.20 and earlier"
}
]
}
],
"datePublic": "2017-08-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable use after free vulnerability in the core of the XFA engine. Successful exploitation could lead to arbitrary code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Use After Free",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-12T09:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"name": "1039098",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1039098"
},
{
"name": "100182",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/100182"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2017-08-08T00:00:00",
"ID": "CVE-2017-11223",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_value": "2017.009.20058 and earlier"
},
{
"version_value": "2017.008.30051 and earlier"
},
{
"version_value": "2015.006.30306 and earlier"
},
{
"version_value": "11.0.20 and earlier"
}
]
}
}
]
},
"vendor_name": "Adobe Systems Incorporated"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable use after free vulnerability in the core of the XFA engine. Successful exploitation could lead to arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use After Free"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"name": "1039098",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039098"
},
{
"name": "100182",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/100182"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2017-11223",
"datePublished": "2017-08-11T19:00:00Z",
"dateReserved": "2017-07-13T00:00:00",
"dateUpdated": "2024-09-16T21:03:35.704Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-4100 (GCVE-0-2016-4100)
Vulnerability from cvelistv5
Published
2016-05-11 10:00
Modified
2024-08-06 00:17
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T00:17:31.172Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1035828",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1035828"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-05-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-11-29T16:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "1035828",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1035828"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-4100",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1035828",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2016-4100",
"datePublished": "2016-05-11T10:00:00",
"dateReserved": "2016-04-27T00:00:00",
"dateUpdated": "2024-08-06T00:17:31.172Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-7005 (GCVE-0-2016-7005)
Vulnerability from cvelistv5
Published
2016-10-13 19:00
Modified
2024-08-06 01:50
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T01:50:46.707Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1036986",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1036986"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"name": "93496",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/93496"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-10-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-29T09:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "1036986",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1036986"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"name": "93496",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/93496"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-7005",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1036986",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"name": "93496",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93496"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2016-7005",
"datePublished": "2016-10-13T19:00:00",
"dateReserved": "2016-08-23T00:00:00",
"dateUpdated": "2024-08-06T01:50:46.707Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-1037 (GCVE-0-2016-1037)
Vulnerability from cvelistv5
Published
2016-05-11 10:00
Modified
2024-08-05 22:38
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T22:38:41.614Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1035828",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1035828"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-05-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-11-29T16:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "1035828",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1035828"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-1037",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1035828",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2016-1037",
"datePublished": "2016-05-11T10:00:00",
"dateReserved": "2015-12-22T00:00:00",
"dateUpdated": "2024-08-05T22:38:41.614Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-4250 (GCVE-0-2016-4250)
Vulnerability from cvelistv5
Published
2016-07-13 01:00
Modified
2024-08-06 00:25
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4191, CVE-2016-4192, CVE-2016-4193, CVE-2016-4194, CVE-2016-4195, CVE-2016-4196, CVE-2016-4197, CVE-2016-4198, CVE-2016-4199, CVE-2016-4200, CVE-2016-4201, CVE-2016-4202, CVE-2016-4203, CVE-2016-4204, CVE-2016-4205, CVE-2016-4206, CVE-2016-4207, CVE-2016-4208, CVE-2016-4211, CVE-2016-4212, CVE-2016-4213, CVE-2016-4214, CVE-2016-4251, CVE-2016-4252, and CVE-2016-4254.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T00:25:14.021Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "91716",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/91716"
},
{
"name": "1036281",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1036281"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-07-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4191, CVE-2016-4192, CVE-2016-4193, CVE-2016-4194, CVE-2016-4195, CVE-2016-4196, CVE-2016-4197, CVE-2016-4198, CVE-2016-4199, CVE-2016-4200, CVE-2016-4201, CVE-2016-4202, CVE-2016-4203, CVE-2016-4204, CVE-2016-4205, CVE-2016-4206, CVE-2016-4207, CVE-2016-4208, CVE-2016-4211, CVE-2016-4212, CVE-2016-4213, CVE-2016-4214, CVE-2016-4251, CVE-2016-4252, and CVE-2016-4254."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-31T09:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "91716",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/91716"
},
{
"name": "1036281",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1036281"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-4250",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4191, CVE-2016-4192, CVE-2016-4193, CVE-2016-4194, CVE-2016-4195, CVE-2016-4196, CVE-2016-4197, CVE-2016-4198, CVE-2016-4199, CVE-2016-4200, CVE-2016-4201, CVE-2016-4202, CVE-2016-4203, CVE-2016-4204, CVE-2016-4205, CVE-2016-4206, CVE-2016-4207, CVE-2016-4208, CVE-2016-4211, CVE-2016-4212, CVE-2016-4213, CVE-2016-4214, CVE-2016-4251, CVE-2016-4252, and CVE-2016-4254."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "91716",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/91716"
},
{
"name": "1036281",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036281"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2016-4250",
"datePublished": "2016-07-13T01:00:00",
"dateReserved": "2016-04-27T00:00:00",
"dateUpdated": "2024-08-06T00:25:14.021Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-3122 (GCVE-0-2017-3122)
Vulnerability from cvelistv5
Published
2017-08-11 19:00
Modified
2024-09-16 22:55
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Memory Corruption
Summary
Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conversion engine when processing Enhanced Metafile Format (EMF) data related to Bezier curves. Successful exploitation could lead to arbitrary code execution.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Adobe Systems Incorporated | Acrobat Reader |
Version: 2017.009.20058 and earlier Version: 2017.008.30051 and earlier Version: 2015.006.30306 and earlier Version: 11.0.20 and earlier |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T14:16:28.113Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "100184",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/100184"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"name": "1039098",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1039098"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe Systems Incorporated",
"versions": [
{
"status": "affected",
"version": "2017.009.20058 and earlier"
},
{
"status": "affected",
"version": "2017.008.30051 and earlier"
},
{
"status": "affected",
"version": "2015.006.30306 and earlier"
},
{
"status": "affected",
"version": "11.0.20 and earlier"
}
]
}
],
"datePublic": "2017-08-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conversion engine when processing Enhanced Metafile Format (EMF) data related to Bezier curves. Successful exploitation could lead to arbitrary code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Memory Corruption",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-12T09:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "100184",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/100184"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"name": "1039098",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1039098"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2017-08-08T00:00:00",
"ID": "CVE-2017-3122",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_value": "2017.009.20058 and earlier"
},
{
"version_value": "2017.008.30051 and earlier"
},
{
"version_value": "2015.006.30306 and earlier"
},
{
"version_value": "11.0.20 and earlier"
}
]
}
}
]
},
"vendor_name": "Adobe Systems Incorporated"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conversion engine when processing Enhanced Metafile Format (EMF) data related to Bezier curves. Successful exploitation could lead to arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Memory Corruption"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "100184",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/100184"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"name": "1039098",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039098"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2017-3122",
"datePublished": "2017-08-11T19:00:00Z",
"dateReserved": "2016-12-02T00:00:00",
"dateUpdated": "2024-09-16T22:55:53.568Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-3043 (GCVE-0-2017-3043)
Vulnerability from cvelistv5
Published
2017-04-12 14:00
Modified
2024-08-05 14:16
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Information Disclosure
Summary
Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have a memory address leak vulnerability in the collaboration functionality.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier. |
Version: Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier. |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T14:16:26.445Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "97554",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/97554"
},
{
"name": "1038228",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1038228"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier.",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier."
}
]
}
],
"datePublic": "2017-04-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have a memory address leak vulnerability in the collaboration functionality."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information Disclosure",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T09:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "97554",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/97554"
},
{
"name": "1038228",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1038228"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2017-3043",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier.",
"version": {
"version_data": [
{
"version_value": "Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier."
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have a memory address leak vulnerability in the collaboration functionality."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information Disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "97554",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/97554"
},
{
"name": "1038228",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038228"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2017-3043",
"datePublished": "2017-04-12T14:00:00",
"dateReserved": "2016-12-02T00:00:00",
"dateUpdated": "2024-08-05T14:16:26.445Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-3017 (GCVE-0-2017-3017)
Vulnerability from cvelistv5
Published
2017-04-12 14:00
Modified
2024-08-05 14:09
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Memory Corruption
Summary
Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability when handling a malformed PDF file. Successful exploitation could lead to arbitrary code execution.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier. |
Version: Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier. |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T14:09:17.808Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1038228",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1038228"
},
{
"name": "97556",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/97556"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier.",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier."
}
]
}
],
"datePublic": "2017-04-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability when handling a malformed PDF file. Successful exploitation could lead to arbitrary code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Memory Corruption",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T09:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "1038228",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1038228"
},
{
"name": "97556",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/97556"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2017-3017",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier.",
"version": {
"version_data": [
{
"version_value": "Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier."
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability when handling a malformed PDF file. Successful exploitation could lead to arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Memory Corruption"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1038228",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038228"
},
{
"name": "97556",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/97556"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2017-3017",
"datePublished": "2017-04-12T14:00:00",
"dateReserved": "2016-12-02T00:00:00",
"dateUpdated": "2024-08-05T14:09:17.808Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-7016 (GCVE-0-2016-7016)
Vulnerability from cvelistv5
Published
2016-10-13 19:00
Modified
2024-08-06 01:50
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T01:50:47.399Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1036986",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1036986"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"name": "93496",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/93496"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-10-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-29T09:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "1036986",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1036986"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"name": "93496",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/93496"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-7016",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1036986",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"name": "93496",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93496"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2016-7016",
"datePublished": "2016-10-13T19:00:00",
"dateReserved": "2016-08-23T00:00:00",
"dateUpdated": "2024-08-06T01:50:47.399Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-1122 (GCVE-0-2016-1122)
Vulnerability from cvelistv5
Published
2016-05-11 10:00
Modified
2024-08-05 22:48
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1045, CVE-2016-1046, CVE-2016-1047, CVE-2016-1048, CVE-2016-1049, CVE-2016-1050, CVE-2016-1051, CVE-2016-1052, CVE-2016-1053, CVE-2016-1054, CVE-2016-1055, CVE-2016-1056, CVE-2016-1057, CVE-2016-1058, CVE-2016-1059, CVE-2016-1060, CVE-2016-1061, CVE-2016-1065, CVE-2016-1066, CVE-2016-1067, CVE-2016-1068, CVE-2016-1069, CVE-2016-1070, CVE-2016-1075, CVE-2016-1094, CVE-2016-1121, CVE-2016-4102, and CVE-2016-4107.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T22:48:13.395Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "90512",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/90512"
},
{
"name": "1035828",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1035828"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-05-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1045, CVE-2016-1046, CVE-2016-1047, CVE-2016-1048, CVE-2016-1049, CVE-2016-1050, CVE-2016-1051, CVE-2016-1052, CVE-2016-1053, CVE-2016-1054, CVE-2016-1055, CVE-2016-1056, CVE-2016-1057, CVE-2016-1058, CVE-2016-1059, CVE-2016-1060, CVE-2016-1061, CVE-2016-1065, CVE-2016-1066, CVE-2016-1067, CVE-2016-1068, CVE-2016-1069, CVE-2016-1070, CVE-2016-1075, CVE-2016-1094, CVE-2016-1121, CVE-2016-4102, and CVE-2016-4107."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-11-29T16:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "90512",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/90512"
},
{
"name": "1035828",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1035828"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-1122",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1045, CVE-2016-1046, CVE-2016-1047, CVE-2016-1048, CVE-2016-1049, CVE-2016-1050, CVE-2016-1051, CVE-2016-1052, CVE-2016-1053, CVE-2016-1054, CVE-2016-1055, CVE-2016-1056, CVE-2016-1057, CVE-2016-1058, CVE-2016-1059, CVE-2016-1060, CVE-2016-1061, CVE-2016-1065, CVE-2016-1066, CVE-2016-1067, CVE-2016-1068, CVE-2016-1069, CVE-2016-1070, CVE-2016-1075, CVE-2016-1094, CVE-2016-1121, CVE-2016-4102, and CVE-2016-4107."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "90512",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/90512"
},
{
"name": "1035828",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2016-1122",
"datePublished": "2016-05-11T10:00:00",
"dateReserved": "2015-12-22T00:00:00",
"dateUpdated": "2024-08-05T22:48:13.395Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-6978 (GCVE-0-2016-6978)
Vulnerability from cvelistv5
Published
2016-10-13 19:00
Modified
2024-08-06 01:50
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T01:50:46.068Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1036986",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1036986"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"name": "93496",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/93496"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-10-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-29T09:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "1036986",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1036986"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"name": "93496",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/93496"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-6978",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1036986",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"name": "93496",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93496"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2016-6978",
"datePublished": "2016-10-13T19:00:00",
"dateReserved": "2016-08-23T00:00:00",
"dateUpdated": "2024-08-06T01:50:46.068Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-6941 (GCVE-0-2016-6941)
Vulnerability from cvelistv5
Published
2016-10-13 19:00
Modified
2024-08-06 01:43
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T01:43:38.808Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1036986",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1036986"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"name": "93496",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/93496"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-10-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-29T09:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "1036986",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1036986"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"name": "93496",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/93496"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-6941",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1036986",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"name": "93496",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93496"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2016-6941",
"datePublished": "2016-10-13T19:00:00",
"dateReserved": "2016-08-23T00:00:00",
"dateUpdated": "2024-08-06T01:43:38.808Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-11270 (GCVE-0-2017-11270)
Vulnerability from cvelistv5
Published
2017-08-11 19:00
Modified
2024-09-16 19:46
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Memory Corruption
Summary
Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conversion engine when processing Enhanced Metafile Format (EMF) private data representing icons. Successful exploitation could lead to arbitrary code execution.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Adobe Systems Incorporated | Acrobat Reader |
Version: 2017.009.20058 and earlier Version: 2017.008.30051 and earlier Version: 2015.006.30306 and earlier Version: 11.0.20 and earlier |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T18:05:30.419Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"name": "1039098",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1039098"
},
{
"name": "100179",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/100179"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe Systems Incorporated",
"versions": [
{
"status": "affected",
"version": "2017.009.20058 and earlier"
},
{
"status": "affected",
"version": "2017.008.30051 and earlier"
},
{
"status": "affected",
"version": "2015.006.30306 and earlier"
},
{
"status": "affected",
"version": "11.0.20 and earlier"
}
]
}
],
"datePublic": "2017-08-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conversion engine when processing Enhanced Metafile Format (EMF) private data representing icons. Successful exploitation could lead to arbitrary code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Memory Corruption",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-12T09:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"name": "1039098",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1039098"
},
{
"name": "100179",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/100179"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2017-08-08T00:00:00",
"ID": "CVE-2017-11270",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_value": "2017.009.20058 and earlier"
},
{
"version_value": "2017.008.30051 and earlier"
},
{
"version_value": "2015.006.30306 and earlier"
},
{
"version_value": "11.0.20 and earlier"
}
]
}
}
]
},
"vendor_name": "Adobe Systems Incorporated"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conversion engine when processing Enhanced Metafile Format (EMF) private data representing icons. Successful exploitation could lead to arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Memory Corruption"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"name": "1039098",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039098"
},
{
"name": "100179",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/100179"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2017-11270",
"datePublished": "2017-08-11T19:00:00Z",
"dateReserved": "2017-07-13T00:00:00",
"dateUpdated": "2024-09-16T19:46:29.843Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-3042 (GCVE-0-2017-3042)
Vulnerability from cvelistv5
Published
2017-04-12 14:00
Modified
2024-08-05 14:16
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Heap Overflow
Summary
Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable heap overflow vulnerability in image conversion, related to parsing offsets in TIFF files. Successful exploitation could lead to arbitrary code execution.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier. |
Version: Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier. |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T14:16:26.315Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1038228",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1038228"
},
{
"name": "97549",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/97549"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier.",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier."
}
]
}
],
"datePublic": "2017-04-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable heap overflow vulnerability in image conversion, related to parsing offsets in TIFF files. Successful exploitation could lead to arbitrary code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Heap Overflow",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T09:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "1038228",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1038228"
},
{
"name": "97549",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/97549"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2017-3042",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier.",
"version": {
"version_data": [
{
"version_value": "Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier."
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable heap overflow vulnerability in image conversion, related to parsing offsets in TIFF files. Successful exploitation could lead to arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Heap Overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1038228",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038228"
},
{
"name": "97549",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/97549"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2017-3042",
"datePublished": "2017-04-12T14:00:00",
"dateReserved": "2016-12-02T00:00:00",
"dateUpdated": "2024-08-05T14:16:26.315Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-3020 (GCVE-0-2017-3020)
Vulnerability from cvelistv5
Published
2017-04-12 14:00
Modified
2024-08-05 14:09
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Information Disclosure
Summary
Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have a memory address leak vulnerability in the weblink module.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier. |
Version: Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier. |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T14:09:17.782Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "97554",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/97554"
},
{
"name": "1038228",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1038228"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier.",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier."
}
]
}
],
"datePublic": "2017-04-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have a memory address leak vulnerability in the weblink module."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information Disclosure",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T09:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "97554",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/97554"
},
{
"name": "1038228",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1038228"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2017-3020",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier.",
"version": {
"version_data": [
{
"version_value": "Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier."
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have a memory address leak vulnerability in the weblink module."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information Disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "97554",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/97554"
},
{
"name": "1038228",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038228"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2017-3020",
"datePublished": "2017-04-12T14:00:00",
"dateReserved": "2016-12-02T00:00:00",
"dateUpdated": "2024-08-05T14:09:17.782Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-3044 (GCVE-0-2017-3044)
Vulnerability from cvelistv5
Published
2017-04-12 14:00
Modified
2024-08-05 14:16
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Memory Corruption
Summary
Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability in the JPEG 2000 engine, related to image scaling. Successful exploitation could lead to arbitrary code execution.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier. |
Version: Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier. |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T14:16:26.413Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1038228",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1038228"
},
{
"name": "97556",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/97556"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier.",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier."
}
]
}
],
"datePublic": "2017-04-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability in the JPEG 2000 engine, related to image scaling. Successful exploitation could lead to arbitrary code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Memory Corruption",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T09:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "1038228",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1038228"
},
{
"name": "97556",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/97556"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2017-3044",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier.",
"version": {
"version_data": [
{
"version_value": "Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier."
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability in the JPEG 2000 engine, related to image scaling. Successful exploitation could lead to arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Memory Corruption"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1038228",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038228"
},
{
"name": "97556",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/97556"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2017-3044",
"datePublished": "2017-04-12T14:00:00",
"dateReserved": "2016-12-02T00:00:00",
"dateUpdated": "2024-08-05T14:16:26.413Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-6997 (GCVE-0-2016-6997)
Vulnerability from cvelistv5
Published
2016-10-13 19:00
Modified
2024-08-06 01:50
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T01:50:47.548Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1036986",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1036986"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"name": "93496",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/93496"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-10-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-29T09:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "1036986",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1036986"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"name": "93496",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/93496"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-6997",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1036986",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"name": "93496",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93496"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2016-6997",
"datePublished": "2016-10-13T19:00:00",
"dateReserved": "2016-08-23T00:00:00",
"dateUpdated": "2024-08-06T01:50:47.548Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-4210 (GCVE-0-2016-4210)
Vulnerability from cvelistv5
Published
2016-07-13 01:00
Modified
2024-08-06 00:25
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Integer overflow in Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T00:25:14.013Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1036281",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1036281"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html"
},
{
"name": "91710",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/91710"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-07-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Integer overflow in Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-31T09:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "1036281",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1036281"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html"
},
{
"name": "91710",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/91710"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-4210",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Integer overflow in Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1036281",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036281"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html"
},
{
"name": "91710",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/91710"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2016-4210",
"datePublished": "2016-07-13T01:00:00",
"dateReserved": "2016-04-27T00:00:00",
"dateUpdated": "2024-08-06T00:25:14.013Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-11232 (GCVE-0-2017-11232)
Vulnerability from cvelistv5
Published
2017-08-11 19:00
Modified
2024-09-16 19:40
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Use After Free
Summary
Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable use after free vulnerability when processing Enhanced Metafile Format (EMF) data related to brush manipulation. Successful exploitation could lead to arbitrary code execution.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Adobe Systems Incorporated | Acrobat Reader |
Version: 2017.009.20058 and earlier Version: 2017.008.30051 and earlier Version: 2015.006.30306 and earlier Version: 11.0.20 and earlier |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T18:05:29.457Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"name": "1039098",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1039098"
},
{
"name": "100185",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/100185"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe Systems Incorporated",
"versions": [
{
"status": "affected",
"version": "2017.009.20058 and earlier"
},
{
"status": "affected",
"version": "2017.008.30051 and earlier"
},
{
"status": "affected",
"version": "2015.006.30306 and earlier"
},
{
"status": "affected",
"version": "11.0.20 and earlier"
}
]
}
],
"datePublic": "2017-08-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable use after free vulnerability when processing Enhanced Metafile Format (EMF) data related to brush manipulation. Successful exploitation could lead to arbitrary code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Use After Free",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-12T09:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"name": "1039098",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1039098"
},
{
"name": "100185",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/100185"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2017-08-08T00:00:00",
"ID": "CVE-2017-11232",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_value": "2017.009.20058 and earlier"
},
{
"version_value": "2017.008.30051 and earlier"
},
{
"version_value": "2015.006.30306 and earlier"
},
{
"version_value": "11.0.20 and earlier"
}
]
}
}
]
},
"vendor_name": "Adobe Systems Incorporated"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable use after free vulnerability when processing Enhanced Metafile Format (EMF) data related to brush manipulation. Successful exploitation could lead to arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use After Free"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"name": "1039098",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039098"
},
{
"name": "100185",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/100185"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2017-11232",
"datePublished": "2017-08-11T19:00:00Z",
"dateReserved": "2017-07-13T00:00:00",
"dateUpdated": "2024-09-16T19:40:34.121Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-11212 (GCVE-0-2017-11212)
Vulnerability from cvelistv5
Published
2017-08-11 19:00
Modified
2024-09-16 20:27
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Memory Corruption
Summary
Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conversion engine when processing Enhanced Metafile Format (EMF) data related to text output. Successful exploitation could lead to arbitrary code execution.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Adobe Systems Incorporated | Acrobat Reader |
Version: 2017.009.20058 and earlier Version: 2017.008.30051 and earlier Version: 2015.006.30306 and earlier Version: 11.0.20 and earlier |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T18:05:29.576Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"name": "1039098",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1039098"
},
{
"name": "100179",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/100179"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe Systems Incorporated",
"versions": [
{
"status": "affected",
"version": "2017.009.20058 and earlier"
},
{
"status": "affected",
"version": "2017.008.30051 and earlier"
},
{
"status": "affected",
"version": "2015.006.30306 and earlier"
},
{
"status": "affected",
"version": "11.0.20 and earlier"
}
]
}
],
"datePublic": "2017-08-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conversion engine when processing Enhanced Metafile Format (EMF) data related to text output. Successful exploitation could lead to arbitrary code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Memory Corruption",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-12T09:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"name": "1039098",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1039098"
},
{
"name": "100179",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/100179"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2017-08-08T00:00:00",
"ID": "CVE-2017-11212",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_value": "2017.009.20058 and earlier"
},
{
"version_value": "2017.008.30051 and earlier"
},
{
"version_value": "2015.006.30306 and earlier"
},
{
"version_value": "11.0.20 and earlier"
}
]
}
}
]
},
"vendor_name": "Adobe Systems Incorporated"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conversion engine when processing Enhanced Metafile Format (EMF) data related to text output. Successful exploitation could lead to arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Memory Corruption"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"name": "1039098",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039098"
},
{
"name": "100179",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/100179"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2017-11212",
"datePublished": "2017-08-11T19:00:00Z",
"dateReserved": "2017-07-13T00:00:00",
"dateUpdated": "2024-09-16T20:27:39.927Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-1084 (GCVE-0-2016-1084)
Vulnerability from cvelistv5
Published
2016-05-11 10:00
Modified
2024-08-05 22:38
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T22:38:41.751Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1035828",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1035828"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-05-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-11-29T16:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "1035828",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1035828"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-1084",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1035828",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2016-1084",
"datePublished": "2016-05-11T10:00:00",
"dateReserved": "2015-12-22T00:00:00",
"dateUpdated": "2024-08-05T22:38:41.751Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-4090 (GCVE-0-2016-4090)
Vulnerability from cvelistv5
Published
2016-05-11 10:00
Modified
2024-08-06 00:17
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T00:17:30.837Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1035828",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1035828"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-05-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-11-29T16:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "1035828",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1035828"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-4090",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1035828",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2016-4090",
"datePublished": "2016-05-11T10:00:00",
"dateReserved": "2016-04-27T00:00:00",
"dateUpdated": "2024-08-06T00:17:30.837Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-1057 (GCVE-0-2016-1057)
Vulnerability from cvelistv5
Published
2016-05-11 10:00
Modified
2024-08-05 22:38
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1045, CVE-2016-1046, CVE-2016-1047, CVE-2016-1048, CVE-2016-1049, CVE-2016-1050, CVE-2016-1051, CVE-2016-1052, CVE-2016-1053, CVE-2016-1054, CVE-2016-1055, CVE-2016-1056, CVE-2016-1058, CVE-2016-1059, CVE-2016-1060, CVE-2016-1061, CVE-2016-1065, CVE-2016-1066, CVE-2016-1067, CVE-2016-1068, CVE-2016-1069, CVE-2016-1070, CVE-2016-1075, CVE-2016-1094, CVE-2016-1121, CVE-2016-1122, CVE-2016-4102, and CVE-2016-4107.
References
| ► | URL | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T22:38:41.815Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "90512",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/90512"
},
{
"name": "1035828",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1035828"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-305"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-05-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1045, CVE-2016-1046, CVE-2016-1047, CVE-2016-1048, CVE-2016-1049, CVE-2016-1050, CVE-2016-1051, CVE-2016-1052, CVE-2016-1053, CVE-2016-1054, CVE-2016-1055, CVE-2016-1056, CVE-2016-1058, CVE-2016-1059, CVE-2016-1060, CVE-2016-1061, CVE-2016-1065, CVE-2016-1066, CVE-2016-1067, CVE-2016-1068, CVE-2016-1069, CVE-2016-1070, CVE-2016-1075, CVE-2016-1094, CVE-2016-1121, CVE-2016-1122, CVE-2016-4102, and CVE-2016-4107."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-11-29T16:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "90512",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/90512"
},
{
"name": "1035828",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1035828"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-305"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-1057",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1045, CVE-2016-1046, CVE-2016-1047, CVE-2016-1048, CVE-2016-1049, CVE-2016-1050, CVE-2016-1051, CVE-2016-1052, CVE-2016-1053, CVE-2016-1054, CVE-2016-1055, CVE-2016-1056, CVE-2016-1058, CVE-2016-1059, CVE-2016-1060, CVE-2016-1061, CVE-2016-1065, CVE-2016-1066, CVE-2016-1067, CVE-2016-1068, CVE-2016-1069, CVE-2016-1070, CVE-2016-1075, CVE-2016-1094, CVE-2016-1121, CVE-2016-1122, CVE-2016-4102, and CVE-2016-4107."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "90512",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/90512"
},
{
"name": "1035828",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-16-305",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-305"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2016-1057",
"datePublished": "2016-05-11T10:00:00",
"dateReserved": "2015-12-22T00:00:00",
"dateUpdated": "2024-08-05T22:38:41.815Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-7854 (GCVE-0-2016-7854)
Vulnerability from cvelistv5
Published
2016-10-21 17:00
Modified
2024-08-06 02:13
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, CVE-2016-7019, CVE-2016-7852, and CVE-2016-7853.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T02:13:20.078Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"name": "93496",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/93496"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-10-21T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, CVE-2016-7019, CVE-2016-7852, and CVE-2016-7853."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-11-25T19:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"name": "93496",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/93496"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-7854",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, CVE-2016-7019, CVE-2016-7852, and CVE-2016-7853."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"name": "93496",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93496"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2016-7854",
"datePublished": "2016-10-21T17:00:00",
"dateReserved": "2016-09-09T00:00:00",
"dateUpdated": "2024-08-06T02:13:20.078Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-3027 (GCVE-0-2017-3027)
Vulnerability from cvelistv5
Published
2017-04-12 14:00
Modified
2024-08-05 14:16
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Use After Free
Summary
Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable use after free vulnerability in the XFA module, related to the choiceList element. Successful exploitation could lead to arbitrary code execution.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier. |
Version: Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier. |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T14:16:26.280Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1038228",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1038228"
},
{
"name": "97550",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/97550"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier.",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier."
}
]
}
],
"datePublic": "2017-04-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable use after free vulnerability in the XFA module, related to the choiceList element. Successful exploitation could lead to arbitrary code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Use After Free",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T09:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "1038228",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1038228"
},
{
"name": "97550",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/97550"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2017-3027",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier.",
"version": {
"version_data": [
{
"version_value": "Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier."
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable use after free vulnerability in the XFA module, related to the choiceList element. Successful exploitation could lead to arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use After Free"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1038228",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038228"
},
{
"name": "97550",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/97550"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2017-3027",
"datePublished": "2017-04-12T14:00:00",
"dateReserved": "2016-12-02T00:00:00",
"dateUpdated": "2024-08-05T14:16:26.280Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-3013 (GCVE-0-2017-3013)
Vulnerability from cvelistv5
Published
2017-04-12 14:00
Modified
2024-08-05 14:09
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Insecure Library Loading (DLL hijacking)
Summary
Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an insecure library loading (DLL hijacking) vulnerability in a DLL related to remote logging.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier. |
Version: Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier. |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T14:09:17.829Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1038228",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1038228"
},
{
"name": "97547",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/97547"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier.",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier."
}
]
}
],
"datePublic": "2017-04-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an insecure library loading (DLL hijacking) vulnerability in a DLL related to remote logging."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Insecure Library Loading (DLL hijacking)",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T09:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "1038228",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1038228"
},
{
"name": "97547",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/97547"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2017-3013",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier.",
"version": {
"version_data": [
{
"version_value": "Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier."
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an insecure library loading (DLL hijacking) vulnerability in a DLL related to remote logging."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Insecure Library Loading (DLL hijacking)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1038228",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038228"
},
{
"name": "97547",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/97547"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2017-3013",
"datePublished": "2017-04-12T14:00:00",
"dateReserved": "2016-12-02T00:00:00",
"dateUpdated": "2024-08-05T14:09:17.829Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-6975 (GCVE-0-2016-6975)
Vulnerability from cvelistv5
Published
2016-10-13 19:00
Modified
2024-08-06 01:50
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T01:50:46.145Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1036986",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1036986"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"name": "93496",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/93496"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-10-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-29T09:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "1036986",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1036986"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"name": "93496",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/93496"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-6975",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1036986",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"name": "93496",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93496"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2016-6975",
"datePublished": "2016-10-13T19:00:00",
"dateReserved": "2016-08-23T00:00:00",
"dateUpdated": "2024-08-06T01:50:46.145Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-11218 (GCVE-0-2017-11218)
Vulnerability from cvelistv5
Published
2017-08-11 19:00
Modified
2024-09-16 17:38
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Use After Free
Summary
Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable use after free vulnerability in XFA event management. Successful exploitation could lead to arbitrary code execution.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Adobe Systems Incorporated | Acrobat Reader |
Version: 2017.009.20058 and earlier Version: 2017.008.30051 and earlier Version: 2015.006.30306 and earlier Version: 11.0.20 and earlier |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T18:05:29.502Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"name": "1039098",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1039098"
},
{
"name": "100182",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/100182"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe Systems Incorporated",
"versions": [
{
"status": "affected",
"version": "2017.009.20058 and earlier"
},
{
"status": "affected",
"version": "2017.008.30051 and earlier"
},
{
"status": "affected",
"version": "2015.006.30306 and earlier"
},
{
"status": "affected",
"version": "11.0.20 and earlier"
}
]
}
],
"datePublic": "2017-08-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable use after free vulnerability in XFA event management. Successful exploitation could lead to arbitrary code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Use After Free",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-12T09:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"name": "1039098",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1039098"
},
{
"name": "100182",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/100182"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2017-08-08T00:00:00",
"ID": "CVE-2017-11218",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_value": "2017.009.20058 and earlier"
},
{
"version_value": "2017.008.30051 and earlier"
},
{
"version_value": "2015.006.30306 and earlier"
},
{
"version_value": "11.0.20 and earlier"
}
]
}
}
]
},
"vendor_name": "Adobe Systems Incorporated"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable use after free vulnerability in XFA event management. Successful exploitation could lead to arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use After Free"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"name": "1039098",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039098"
},
{
"name": "100182",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/100182"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2017-11218",
"datePublished": "2017-08-11T19:00:00Z",
"dateReserved": "2017-07-13T00:00:00",
"dateUpdated": "2024-09-16T17:38:28.859Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-4204 (GCVE-0-2016-4204)
Vulnerability from cvelistv5
Published
2016-07-13 01:00
Modified
2024-08-06 00:17
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4191, CVE-2016-4192, CVE-2016-4193, CVE-2016-4194, CVE-2016-4195, CVE-2016-4196, CVE-2016-4197, CVE-2016-4198, CVE-2016-4199, CVE-2016-4200, CVE-2016-4201, CVE-2016-4202, CVE-2016-4203, CVE-2016-4205, CVE-2016-4206, CVE-2016-4207, CVE-2016-4208, CVE-2016-4211, CVE-2016-4212, CVE-2016-4213, CVE-2016-4214, CVE-2016-4250, CVE-2016-4251, CVE-2016-4252, and CVE-2016-4254.
References
| ► | URL | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T00:17:31.337Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "91716",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/91716"
},
{
"name": "1036281",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1036281"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html"
},
{
"name": "40096",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/40096/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-07-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4191, CVE-2016-4192, CVE-2016-4193, CVE-2016-4194, CVE-2016-4195, CVE-2016-4196, CVE-2016-4197, CVE-2016-4198, CVE-2016-4199, CVE-2016-4200, CVE-2016-4201, CVE-2016-4202, CVE-2016-4203, CVE-2016-4205, CVE-2016-4206, CVE-2016-4207, CVE-2016-4208, CVE-2016-4211, CVE-2016-4212, CVE-2016-4213, CVE-2016-4214, CVE-2016-4250, CVE-2016-4251, CVE-2016-4252, and CVE-2016-4254."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-02T09:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "91716",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/91716"
},
{
"name": "1036281",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1036281"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html"
},
{
"name": "40096",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/40096/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-4204",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4191, CVE-2016-4192, CVE-2016-4193, CVE-2016-4194, CVE-2016-4195, CVE-2016-4196, CVE-2016-4197, CVE-2016-4198, CVE-2016-4199, CVE-2016-4200, CVE-2016-4201, CVE-2016-4202, CVE-2016-4203, CVE-2016-4205, CVE-2016-4206, CVE-2016-4207, CVE-2016-4208, CVE-2016-4211, CVE-2016-4212, CVE-2016-4213, CVE-2016-4214, CVE-2016-4250, CVE-2016-4251, CVE-2016-4252, and CVE-2016-4254."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "91716",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/91716"
},
{
"name": "1036281",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036281"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html"
},
{
"name": "40096",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/40096/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2016-4204",
"datePublished": "2016-07-13T01:00:00",
"dateReserved": "2016-04-27T00:00:00",
"dateUpdated": "2024-08-06T00:17:31.337Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2011-4372 (GCVE-0-2011-4372)
Vulnerability from cvelistv5
Published
2012-01-10 21:00
Modified
2024-08-07 00:09
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Adobe Reader and Acrobat before 9.5, and 10.x before 10.1.2, on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-4370 and CVE-2011-4373.
References
| ► | URL | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T00:09:18.440Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "51349",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/51349"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.adobe.com/support/security/bulletins/apsb12-01.html"
},
{
"name": "oval:org.mitre.oval:def:14857",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14857"
},
{
"name": "1026496",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1026496"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-01-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 9.5, and 10.x before 10.1.2, on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-4370 and CVE-2011-4373."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-18T12:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "51349",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/51349"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.adobe.com/support/security/bulletins/apsb12-01.html"
},
{
"name": "oval:org.mitre.oval:def:14857",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14857"
},
{
"name": "1026496",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1026496"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2011-4372",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Reader and Acrobat before 9.5, and 10.x before 10.1.2, on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-4370 and CVE-2011-4373."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "51349",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/51349"
},
{
"name": "http://www.adobe.com/support/security/bulletins/apsb12-01.html",
"refsource": "CONFIRM",
"url": "http://www.adobe.com/support/security/bulletins/apsb12-01.html"
},
{
"name": "oval:org.mitre.oval:def:14857",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14857"
},
{
"name": "1026496",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1026496"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2011-4372",
"datePublished": "2012-01-10T21:00:00",
"dateReserved": "2011-11-04T00:00:00",
"dateUpdated": "2024-08-07T00:09:18.440Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-1088 (GCVE-0-2016-1088)
Vulnerability from cvelistv5
Published
2016-05-11 10:00
Modified
2024-08-05 22:38
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T22:38:41.923Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1035828",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1035828"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-05-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-11-29T16:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "1035828",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1035828"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-1088",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1035828",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2016-1088",
"datePublished": "2016-05-11T10:00:00",
"dateReserved": "2015-12-22T00:00:00",
"dateUpdated": "2024-08-05T22:38:41.923Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-4268 (GCVE-0-2016-4268)
Vulnerability from cvelistv5
Published
2016-08-26 19:00
Modified
2024-08-06 00:25
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4191, CVE-2016-4192, CVE-2016-4193, CVE-2016-4194, CVE-2016-4195, CVE-2016-4196, CVE-2016-4197, CVE-2016-4198, CVE-2016-4199, CVE-2016-4200, CVE-2016-4201, CVE-2016-4202, CVE-2016-4203, CVE-2016-4204, CVE-2016-4205, CVE-2016-4206, CVE-2016-4207, CVE-2016-4208, CVE-2016-4211, CVE-2016-4212, CVE-2016-4213, CVE-2016-4214, CVE-2016-4250, CVE-2016-4251, CVE-2016-4252, CVE-2016-4254, CVE-2016-4265, CVE-2016-4266, CVE-2016-4267, CVE-2016-4269, and CVE-2016-4270.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T00:25:14.318Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-492"
},
{
"name": "92643",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/92643"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-08-23T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4191, CVE-2016-4192, CVE-2016-4193, CVE-2016-4194, CVE-2016-4195, CVE-2016-4196, CVE-2016-4197, CVE-2016-4198, CVE-2016-4199, CVE-2016-4200, CVE-2016-4201, CVE-2016-4202, CVE-2016-4203, CVE-2016-4204, CVE-2016-4205, CVE-2016-4206, CVE-2016-4207, CVE-2016-4208, CVE-2016-4211, CVE-2016-4212, CVE-2016-4213, CVE-2016-4214, CVE-2016-4250, CVE-2016-4251, CVE-2016-4252, CVE-2016-4254, CVE-2016-4265, CVE-2016-4266, CVE-2016-4267, CVE-2016-4269, and CVE-2016-4270."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-11-25T20:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-492"
},
{
"name": "92643",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/92643"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-4268",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4191, CVE-2016-4192, CVE-2016-4193, CVE-2016-4194, CVE-2016-4195, CVE-2016-4196, CVE-2016-4197, CVE-2016-4198, CVE-2016-4199, CVE-2016-4200, CVE-2016-4201, CVE-2016-4202, CVE-2016-4203, CVE-2016-4204, CVE-2016-4205, CVE-2016-4206, CVE-2016-4207, CVE-2016-4208, CVE-2016-4211, CVE-2016-4212, CVE-2016-4213, CVE-2016-4214, CVE-2016-4250, CVE-2016-4251, CVE-2016-4252, CVE-2016-4254, CVE-2016-4265, CVE-2016-4266, CVE-2016-4267, CVE-2016-4269, and CVE-2016-4270."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html"
},
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-16-492",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-492"
},
{
"name": "92643",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/92643"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2016-4268",
"datePublished": "2016-08-26T19:00:00",
"dateReserved": "2016-04-27T00:00:00",
"dateUpdated": "2024-08-06T00:25:14.318Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-11227 (GCVE-0-2017-11227)
Vulnerability from cvelistv5
Published
2017-08-11 19:00
Modified
2024-09-16 23:45
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Memory Corruption
Summary
Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conversion engine when processing Enhanced Metafile Format (EMF) private data. Successful exploitation could lead to arbitrary code execution.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Adobe Systems Incorporated | Acrobat Reader |
Version: 2017.009.20058 and earlier Version: 2017.008.30051 and earlier Version: 2015.006.30306 and earlier Version: 11.0.20 and earlier |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T18:05:29.498Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"name": "1039098",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1039098"
},
{
"name": "100179",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/100179"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe Systems Incorporated",
"versions": [
{
"status": "affected",
"version": "2017.009.20058 and earlier"
},
{
"status": "affected",
"version": "2017.008.30051 and earlier"
},
{
"status": "affected",
"version": "2015.006.30306 and earlier"
},
{
"status": "affected",
"version": "11.0.20 and earlier"
}
]
}
],
"datePublic": "2017-08-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conversion engine when processing Enhanced Metafile Format (EMF) private data. Successful exploitation could lead to arbitrary code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Memory Corruption",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-12T09:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"name": "1039098",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1039098"
},
{
"name": "100179",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/100179"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2017-08-08T00:00:00",
"ID": "CVE-2017-11227",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_value": "2017.009.20058 and earlier"
},
{
"version_value": "2017.008.30051 and earlier"
},
{
"version_value": "2015.006.30306 and earlier"
},
{
"version_value": "11.0.20 and earlier"
}
]
}
}
]
},
"vendor_name": "Adobe Systems Incorporated"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conversion engine when processing Enhanced Metafile Format (EMF) private data. Successful exploitation could lead to arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Memory Corruption"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"name": "1039098",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039098"
},
{
"name": "100179",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/100179"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2017-11227",
"datePublished": "2017-08-11T19:00:00Z",
"dateReserved": "2017-07-13T00:00:00",
"dateUpdated": "2024-09-16T23:45:38.727Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-6937 (GCVE-0-2016-6937)
Vulnerability from cvelistv5
Published
2016-09-17 01:00
Modified
2024-08-06 01:43
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4191, CVE-2016-4192, CVE-2016-4193, CVE-2016-4194, CVE-2016-4195, CVE-2016-4196, CVE-2016-4197, CVE-2016-4198, CVE-2016-4199, CVE-2016-4200, CVE-2016-4201, CVE-2016-4202, CVE-2016-4203, CVE-2016-4204, CVE-2016-4205, CVE-2016-4206, CVE-2016-4207, CVE-2016-4208, CVE-2016-4211, CVE-2016-4212, CVE-2016-4213, CVE-2016-4214, CVE-2016-4250, CVE-2016-4251, CVE-2016-4252, CVE-2016-4254, CVE-2016-4265, CVE-2016-4266, CVE-2016-4267, CVE-2016-4268, CVE-2016-4269, and CVE-2016-4270.
References
| ► | URL | Tags | |||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T01:43:38.569Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-574"
},
{
"name": "1036986",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1036986"
},
{
"name": "1037574",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1037574"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html"
},
{
"name": "93014",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/93014"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-09-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4191, CVE-2016-4192, CVE-2016-4193, CVE-2016-4194, CVE-2016-4195, CVE-2016-4196, CVE-2016-4197, CVE-2016-4198, CVE-2016-4199, CVE-2016-4200, CVE-2016-4201, CVE-2016-4202, CVE-2016-4203, CVE-2016-4204, CVE-2016-4205, CVE-2016-4206, CVE-2016-4207, CVE-2016-4208, CVE-2016-4211, CVE-2016-4212, CVE-2016-4213, CVE-2016-4214, CVE-2016-4250, CVE-2016-4251, CVE-2016-4252, CVE-2016-4254, CVE-2016-4265, CVE-2016-4266, CVE-2016-4267, CVE-2016-4268, CVE-2016-4269, and CVE-2016-4270."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-29T09:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-574"
},
{
"name": "1036986",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1036986"
},
{
"name": "1037574",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1037574"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html"
},
{
"name": "93014",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/93014"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-6937",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4191, CVE-2016-4192, CVE-2016-4193, CVE-2016-4194, CVE-2016-4195, CVE-2016-4196, CVE-2016-4197, CVE-2016-4198, CVE-2016-4199, CVE-2016-4200, CVE-2016-4201, CVE-2016-4202, CVE-2016-4203, CVE-2016-4204, CVE-2016-4205, CVE-2016-4206, CVE-2016-4207, CVE-2016-4208, CVE-2016-4211, CVE-2016-4212, CVE-2016-4213, CVE-2016-4214, CVE-2016-4250, CVE-2016-4251, CVE-2016-4252, CVE-2016-4254, CVE-2016-4265, CVE-2016-4266, CVE-2016-4267, CVE-2016-4268, CVE-2016-4269, and CVE-2016-4270."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-16-574",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-574"
},
{
"name": "1036986",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"name": "1037574",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037574"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html"
},
{
"name": "93014",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93014"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2016-6937",
"datePublished": "2016-09-17T01:00:00",
"dateReserved": "2016-08-23T00:00:00",
"dateUpdated": "2024-08-06T01:43:38.569Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-11271 (GCVE-0-2017-11271)
Vulnerability from cvelistv5
Published
2017-08-11 19:00
Modified
2024-09-16 18:24
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Memory Corruption
Summary
Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conversion engine when processing Enhanced Metafile Format (EMF) data related to transfer of pixel blocks. Successful exploitation could lead to arbitrary code execution.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Adobe Systems Incorporated | Acrobat Reader |
Version: 2017.009.20058 and earlier Version: 2017.008.30051 and earlier Version: 2015.006.30306 and earlier Version: 11.0.20 and earlier |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T18:05:30.150Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"name": "1039098",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1039098"
},
{
"name": "100179",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/100179"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe Systems Incorporated",
"versions": [
{
"status": "affected",
"version": "2017.009.20058 and earlier"
},
{
"status": "affected",
"version": "2017.008.30051 and earlier"
},
{
"status": "affected",
"version": "2015.006.30306 and earlier"
},
{
"status": "affected",
"version": "11.0.20 and earlier"
}
]
}
],
"datePublic": "2017-08-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conversion engine when processing Enhanced Metafile Format (EMF) data related to transfer of pixel blocks. Successful exploitation could lead to arbitrary code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Memory Corruption",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-12T09:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"name": "1039098",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1039098"
},
{
"name": "100179",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/100179"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2017-08-08T00:00:00",
"ID": "CVE-2017-11271",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_value": "2017.009.20058 and earlier"
},
{
"version_value": "2017.008.30051 and earlier"
},
{
"version_value": "2015.006.30306 and earlier"
},
{
"version_value": "11.0.20 and earlier"
}
]
}
}
]
},
"vendor_name": "Adobe Systems Incorporated"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conversion engine when processing Enhanced Metafile Format (EMF) data related to transfer of pixel blocks. Successful exploitation could lead to arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Memory Corruption"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"name": "1039098",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039098"
},
{
"name": "100179",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/100179"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2017-11271",
"datePublished": "2017-08-11T19:00:00Z",
"dateReserved": "2017-07-13T00:00:00",
"dateUpdated": "2024-09-16T18:24:09.558Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-11244 (GCVE-0-2017-11244)
Vulnerability from cvelistv5
Published
2017-08-11 19:00
Modified
2024-09-17 02:37
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Memory Corruption
Summary
Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conversion engine when processing Enhanced Metafile Format (EMF) data related to transformation of blocks of pixels. Successful exploitation could lead to arbitrary code execution.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Adobe Systems Incorporated | Acrobat Reader |
Version: 2017.009.20058 and earlier Version: 2017.008.30051 and earlier Version: 2015.006.30306 and earlier Version: 11.0.20 and earlier |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T18:05:29.966Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "100184",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/100184"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"name": "1039098",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1039098"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe Systems Incorporated",
"versions": [
{
"status": "affected",
"version": "2017.009.20058 and earlier"
},
{
"status": "affected",
"version": "2017.008.30051 and earlier"
},
{
"status": "affected",
"version": "2015.006.30306 and earlier"
},
{
"status": "affected",
"version": "11.0.20 and earlier"
}
]
}
],
"datePublic": "2017-08-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conversion engine when processing Enhanced Metafile Format (EMF) data related to transformation of blocks of pixels. Successful exploitation could lead to arbitrary code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Memory Corruption",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-12T09:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "100184",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/100184"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"name": "1039098",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1039098"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2017-08-08T00:00:00",
"ID": "CVE-2017-11244",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_value": "2017.009.20058 and earlier"
},
{
"version_value": "2017.008.30051 and earlier"
},
{
"version_value": "2015.006.30306 and earlier"
},
{
"version_value": "11.0.20 and earlier"
}
]
}
}
]
},
"vendor_name": "Adobe Systems Incorporated"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conversion engine when processing Enhanced Metafile Format (EMF) data related to transformation of blocks of pixels. Successful exploitation could lead to arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Memory Corruption"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "100184",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/100184"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"name": "1039098",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039098"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2017-11244",
"datePublished": "2017-08-11T19:00:00Z",
"dateReserved": "2017-07-13T00:00:00",
"dateUpdated": "2024-09-17T02:37:21.308Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-1117 (GCVE-0-2016-1117)
Vulnerability from cvelistv5
Published
2016-05-11 10:00
Modified
2024-08-05 22:48
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to bypass JavaScript API execution restrictions via unspecified vectors, a different vulnerability than CVE-2016-1038, CVE-2016-1039, CVE-2016-1040, CVE-2016-1041, CVE-2016-1042, CVE-2016-1044, and CVE-2016-1062.
References
| ► | URL | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T22:48:13.613Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1035828",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1035828"
},
{
"name": "90517",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/90517"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-285"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-05-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to bypass JavaScript API execution restrictions via unspecified vectors, a different vulnerability than CVE-2016-1038, CVE-2016-1039, CVE-2016-1040, CVE-2016-1041, CVE-2016-1042, CVE-2016-1044, and CVE-2016-1062."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-11-29T16:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "1035828",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1035828"
},
{
"name": "90517",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/90517"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-285"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-1117",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to bypass JavaScript API execution restrictions via unspecified vectors, a different vulnerability than CVE-2016-1038, CVE-2016-1039, CVE-2016-1040, CVE-2016-1041, CVE-2016-1042, CVE-2016-1044, and CVE-2016-1062."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1035828",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"name": "90517",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/90517"
},
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-16-285",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-285"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2016-1117",
"datePublished": "2016-05-11T10:00:00",
"dateReserved": "2015-12-22T00:00:00",
"dateUpdated": "2024-08-05T22:48:13.613Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-3052 (GCVE-0-2017-3052)
Vulnerability from cvelistv5
Published
2017-04-12 14:00
Modified
2024-08-05 14:16
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Information Disclosure
Summary
Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have a memory address leak vulnerability in the image conversion engine, related to parsing of EMF - enhanced meta file format.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier. |
Version: Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier. |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T14:16:26.415Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "97554",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/97554"
},
{
"name": "1038228",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1038228"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier.",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier."
}
]
}
],
"datePublic": "2017-04-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have a memory address leak vulnerability in the image conversion engine, related to parsing of EMF - enhanced meta file format."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information Disclosure",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T09:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "97554",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/97554"
},
{
"name": "1038228",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1038228"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2017-3052",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier.",
"version": {
"version_data": [
{
"version_value": "Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier."
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have a memory address leak vulnerability in the image conversion engine, related to parsing of EMF - enhanced meta file format."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information Disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "97554",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/97554"
},
{
"name": "1038228",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038228"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2017-3052",
"datePublished": "2017-04-12T14:00:00",
"dateReserved": "2016-12-02T00:00:00",
"dateUpdated": "2024-08-05T14:16:26.415Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-1061 (GCVE-0-2016-1061)
Vulnerability from cvelistv5
Published
2016-05-11 10:00
Modified
2024-08-05 22:38
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1045, CVE-2016-1046, CVE-2016-1047, CVE-2016-1048, CVE-2016-1049, CVE-2016-1050, CVE-2016-1051, CVE-2016-1052, CVE-2016-1053, CVE-2016-1054, CVE-2016-1055, CVE-2016-1056, CVE-2016-1057, CVE-2016-1058, CVE-2016-1059, CVE-2016-1060, CVE-2016-1065, CVE-2016-1066, CVE-2016-1067, CVE-2016-1068, CVE-2016-1069, CVE-2016-1070, CVE-2016-1075, CVE-2016-1094, CVE-2016-1121, CVE-2016-1122, CVE-2016-4102, and CVE-2016-4107.
References
| ► | URL | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T22:38:41.619Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-309"
},
{
"name": "90512",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/90512"
},
{
"name": "1035828",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1035828"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-05-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1045, CVE-2016-1046, CVE-2016-1047, CVE-2016-1048, CVE-2016-1049, CVE-2016-1050, CVE-2016-1051, CVE-2016-1052, CVE-2016-1053, CVE-2016-1054, CVE-2016-1055, CVE-2016-1056, CVE-2016-1057, CVE-2016-1058, CVE-2016-1059, CVE-2016-1060, CVE-2016-1065, CVE-2016-1066, CVE-2016-1067, CVE-2016-1068, CVE-2016-1069, CVE-2016-1070, CVE-2016-1075, CVE-2016-1094, CVE-2016-1121, CVE-2016-1122, CVE-2016-4102, and CVE-2016-4107."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-11-29T16:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-309"
},
{
"name": "90512",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/90512"
},
{
"name": "1035828",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1035828"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-1061",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1045, CVE-2016-1046, CVE-2016-1047, CVE-2016-1048, CVE-2016-1049, CVE-2016-1050, CVE-2016-1051, CVE-2016-1052, CVE-2016-1053, CVE-2016-1054, CVE-2016-1055, CVE-2016-1056, CVE-2016-1057, CVE-2016-1058, CVE-2016-1059, CVE-2016-1060, CVE-2016-1065, CVE-2016-1066, CVE-2016-1067, CVE-2016-1068, CVE-2016-1069, CVE-2016-1070, CVE-2016-1075, CVE-2016-1094, CVE-2016-1121, CVE-2016-1122, CVE-2016-4102, and CVE-2016-4107."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-16-309",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-309"
},
{
"name": "90512",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/90512"
},
{
"name": "1035828",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2016-1061",
"datePublished": "2016-05-11T10:00:00",
"dateReserved": "2015-12-22T00:00:00",
"dateUpdated": "2024-08-05T22:38:41.619Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-4199 (GCVE-0-2016-4199)
Vulnerability from cvelistv5
Published
2016-07-13 01:00
Modified
2024-08-06 00:17
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4191, CVE-2016-4192, CVE-2016-4193, CVE-2016-4194, CVE-2016-4195, CVE-2016-4196, CVE-2016-4197, CVE-2016-4198, CVE-2016-4200, CVE-2016-4201, CVE-2016-4202, CVE-2016-4203, CVE-2016-4204, CVE-2016-4205, CVE-2016-4206, CVE-2016-4207, CVE-2016-4208, CVE-2016-4211, CVE-2016-4212, CVE-2016-4213, CVE-2016-4214, CVE-2016-4250, CVE-2016-4251, CVE-2016-4252, and CVE-2016-4254.
References
| ► | URL | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T00:17:31.307Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-417"
},
{
"name": "91716",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/91716"
},
{
"name": "1036281",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1036281"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-07-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4191, CVE-2016-4192, CVE-2016-4193, CVE-2016-4194, CVE-2016-4195, CVE-2016-4196, CVE-2016-4197, CVE-2016-4198, CVE-2016-4200, CVE-2016-4201, CVE-2016-4202, CVE-2016-4203, CVE-2016-4204, CVE-2016-4205, CVE-2016-4206, CVE-2016-4207, CVE-2016-4208, CVE-2016-4211, CVE-2016-4212, CVE-2016-4213, CVE-2016-4214, CVE-2016-4250, CVE-2016-4251, CVE-2016-4252, and CVE-2016-4254."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-31T09:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-417"
},
{
"name": "91716",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/91716"
},
{
"name": "1036281",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1036281"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-4199",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4191, CVE-2016-4192, CVE-2016-4193, CVE-2016-4194, CVE-2016-4195, CVE-2016-4196, CVE-2016-4197, CVE-2016-4198, CVE-2016-4200, CVE-2016-4201, CVE-2016-4202, CVE-2016-4203, CVE-2016-4204, CVE-2016-4205, CVE-2016-4206, CVE-2016-4207, CVE-2016-4208, CVE-2016-4211, CVE-2016-4212, CVE-2016-4213, CVE-2016-4214, CVE-2016-4250, CVE-2016-4251, CVE-2016-4252, and CVE-2016-4254."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-16-417",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-417"
},
{
"name": "91716",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/91716"
},
{
"name": "1036281",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036281"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2016-4199",
"datePublished": "2016-07-13T01:00:00",
"dateReserved": "2016-04-27T00:00:00",
"dateUpdated": "2024-08-06T00:17:31.307Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-1045 (GCVE-0-2016-1045)
Vulnerability from cvelistv5
Published
2016-05-11 10:00
Modified
2024-08-05 22:38
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1046, CVE-2016-1047, CVE-2016-1048, CVE-2016-1049, CVE-2016-1050, CVE-2016-1051, CVE-2016-1052, CVE-2016-1053, CVE-2016-1054, CVE-2016-1055, CVE-2016-1056, CVE-2016-1057, CVE-2016-1058, CVE-2016-1059, CVE-2016-1060, CVE-2016-1061, CVE-2016-1065, CVE-2016-1066, CVE-2016-1067, CVE-2016-1068, CVE-2016-1069, CVE-2016-1070, CVE-2016-1075, CVE-2016-1094, CVE-2016-1121, CVE-2016-1122, CVE-2016-4102, and CVE-2016-4107.
References
| ► | URL | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T22:38:41.582Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "90512",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/90512"
},
{
"name": "1035828",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1035828"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-293"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-05-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1046, CVE-2016-1047, CVE-2016-1048, CVE-2016-1049, CVE-2016-1050, CVE-2016-1051, CVE-2016-1052, CVE-2016-1053, CVE-2016-1054, CVE-2016-1055, CVE-2016-1056, CVE-2016-1057, CVE-2016-1058, CVE-2016-1059, CVE-2016-1060, CVE-2016-1061, CVE-2016-1065, CVE-2016-1066, CVE-2016-1067, CVE-2016-1068, CVE-2016-1069, CVE-2016-1070, CVE-2016-1075, CVE-2016-1094, CVE-2016-1121, CVE-2016-1122, CVE-2016-4102, and CVE-2016-4107."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-11-29T16:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "90512",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/90512"
},
{
"name": "1035828",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1035828"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-293"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-1045",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1046, CVE-2016-1047, CVE-2016-1048, CVE-2016-1049, CVE-2016-1050, CVE-2016-1051, CVE-2016-1052, CVE-2016-1053, CVE-2016-1054, CVE-2016-1055, CVE-2016-1056, CVE-2016-1057, CVE-2016-1058, CVE-2016-1059, CVE-2016-1060, CVE-2016-1061, CVE-2016-1065, CVE-2016-1066, CVE-2016-1067, CVE-2016-1068, CVE-2016-1069, CVE-2016-1070, CVE-2016-1075, CVE-2016-1094, CVE-2016-1121, CVE-2016-1122, CVE-2016-4102, and CVE-2016-4107."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "90512",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/90512"
},
{
"name": "1035828",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-16-293",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-293"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2016-1045",
"datePublished": "2016-05-11T10:00:00",
"dateReserved": "2015-12-22T00:00:00",
"dateUpdated": "2024-08-05T22:38:41.582Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-6988 (GCVE-0-2016-6988)
Vulnerability from cvelistv5
Published
2016-10-13 19:00
Modified
2024-08-06 01:50
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1089, CVE-2016-1091, CVE-2016-6944, CVE-2016-6945, CVE-2016-6946, CVE-2016-6949, CVE-2016-6952, CVE-2016-6953, CVE-2016-6961, CVE-2016-6962, CVE-2016-6963, CVE-2016-6964, CVE-2016-6965, CVE-2016-6967, CVE-2016-6968, CVE-2016-6969, CVE-2016-6971, CVE-2016-6979, and CVE-2016-6993.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T01:50:46.040Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1036986",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1036986"
},
{
"name": "93491",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/93491"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-10-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1089, CVE-2016-1091, CVE-2016-6944, CVE-2016-6945, CVE-2016-6946, CVE-2016-6949, CVE-2016-6952, CVE-2016-6953, CVE-2016-6961, CVE-2016-6962, CVE-2016-6963, CVE-2016-6964, CVE-2016-6965, CVE-2016-6967, CVE-2016-6968, CVE-2016-6969, CVE-2016-6971, CVE-2016-6979, and CVE-2016-6993."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-29T09:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "1036986",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1036986"
},
{
"name": "93491",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/93491"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-6988",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1089, CVE-2016-1091, CVE-2016-6944, CVE-2016-6945, CVE-2016-6946, CVE-2016-6949, CVE-2016-6952, CVE-2016-6953, CVE-2016-6961, CVE-2016-6962, CVE-2016-6963, CVE-2016-6964, CVE-2016-6965, CVE-2016-6967, CVE-2016-6968, CVE-2016-6969, CVE-2016-6971, CVE-2016-6979, and CVE-2016-6993."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1036986",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"name": "93491",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93491"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2016-6988",
"datePublished": "2016-10-13T19:00:00",
"dateReserved": "2016-08-23T00:00:00",
"dateUpdated": "2024-08-06T01:50:46.040Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-4095 (GCVE-0-2016-4095)
Vulnerability from cvelistv5
Published
2016-11-10 16:00
Modified
2024-08-06 00:17
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- memory corruption
Summary
Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Adobe Reader and Acrobat before 11.0.18 |
Version: Adobe Reader and Acrobat before 11.0.18 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T00:17:30.815Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"name": "94253",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/94253"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Adobe Reader and Acrobat before 11.0.18",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Adobe Reader and Acrobat before 11.0.18"
}
]
}
],
"datePublic": "2016-11-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "memory corruption",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-11-25T19:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"name": "94253",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/94253"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-4095",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Adobe Reader and Acrobat before 11.0.18",
"version": {
"version_data": [
{
"version_value": "Adobe Reader and Acrobat before 11.0.18"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "memory corruption"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"name": "94253",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/94253"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2016-4095",
"datePublished": "2016-11-10T16:00:00",
"dateReserved": "2016-04-27T00:00:00",
"dateUpdated": "2024-08-06T00:17:30.815Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-11217 (GCVE-0-2017-11217)
Vulnerability from cvelistv5
Published
2017-08-11 19:00
Modified
2024-09-16 18:29
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Memory Corruption
Summary
Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conversion engine when processing Enhanced Metafile Format (EMF) data related to drawing of Unicode text strings. Successful exploitation could lead to arbitrary code execution.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Adobe Systems Incorporated | Acrobat Reader |
Version: 2017.009.20058 and earlier Version: 2017.008.30051 and earlier Version: 2015.006.30306 and earlier Version: 11.0.20 and earlier |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T18:05:29.433Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "100184",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/100184"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"name": "1039098",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1039098"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe Systems Incorporated",
"versions": [
{
"status": "affected",
"version": "2017.009.20058 and earlier"
},
{
"status": "affected",
"version": "2017.008.30051 and earlier"
},
{
"status": "affected",
"version": "2015.006.30306 and earlier"
},
{
"status": "affected",
"version": "11.0.20 and earlier"
}
]
}
],
"datePublic": "2017-08-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conversion engine when processing Enhanced Metafile Format (EMF) data related to drawing of Unicode text strings. Successful exploitation could lead to arbitrary code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Memory Corruption",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-12T09:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "100184",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/100184"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"name": "1039098",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1039098"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2017-08-08T00:00:00",
"ID": "CVE-2017-11217",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_value": "2017.009.20058 and earlier"
},
{
"version_value": "2017.008.30051 and earlier"
},
{
"version_value": "2015.006.30306 and earlier"
},
{
"version_value": "11.0.20 and earlier"
}
]
}
}
]
},
"vendor_name": "Adobe Systems Incorporated"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conversion engine when processing Enhanced Metafile Format (EMF) data related to drawing of Unicode text strings. Successful exploitation could lead to arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Memory Corruption"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "100184",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/100184"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"name": "1039098",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039098"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2017-11217",
"datePublished": "2017-08-11T19:00:00Z",
"dateReserved": "2017-07-13T00:00:00",
"dateUpdated": "2024-09-16T18:29:39.007Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-1068 (GCVE-0-2016-1068)
Vulnerability from cvelistv5
Published
2016-05-11 10:00
Modified
2024-08-05 22:38
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1045, CVE-2016-1046, CVE-2016-1047, CVE-2016-1048, CVE-2016-1049, CVE-2016-1050, CVE-2016-1051, CVE-2016-1052, CVE-2016-1053, CVE-2016-1054, CVE-2016-1055, CVE-2016-1056, CVE-2016-1057, CVE-2016-1058, CVE-2016-1059, CVE-2016-1060, CVE-2016-1061, CVE-2016-1065, CVE-2016-1066, CVE-2016-1067, CVE-2016-1069, CVE-2016-1070, CVE-2016-1075, CVE-2016-1094, CVE-2016-1121, CVE-2016-1122, CVE-2016-4102, and CVE-2016-4107.
References
| ► | URL | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T22:38:41.615Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "90512",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/90512"
},
{
"name": "1035828",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1035828"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-316"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-05-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1045, CVE-2016-1046, CVE-2016-1047, CVE-2016-1048, CVE-2016-1049, CVE-2016-1050, CVE-2016-1051, CVE-2016-1052, CVE-2016-1053, CVE-2016-1054, CVE-2016-1055, CVE-2016-1056, CVE-2016-1057, CVE-2016-1058, CVE-2016-1059, CVE-2016-1060, CVE-2016-1061, CVE-2016-1065, CVE-2016-1066, CVE-2016-1067, CVE-2016-1069, CVE-2016-1070, CVE-2016-1075, CVE-2016-1094, CVE-2016-1121, CVE-2016-1122, CVE-2016-4102, and CVE-2016-4107."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-11-29T16:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "90512",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/90512"
},
{
"name": "1035828",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1035828"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-316"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-1068",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1045, CVE-2016-1046, CVE-2016-1047, CVE-2016-1048, CVE-2016-1049, CVE-2016-1050, CVE-2016-1051, CVE-2016-1052, CVE-2016-1053, CVE-2016-1054, CVE-2016-1055, CVE-2016-1056, CVE-2016-1057, CVE-2016-1058, CVE-2016-1059, CVE-2016-1060, CVE-2016-1061, CVE-2016-1065, CVE-2016-1066, CVE-2016-1067, CVE-2016-1069, CVE-2016-1070, CVE-2016-1075, CVE-2016-1094, CVE-2016-1121, CVE-2016-1122, CVE-2016-4102, and CVE-2016-4107."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "90512",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/90512"
},
{
"name": "1035828",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-16-316",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-316"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2016-1068",
"datePublished": "2016-05-11T10:00:00",
"dateReserved": "2015-12-22T00:00:00",
"dateUpdated": "2024-08-05T22:38:41.615Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-2967 (GCVE-0-2017-2967)
Vulnerability from cvelistv5
Published
2017-01-11 04:40
Modified
2024-08-05 14:09
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Memory Corruption
Summary
Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable memory corruption vulnerability in the XFA engine related to a form's structure and organization. Successful exploitation could lead to arbitrary code execution.
References
| ► | URL | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier. |
Version: Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier. |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T14:09:17.767Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-17-031"
},
{
"name": "95345",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/95345"
},
{
"name": "1037574",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1037574"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier.",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier."
}
]
}
],
"datePublic": "2017-01-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable memory corruption vulnerability in the XFA engine related to a form\u0027s structure and organization. Successful exploitation could lead to arbitrary code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Memory Corruption",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-01-12T22:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-17-031"
},
{
"name": "95345",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/95345"
},
{
"name": "1037574",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1037574"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2017-2967",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier.",
"version": {
"version_data": [
{
"version_value": "Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier."
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable memory corruption vulnerability in the XFA engine related to a form\u0027s structure and organization. Successful exploitation could lead to arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Memory Corruption"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-17-031",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-17-031"
},
{
"name": "95345",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/95345"
},
{
"name": "1037574",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037574"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2017-2967",
"datePublished": "2017-01-11T04:40:00",
"dateReserved": "2016-12-02T00:00:00",
"dateUpdated": "2024-08-05T14:09:17.767Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-11238 (GCVE-0-2017-11238)
Vulnerability from cvelistv5
Published
2017-08-11 19:00
Modified
2024-09-17 00:55
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Memory Corruption
Summary
Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conversion engine when processing Enhanced Metafile Format (EMF) data related to curve drawing. Successful exploitation could lead to arbitrary code execution.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Adobe Systems Incorporated | Acrobat Reader |
Version: 2017.009.20058 and earlier Version: 2017.008.30051 and earlier Version: 2015.006.30306 and earlier Version: 11.0.20 and earlier |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T18:05:29.480Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "100184",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/100184"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"name": "1039098",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1039098"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe Systems Incorporated",
"versions": [
{
"status": "affected",
"version": "2017.009.20058 and earlier"
},
{
"status": "affected",
"version": "2017.008.30051 and earlier"
},
{
"status": "affected",
"version": "2015.006.30306 and earlier"
},
{
"status": "affected",
"version": "11.0.20 and earlier"
}
]
}
],
"datePublic": "2017-08-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conversion engine when processing Enhanced Metafile Format (EMF) data related to curve drawing. Successful exploitation could lead to arbitrary code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Memory Corruption",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-12T09:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "100184",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/100184"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"name": "1039098",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1039098"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2017-08-08T00:00:00",
"ID": "CVE-2017-11238",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_value": "2017.009.20058 and earlier"
},
{
"version_value": "2017.008.30051 and earlier"
},
{
"version_value": "2015.006.30306 and earlier"
},
{
"version_value": "11.0.20 and earlier"
}
]
}
}
]
},
"vendor_name": "Adobe Systems Incorporated"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conversion engine when processing Enhanced Metafile Format (EMF) data related to curve drawing. Successful exploitation could lead to arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Memory Corruption"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "100184",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/100184"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"name": "1039098",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039098"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2017-11238",
"datePublished": "2017-08-11T19:00:00Z",
"dateReserved": "2017-07-13T00:00:00",
"dateUpdated": "2024-09-17T00:55:50.336Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-11268 (GCVE-0-2017-11268)
Vulnerability from cvelistv5
Published
2017-08-11 19:00
Modified
2024-09-16 18:43
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Memory Corruption
Summary
Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conversion engine when processing Enhanced Metafile Format (EMF) private JPEG data. Successful exploitation could lead to arbitrary code execution.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Adobe Systems Incorporated | Acrobat Reader |
Version: 2017.009.20058 and earlier Version: 2017.008.30051 and earlier Version: 2015.006.30306 and earlier Version: 11.0.20 and earlier |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T18:05:29.972Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"name": "1039098",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1039098"
},
{
"name": "100179",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/100179"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe Systems Incorporated",
"versions": [
{
"status": "affected",
"version": "2017.009.20058 and earlier"
},
{
"status": "affected",
"version": "2017.008.30051 and earlier"
},
{
"status": "affected",
"version": "2015.006.30306 and earlier"
},
{
"status": "affected",
"version": "11.0.20 and earlier"
}
]
}
],
"datePublic": "2017-08-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conversion engine when processing Enhanced Metafile Format (EMF) private JPEG data. Successful exploitation could lead to arbitrary code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Memory Corruption",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-12T09:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"name": "1039098",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1039098"
},
{
"name": "100179",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/100179"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2017-08-08T00:00:00",
"ID": "CVE-2017-11268",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_value": "2017.009.20058 and earlier"
},
{
"version_value": "2017.008.30051 and earlier"
},
{
"version_value": "2015.006.30306 and earlier"
},
{
"version_value": "11.0.20 and earlier"
}
]
}
}
]
},
"vendor_name": "Adobe Systems Incorporated"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conversion engine when processing Enhanced Metafile Format (EMF) private JPEG data. Successful exploitation could lead to arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Memory Corruption"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"name": "1039098",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039098"
},
{
"name": "100179",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/100179"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2017-11268",
"datePublished": "2017-08-11T19:00:00Z",
"dateReserved": "2017-07-13T00:00:00",
"dateUpdated": "2024-09-16T18:43:54.331Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-2943 (GCVE-0-2017-2943)
Vulnerability from cvelistv5
Published
2017-01-11 04:40
Modified
2024-08-05 14:09
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Memory Corruption
Summary
Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable memory corruption vulnerability when processing tags in TIFF images. Successful exploitation could lead to arbitrary code execution.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier. |
Version: Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier. |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T14:09:17.780Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "95345",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/95345"
},
{
"name": "1037574",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1037574"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier.",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier."
}
]
}
],
"datePublic": "2017-01-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable memory corruption vulnerability when processing tags in TIFF images. Successful exploitation could lead to arbitrary code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Memory Corruption",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-01-12T22:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "95345",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/95345"
},
{
"name": "1037574",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1037574"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2017-2943",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier.",
"version": {
"version_data": [
{
"version_value": "Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier."
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable memory corruption vulnerability when processing tags in TIFF images. Successful exploitation could lead to arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Memory Corruption"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "95345",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/95345"
},
{
"name": "1037574",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037574"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2017-2943",
"datePublished": "2017-01-11T04:40:00",
"dateReserved": "2016-12-02T00:00:00",
"dateUpdated": "2024-08-05T14:09:17.780Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-2941 (GCVE-0-2017-2941)
Vulnerability from cvelistv5
Published
2017-01-11 04:40
Modified
2024-08-05 14:09
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Memory Corruption
Summary
Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable memory corruption vulnerability when processing Compact Font Format data. Successful exploitation could lead to arbitrary code execution.
References
| ► | URL | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier. |
Version: Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier. |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T14:09:17.769Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-17-002"
},
{
"name": "95345",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/95345"
},
{
"name": "1037574",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1037574"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier.",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier."
}
]
}
],
"datePublic": "2017-01-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable memory corruption vulnerability when processing Compact Font Format data. Successful exploitation could lead to arbitrary code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Memory Corruption",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-01-12T22:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-17-002"
},
{
"name": "95345",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/95345"
},
{
"name": "1037574",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1037574"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2017-2941",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier.",
"version": {
"version_data": [
{
"version_value": "Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier."
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable memory corruption vulnerability when processing Compact Font Format data. Successful exploitation could lead to arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Memory Corruption"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-17-002",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-17-002"
},
{
"name": "95345",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/95345"
},
{
"name": "1037574",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037574"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2017-2941",
"datePublished": "2017-01-11T04:40:00",
"dateReserved": "2016-12-02T00:00:00",
"dateUpdated": "2024-08-05T14:09:17.769Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-1118 (GCVE-0-2016-1118)
Vulnerability from cvelistv5
Published
2016-05-11 10:00
Modified
2024-08-05 22:48
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T22:48:13.547Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1035828",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1035828"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-05-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-11-29T16:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "1035828",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1035828"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-1118",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1035828",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2016-1118",
"datePublished": "2016-05-11T10:00:00",
"dateReserved": "2015-12-22T00:00:00",
"dateUpdated": "2024-08-05T22:48:13.547Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-1129 (GCVE-0-2016-1129)
Vulnerability from cvelistv5
Published
2016-05-11 10:00
Modified
2024-08-05 22:48
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T22:48:12.985Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1035828",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1035828"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-05-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-11-29T16:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "1035828",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1035828"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-1129",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1035828",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2016-1129",
"datePublished": "2016-05-11T10:00:00",
"dateReserved": "2015-12-22T00:00:00",
"dateUpdated": "2024-08-05T22:48:12.985Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-4103 (GCVE-0-2016-4103)
Vulnerability from cvelistv5
Published
2016-05-11 10:00
Modified
2024-08-06 00:17
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4104, and CVE-2016-4105.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T00:17:31.179Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1035828",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1035828"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-05-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4104, and CVE-2016-4105."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-11-29T16:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "1035828",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1035828"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-4103",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4104, and CVE-2016-4105."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1035828",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2016-4103",
"datePublished": "2016-05-11T10:00:00",
"dateReserved": "2016-04-27T00:00:00",
"dateUpdated": "2024-08-06T00:17:31.179Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-11210 (GCVE-0-2017-11210)
Vulnerability from cvelistv5
Published
2017-08-11 19:00
Modified
2024-09-16 18:40
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Memory Corruption
Summary
Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the font parsing, where the font is embedded in the XML Paper Specification (XPS) file. Successful exploitation could lead to arbitrary code execution.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Adobe Systems Incorporated | Acrobat Reader |
Version: 2017.009.20058 and earlier Version: 2017.008.30051 and earlier Version: 2015.006.30306 and earlier Version: 11.0.20 and earlier |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T18:05:28.782Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "100184",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/100184"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"name": "1039098",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1039098"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe Systems Incorporated",
"versions": [
{
"status": "affected",
"version": "2017.009.20058 and earlier"
},
{
"status": "affected",
"version": "2017.008.30051 and earlier"
},
{
"status": "affected",
"version": "2015.006.30306 and earlier"
},
{
"status": "affected",
"version": "11.0.20 and earlier"
}
]
}
],
"datePublic": "2017-08-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the font parsing, where the font is embedded in the XML Paper Specification (XPS) file. Successful exploitation could lead to arbitrary code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Memory Corruption",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-12T09:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "100184",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/100184"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"name": "1039098",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1039098"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2017-08-08T00:00:00",
"ID": "CVE-2017-11210",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_value": "2017.009.20058 and earlier"
},
{
"version_value": "2017.008.30051 and earlier"
},
{
"version_value": "2015.006.30306 and earlier"
},
{
"version_value": "11.0.20 and earlier"
}
]
}
}
]
},
"vendor_name": "Adobe Systems Incorporated"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the font parsing, where the font is embedded in the XML Paper Specification (XPS) file. Successful exploitation could lead to arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Memory Corruption"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "100184",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/100184"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"name": "1039098",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039098"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2017-11210",
"datePublished": "2017-08-11T19:00:00Z",
"dateReserved": "2017-07-13T00:00:00",
"dateUpdated": "2024-09-16T18:40:00.974Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-1116 (GCVE-0-2016-1116)
Vulnerability from cvelistv5
Published
2016-05-11 10:00
Modified
2024-08-05 22:48
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T22:48:13.029Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1035828",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1035828"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-05-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-11-29T16:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "1035828",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1035828"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-1116",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1035828",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2016-1116",
"datePublished": "2016-05-11T10:00:00",
"dateReserved": "2015-12-22T00:00:00",
"dateUpdated": "2024-08-05T22:48:13.029Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-3025 (GCVE-0-2017-3025)
Vulnerability from cvelistv5
Published
2017-04-12 14:00
Modified
2024-08-05 14:16
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Memory Corruption
Summary
Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability related to internal object representation manipulation. Successful exploitation could lead to arbitrary code execution.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier. |
Version: Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier. |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T14:16:26.308Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1038228",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1038228"
},
{
"name": "97556",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/97556"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier.",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier."
}
]
}
],
"datePublic": "2017-04-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability related to internal object representation manipulation. Successful exploitation could lead to arbitrary code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Memory Corruption",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T09:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "1038228",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1038228"
},
{
"name": "97556",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/97556"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2017-3025",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier.",
"version": {
"version_data": [
{
"version_value": "Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier."
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability related to internal object representation manipulation. Successful exploitation could lead to arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Memory Corruption"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1038228",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038228"
},
{
"name": "97556",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/97556"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2017-3025",
"datePublished": "2017-04-12T14:00:00",
"dateReserved": "2016-12-02T00:00:00",
"dateUpdated": "2024-08-05T14:16:26.308Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-1048 (GCVE-0-2016-1048)
Vulnerability from cvelistv5
Published
2016-05-11 10:00
Modified
2024-08-05 22:38
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1045, CVE-2016-1046, CVE-2016-1047, CVE-2016-1049, CVE-2016-1050, CVE-2016-1051, CVE-2016-1052, CVE-2016-1053, CVE-2016-1054, CVE-2016-1055, CVE-2016-1056, CVE-2016-1057, CVE-2016-1058, CVE-2016-1059, CVE-2016-1060, CVE-2016-1061, CVE-2016-1065, CVE-2016-1066, CVE-2016-1067, CVE-2016-1068, CVE-2016-1069, CVE-2016-1070, CVE-2016-1075, CVE-2016-1094, CVE-2016-1121, CVE-2016-1122, CVE-2016-4102, and CVE-2016-4107.
References
| ► | URL | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T22:38:41.534Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-296"
},
{
"name": "90512",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/90512"
},
{
"name": "1035828",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1035828"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-05-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1045, CVE-2016-1046, CVE-2016-1047, CVE-2016-1049, CVE-2016-1050, CVE-2016-1051, CVE-2016-1052, CVE-2016-1053, CVE-2016-1054, CVE-2016-1055, CVE-2016-1056, CVE-2016-1057, CVE-2016-1058, CVE-2016-1059, CVE-2016-1060, CVE-2016-1061, CVE-2016-1065, CVE-2016-1066, CVE-2016-1067, CVE-2016-1068, CVE-2016-1069, CVE-2016-1070, CVE-2016-1075, CVE-2016-1094, CVE-2016-1121, CVE-2016-1122, CVE-2016-4102, and CVE-2016-4107."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-11-29T16:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-296"
},
{
"name": "90512",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/90512"
},
{
"name": "1035828",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1035828"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-1048",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1045, CVE-2016-1046, CVE-2016-1047, CVE-2016-1049, CVE-2016-1050, CVE-2016-1051, CVE-2016-1052, CVE-2016-1053, CVE-2016-1054, CVE-2016-1055, CVE-2016-1056, CVE-2016-1057, CVE-2016-1058, CVE-2016-1059, CVE-2016-1060, CVE-2016-1061, CVE-2016-1065, CVE-2016-1066, CVE-2016-1067, CVE-2016-1068, CVE-2016-1069, CVE-2016-1070, CVE-2016-1075, CVE-2016-1094, CVE-2016-1121, CVE-2016-1122, CVE-2016-4102, and CVE-2016-4107."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-16-296",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-296"
},
{
"name": "90512",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/90512"
},
{
"name": "1035828",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2016-1048",
"datePublished": "2016-05-11T10:00:00",
"dateReserved": "2015-12-22T00:00:00",
"dateUpdated": "2024-08-05T22:38:41.534Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-4092 (GCVE-0-2016-4092)
Vulnerability from cvelistv5
Published
2016-05-11 10:00
Modified
2024-08-06 00:17
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Heap-based buffer overflow in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4091.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T00:17:30.889Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1035828",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1035828"
},
{
"name": "90508",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/90508"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-05-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4091."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-11-29T16:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "1035828",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1035828"
},
{
"name": "90508",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/90508"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-4092",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Heap-based buffer overflow in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4091."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1035828",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"name": "90508",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/90508"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2016-4092",
"datePublished": "2016-05-11T10:00:00",
"dateReserved": "2016-04-27T00:00:00",
"dateUpdated": "2024-08-06T00:17:30.889Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-7019 (GCVE-0-2016-7019)
Vulnerability from cvelistv5
Published
2016-10-13 19:00
Modified
2024-08-06 01:50
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, and CVE-2016-7018.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T01:50:46.653Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1036986",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1036986"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"name": "93496",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/93496"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-10-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, and CVE-2016-7018."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-29T09:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "1036986",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1036986"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"name": "93496",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/93496"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-7019",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, and CVE-2016-7018."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1036986",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"name": "93496",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93496"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2016-7019",
"datePublished": "2016-10-13T19:00:00",
"dateReserved": "2016-08-23T00:00:00",
"dateUpdated": "2024-08-06T01:50:46.653Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-1069 (GCVE-0-2016-1069)
Vulnerability from cvelistv5
Published
2016-05-11 10:00
Modified
2024-08-05 22:38
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1045, CVE-2016-1046, CVE-2016-1047, CVE-2016-1048, CVE-2016-1049, CVE-2016-1050, CVE-2016-1051, CVE-2016-1052, CVE-2016-1053, CVE-2016-1054, CVE-2016-1055, CVE-2016-1056, CVE-2016-1057, CVE-2016-1058, CVE-2016-1059, CVE-2016-1060, CVE-2016-1061, CVE-2016-1065, CVE-2016-1066, CVE-2016-1067, CVE-2016-1068, CVE-2016-1070, CVE-2016-1075, CVE-2016-1094, CVE-2016-1121, CVE-2016-1122, CVE-2016-4102, and CVE-2016-4107.
References
| ► | URL | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T22:38:41.620Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "90512",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/90512"
},
{
"name": "1035828",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1035828"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-317"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-05-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1045, CVE-2016-1046, CVE-2016-1047, CVE-2016-1048, CVE-2016-1049, CVE-2016-1050, CVE-2016-1051, CVE-2016-1052, CVE-2016-1053, CVE-2016-1054, CVE-2016-1055, CVE-2016-1056, CVE-2016-1057, CVE-2016-1058, CVE-2016-1059, CVE-2016-1060, CVE-2016-1061, CVE-2016-1065, CVE-2016-1066, CVE-2016-1067, CVE-2016-1068, CVE-2016-1070, CVE-2016-1075, CVE-2016-1094, CVE-2016-1121, CVE-2016-1122, CVE-2016-4102, and CVE-2016-4107."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-11-29T16:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "90512",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/90512"
},
{
"name": "1035828",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1035828"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-317"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-1069",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1045, CVE-2016-1046, CVE-2016-1047, CVE-2016-1048, CVE-2016-1049, CVE-2016-1050, CVE-2016-1051, CVE-2016-1052, CVE-2016-1053, CVE-2016-1054, CVE-2016-1055, CVE-2016-1056, CVE-2016-1057, CVE-2016-1058, CVE-2016-1059, CVE-2016-1060, CVE-2016-1061, CVE-2016-1065, CVE-2016-1066, CVE-2016-1067, CVE-2016-1068, CVE-2016-1070, CVE-2016-1075, CVE-2016-1094, CVE-2016-1121, CVE-2016-1122, CVE-2016-4102, and CVE-2016-4107."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "90512",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/90512"
},
{
"name": "1035828",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-16-317",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-317"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2016-1069",
"datePublished": "2016-05-11T10:00:00",
"dateReserved": "2015-12-22T00:00:00",
"dateUpdated": "2024-08-05T22:38:41.620Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-2964 (GCVE-0-2017-2964)
Vulnerability from cvelistv5
Published
2017-01-11 04:40
Modified
2024-08-05 14:09
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Memory Corruption
Summary
Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable memory corruption vulnerability in the image conversion engine, related to the parsing of JPEG EXIF metadata. Successful exploitation could lead to arbitrary code execution.
References
| ► | URL | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier. |
Version: Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier. |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T14:09:17.752Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "95345",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/95345"
},
{
"name": "1037574",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1037574"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-17-014"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier.",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier."
}
]
}
],
"datePublic": "2017-01-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable memory corruption vulnerability in the image conversion engine, related to the parsing of JPEG EXIF metadata. Successful exploitation could lead to arbitrary code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Memory Corruption",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-01-12T22:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "95345",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/95345"
},
{
"name": "1037574",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1037574"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-17-014"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2017-2964",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier.",
"version": {
"version_data": [
{
"version_value": "Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier."
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable memory corruption vulnerability in the image conversion engine, related to the parsing of JPEG EXIF metadata. Successful exploitation could lead to arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Memory Corruption"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "95345",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/95345"
},
{
"name": "1037574",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037574"
},
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-17-014",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-17-014"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2017-2964",
"datePublished": "2017-01-11T04:40:00",
"dateReserved": "2016-12-02T00:00:00",
"dateUpdated": "2024-08-05T14:09:17.752Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-2945 (GCVE-0-2017-2945)
Vulnerability from cvelistv5
Published
2017-01-11 04:40
Modified
2024-08-05 14:09
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Heap Overflow
Summary
Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable heap overflow vulnerability when parsing TIFF image files. Successful exploitation could lead to arbitrary code execution.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier. |
Version: Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier. |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T14:09:17.791Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "95344",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/95344"
},
{
"name": "1037574",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1037574"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier.",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier."
}
]
}
],
"datePublic": "2017-01-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable heap overflow vulnerability when parsing TIFF image files. Successful exploitation could lead to arbitrary code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Heap Overflow",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-01-12T22:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "95344",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/95344"
},
{
"name": "1037574",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1037574"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2017-2945",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier.",
"version": {
"version_data": [
{
"version_value": "Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier."
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable heap overflow vulnerability when parsing TIFF image files. Successful exploitation could lead to arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Heap Overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "95344",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/95344"
},
{
"name": "1037574",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037574"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2017-2945",
"datePublished": "2017-01-11T04:40:00",
"dateReserved": "2016-12-02T00:00:00",
"dateUpdated": "2024-08-05T14:09:17.791Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-11261 (GCVE-0-2017-11261)
Vulnerability from cvelistv5
Published
2017-08-11 19:00
Modified
2024-09-16 20:12
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Memory Corruption
Summary
Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conversion engine when processing Enhanced Metafile Format (EMF) private data and the embedded TIF image. Successful exploitation could lead to arbitrary code execution.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Adobe Systems Incorporated | Acrobat Reader |
Version: 2017.009.20058 and earlier Version: 2017.008.30051 and earlier Version: 2015.006.30306 and earlier Version: 11.0.20 and earlier |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T18:05:29.917Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"name": "1039098",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1039098"
},
{
"name": "100179",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/100179"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe Systems Incorporated",
"versions": [
{
"status": "affected",
"version": "2017.009.20058 and earlier"
},
{
"status": "affected",
"version": "2017.008.30051 and earlier"
},
{
"status": "affected",
"version": "2015.006.30306 and earlier"
},
{
"status": "affected",
"version": "11.0.20 and earlier"
}
]
}
],
"datePublic": "2017-08-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conversion engine when processing Enhanced Metafile Format (EMF) private data and the embedded TIF image. Successful exploitation could lead to arbitrary code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Memory Corruption",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-12T09:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"name": "1039098",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1039098"
},
{
"name": "100179",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/100179"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2017-08-08T00:00:00",
"ID": "CVE-2017-11261",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_value": "2017.009.20058 and earlier"
},
{
"version_value": "2017.008.30051 and earlier"
},
{
"version_value": "2015.006.30306 and earlier"
},
{
"version_value": "11.0.20 and earlier"
}
]
}
}
]
},
"vendor_name": "Adobe Systems Incorporated"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conversion engine when processing Enhanced Metafile Format (EMF) private data and the embedded TIF image. Successful exploitation could lead to arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Memory Corruption"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"name": "1039098",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039098"
},
{
"name": "100179",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/100179"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2017-11261",
"datePublished": "2017-08-11T19:00:00Z",
"dateReserved": "2017-07-13T00:00:00",
"dateUpdated": "2024-09-16T20:12:15.286Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-6949 (GCVE-0-2016-6949)
Vulnerability from cvelistv5
Published
2016-10-13 19:00
Modified
2024-08-06 01:43
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1089, CVE-2016-1091, CVE-2016-6944, CVE-2016-6945, CVE-2016-6946, CVE-2016-6952, CVE-2016-6953, CVE-2016-6961, CVE-2016-6962, CVE-2016-6963, CVE-2016-6964, CVE-2016-6965, CVE-2016-6967, CVE-2016-6968, CVE-2016-6969, CVE-2016-6971, CVE-2016-6979, CVE-2016-6988, and CVE-2016-6993.
References
| ► | URL | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T01:43:38.754Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20161011 Adobe Reader FlatDecode Stream Processing UAF Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE",
"x_transferred"
],
"url": "https://www.verisign.com/en_US/security-services/security-intelligence/vulnerability-reports/articles/index.xhtml?id=1230"
},
{
"name": "1036986",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1036986"
},
{
"name": "93491",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/93491"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-10-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1089, CVE-2016-1091, CVE-2016-6944, CVE-2016-6945, CVE-2016-6946, CVE-2016-6952, CVE-2016-6953, CVE-2016-6961, CVE-2016-6962, CVE-2016-6963, CVE-2016-6964, CVE-2016-6965, CVE-2016-6967, CVE-2016-6968, CVE-2016-6969, CVE-2016-6971, CVE-2016-6979, CVE-2016-6988, and CVE-2016-6993."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-29T09:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "20161011 Adobe Reader FlatDecode Stream Processing UAF Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE"
],
"url": "https://www.verisign.com/en_US/security-services/security-intelligence/vulnerability-reports/articles/index.xhtml?id=1230"
},
{
"name": "1036986",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1036986"
},
{
"name": "93491",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/93491"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-6949",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1089, CVE-2016-1091, CVE-2016-6944, CVE-2016-6945, CVE-2016-6946, CVE-2016-6952, CVE-2016-6953, CVE-2016-6961, CVE-2016-6962, CVE-2016-6963, CVE-2016-6964, CVE-2016-6965, CVE-2016-6967, CVE-2016-6968, CVE-2016-6969, CVE-2016-6971, CVE-2016-6979, CVE-2016-6988, and CVE-2016-6993."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20161011 Adobe Reader FlatDecode Stream Processing UAF Vulnerability",
"refsource": "IDEFENSE",
"url": "https://www.verisign.com/en_US/security-services/security-intelligence/vulnerability-reports/articles/index.xhtml?id=1230"
},
{
"name": "1036986",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"name": "93491",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93491"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2016-6949",
"datePublished": "2016-10-13T19:00:00",
"dateReserved": "2016-08-23T00:00:00",
"dateUpdated": "2024-08-06T01:43:38.754Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-4102 (GCVE-0-2016-4102)
Vulnerability from cvelistv5
Published
2016-05-11 10:00
Modified
2024-08-06 00:17
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1045, CVE-2016-1046, CVE-2016-1047, CVE-2016-1048, CVE-2016-1049, CVE-2016-1050, CVE-2016-1051, CVE-2016-1052, CVE-2016-1053, CVE-2016-1054, CVE-2016-1055, CVE-2016-1056, CVE-2016-1057, CVE-2016-1058, CVE-2016-1059, CVE-2016-1060, CVE-2016-1061, CVE-2016-1065, CVE-2016-1066, CVE-2016-1067, CVE-2016-1068, CVE-2016-1069, CVE-2016-1070, CVE-2016-1075, CVE-2016-1094, CVE-2016-1121, CVE-2016-1122, and CVE-2016-4107.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T00:17:30.820Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "90512",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/90512"
},
{
"name": "1035828",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1035828"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-05-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1045, CVE-2016-1046, CVE-2016-1047, CVE-2016-1048, CVE-2016-1049, CVE-2016-1050, CVE-2016-1051, CVE-2016-1052, CVE-2016-1053, CVE-2016-1054, CVE-2016-1055, CVE-2016-1056, CVE-2016-1057, CVE-2016-1058, CVE-2016-1059, CVE-2016-1060, CVE-2016-1061, CVE-2016-1065, CVE-2016-1066, CVE-2016-1067, CVE-2016-1068, CVE-2016-1069, CVE-2016-1070, CVE-2016-1075, CVE-2016-1094, CVE-2016-1121, CVE-2016-1122, and CVE-2016-4107."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-11-29T16:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "90512",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/90512"
},
{
"name": "1035828",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1035828"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-4102",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1045, CVE-2016-1046, CVE-2016-1047, CVE-2016-1048, CVE-2016-1049, CVE-2016-1050, CVE-2016-1051, CVE-2016-1052, CVE-2016-1053, CVE-2016-1054, CVE-2016-1055, CVE-2016-1056, CVE-2016-1057, CVE-2016-1058, CVE-2016-1059, CVE-2016-1060, CVE-2016-1061, CVE-2016-1065, CVE-2016-1066, CVE-2016-1067, CVE-2016-1068, CVE-2016-1069, CVE-2016-1070, CVE-2016-1075, CVE-2016-1094, CVE-2016-1121, CVE-2016-1122, and CVE-2016-4107."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "90512",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/90512"
},
{
"name": "1035828",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2016-4102",
"datePublished": "2016-05-11T10:00:00",
"dateReserved": "2016-04-27T00:00:00",
"dateUpdated": "2024-08-06T00:17:30.820Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-1119 (GCVE-0-2016-1119)
Vulnerability from cvelistv5
Published
2016-05-11 10:00
Modified
2024-08-05 22:48
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T22:48:12.994Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1035828",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1035828"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-05-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-11-29T16:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "1035828",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1035828"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-1119",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1035828",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2016-1119",
"datePublished": "2016-05-11T10:00:00",
"dateReserved": "2015-12-22T00:00:00",
"dateUpdated": "2024-08-05T22:48:12.994Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-11242 (GCVE-0-2017-11242)
Vulnerability from cvelistv5
Published
2017-08-11 19:00
Modified
2024-08-05 18:05
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conversion engine when processing Enhanced Metafile Format (EMF) data related to line segments. Successful exploitation could lead to arbitrary code execution.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T18:05:29.946Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "100184",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/100184"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"name": "1039098",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1039098"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-08-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conversion engine when processing Enhanced Metafile Format (EMF) data related to line segments. Successful exploitation could lead to arbitrary code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-12T09:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "100184",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/100184"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"name": "1039098",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1039098"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2017-11242",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conversion engine when processing Enhanced Metafile Format (EMF) data related to line segments. Successful exploitation could lead to arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "100184",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/100184"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"name": "1039098",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039098"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2017-11242",
"datePublished": "2017-08-11T19:00:00",
"dateReserved": "2017-07-13T00:00:00",
"dateUpdated": "2024-08-05T18:05:29.946Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-11265 (GCVE-0-2017-11265)
Vulnerability from cvelistv5
Published
2017-08-11 19:00
Modified
2024-09-16 17:14
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Memory Corruption
Summary
Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the Adobe Graphics Manager module. Successful exploitation could lead to arbitrary code execution.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Adobe Systems Incorporated | Acrobat Reader |
Version: 2017.009.20058 and earlier Version: 2017.008.30051 and earlier Version: 2015.006.30306 and earlier Version: 11.0.20 and earlier |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T18:05:30.257Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "100184",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/100184"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"name": "1039098",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1039098"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe Systems Incorporated",
"versions": [
{
"status": "affected",
"version": "2017.009.20058 and earlier"
},
{
"status": "affected",
"version": "2017.008.30051 and earlier"
},
{
"status": "affected",
"version": "2015.006.30306 and earlier"
},
{
"status": "affected",
"version": "11.0.20 and earlier"
}
]
}
],
"datePublic": "2017-08-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the Adobe Graphics Manager module. Successful exploitation could lead to arbitrary code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Memory Corruption",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-12T09:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "100184",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/100184"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"name": "1039098",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1039098"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2017-08-08T00:00:00",
"ID": "CVE-2017-11265",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_value": "2017.009.20058 and earlier"
},
{
"version_value": "2017.008.30051 and earlier"
},
{
"version_value": "2015.006.30306 and earlier"
},
{
"version_value": "11.0.20 and earlier"
}
]
}
}
]
},
"vendor_name": "Adobe Systems Incorporated"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the Adobe Graphics Manager module. Successful exploitation could lead to arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Memory Corruption"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "100184",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/100184"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"name": "1039098",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039098"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2017-11265",
"datePublished": "2017-08-11T19:00:00Z",
"dateReserved": "2017-07-13T00:00:00",
"dateUpdated": "2024-09-16T17:14:55.141Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-6961 (GCVE-0-2016-6961)
Vulnerability from cvelistv5
Published
2016-10-13 19:00
Modified
2024-08-06 01:43
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1089, CVE-2016-1091, CVE-2016-6944, CVE-2016-6945, CVE-2016-6946, CVE-2016-6949, CVE-2016-6952, CVE-2016-6953, CVE-2016-6962, CVE-2016-6963, CVE-2016-6964, CVE-2016-6965, CVE-2016-6967, CVE-2016-6968, CVE-2016-6969, CVE-2016-6971, CVE-2016-6979, CVE-2016-6988, and CVE-2016-6993.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T01:43:38.814Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1036986",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1036986"
},
{
"name": "93491",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/93491"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-10-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1089, CVE-2016-1091, CVE-2016-6944, CVE-2016-6945, CVE-2016-6946, CVE-2016-6949, CVE-2016-6952, CVE-2016-6953, CVE-2016-6962, CVE-2016-6963, CVE-2016-6964, CVE-2016-6965, CVE-2016-6967, CVE-2016-6968, CVE-2016-6969, CVE-2016-6971, CVE-2016-6979, CVE-2016-6988, and CVE-2016-6993."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-29T09:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "1036986",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1036986"
},
{
"name": "93491",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/93491"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-6961",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1089, CVE-2016-1091, CVE-2016-6944, CVE-2016-6945, CVE-2016-6946, CVE-2016-6949, CVE-2016-6952, CVE-2016-6953, CVE-2016-6962, CVE-2016-6963, CVE-2016-6964, CVE-2016-6965, CVE-2016-6967, CVE-2016-6968, CVE-2016-6969, CVE-2016-6971, CVE-2016-6979, CVE-2016-6988, and CVE-2016-6993."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1036986",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"name": "93491",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93491"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2016-6961",
"datePublished": "2016-10-13T19:00:00",
"dateReserved": "2016-08-23T00:00:00",
"dateUpdated": "2024-08-06T01:43:38.814Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-11245 (GCVE-0-2017-11245)
Vulnerability from cvelistv5
Published
2017-08-11 19:00
Modified
2024-09-17 03:33
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Memory Corruption
Summary
Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conversion engine when processing Enhanced Metafile Format (EMF) private data. Successful exploitation could lead to arbitrary code execution.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Adobe Systems Incorporated | Acrobat Reader |
Version: 2017.009.20058 and earlier Version: 2017.008.30051 and earlier Version: 2015.006.30306 and earlier Version: 11.0.20 and earlier |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T18:05:29.662Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "100184",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/100184"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"name": "1039098",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1039098"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe Systems Incorporated",
"versions": [
{
"status": "affected",
"version": "2017.009.20058 and earlier"
},
{
"status": "affected",
"version": "2017.008.30051 and earlier"
},
{
"status": "affected",
"version": "2015.006.30306 and earlier"
},
{
"status": "affected",
"version": "11.0.20 and earlier"
}
]
}
],
"datePublic": "2017-08-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conversion engine when processing Enhanced Metafile Format (EMF) private data. Successful exploitation could lead to arbitrary code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Memory Corruption",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-12T09:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "100184",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/100184"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"name": "1039098",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1039098"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2017-08-08T00:00:00",
"ID": "CVE-2017-11245",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_value": "2017.009.20058 and earlier"
},
{
"version_value": "2017.008.30051 and earlier"
},
{
"version_value": "2015.006.30306 and earlier"
},
{
"version_value": "11.0.20 and earlier"
}
]
}
}
]
},
"vendor_name": "Adobe Systems Incorporated"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conversion engine when processing Enhanced Metafile Format (EMF) private data. Successful exploitation could lead to arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Memory Corruption"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "100184",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/100184"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"name": "1039098",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039098"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2017-11245",
"datePublished": "2017-08-11T19:00:00Z",
"dateReserved": "2017-07-13T00:00:00",
"dateUpdated": "2024-09-17T03:33:15.589Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-2948 (GCVE-0-2017-2948)
Vulnerability from cvelistv5
Published
2017-01-11 04:40
Modified
2024-08-05 14:09
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Buffer Overflow / Underflow
Summary
Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable buffer overflow / underflow vulnerability in the XFA engine. Successful exploitation could lead to arbitrary code execution.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier. |
Version: Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier. |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T14:09:17.749Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "95346",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/95346"
},
{
"name": "1037574",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1037574"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier.",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier."
}
]
}
],
"datePublic": "2017-01-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable buffer overflow / underflow vulnerability in the XFA engine. Successful exploitation could lead to arbitrary code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Buffer Overflow / Underflow",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-01-12T22:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "95346",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/95346"
},
{
"name": "1037574",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1037574"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2017-2948",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier.",
"version": {
"version_data": [
{
"version_value": "Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier."
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable buffer overflow / underflow vulnerability in the XFA engine. Successful exploitation could lead to arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Buffer Overflow / Underflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "95346",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/95346"
},
{
"name": "1037574",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037574"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2017-2948",
"datePublished": "2017-01-11T04:40:00",
"dateReserved": "2016-12-02T00:00:00",
"dateUpdated": "2024-08-05T14:09:17.749Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-1049 (GCVE-0-2016-1049)
Vulnerability from cvelistv5
Published
2016-05-11 10:00
Modified
2024-08-05 22:38
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1045, CVE-2016-1046, CVE-2016-1047, CVE-2016-1048, CVE-2016-1050, CVE-2016-1051, CVE-2016-1052, CVE-2016-1053, CVE-2016-1054, CVE-2016-1055, CVE-2016-1056, CVE-2016-1057, CVE-2016-1058, CVE-2016-1059, CVE-2016-1060, CVE-2016-1061, CVE-2016-1065, CVE-2016-1066, CVE-2016-1067, CVE-2016-1068, CVE-2016-1069, CVE-2016-1070, CVE-2016-1075, CVE-2016-1094, CVE-2016-1121, CVE-2016-1122, CVE-2016-4102, and CVE-2016-4107.
References
| ► | URL | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T22:38:41.595Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "90512",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/90512"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-297"
},
{
"name": "1035828",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1035828"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-05-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1045, CVE-2016-1046, CVE-2016-1047, CVE-2016-1048, CVE-2016-1050, CVE-2016-1051, CVE-2016-1052, CVE-2016-1053, CVE-2016-1054, CVE-2016-1055, CVE-2016-1056, CVE-2016-1057, CVE-2016-1058, CVE-2016-1059, CVE-2016-1060, CVE-2016-1061, CVE-2016-1065, CVE-2016-1066, CVE-2016-1067, CVE-2016-1068, CVE-2016-1069, CVE-2016-1070, CVE-2016-1075, CVE-2016-1094, CVE-2016-1121, CVE-2016-1122, CVE-2016-4102, and CVE-2016-4107."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-11-29T16:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "90512",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/90512"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-297"
},
{
"name": "1035828",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1035828"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-1049",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1045, CVE-2016-1046, CVE-2016-1047, CVE-2016-1048, CVE-2016-1050, CVE-2016-1051, CVE-2016-1052, CVE-2016-1053, CVE-2016-1054, CVE-2016-1055, CVE-2016-1056, CVE-2016-1057, CVE-2016-1058, CVE-2016-1059, CVE-2016-1060, CVE-2016-1061, CVE-2016-1065, CVE-2016-1066, CVE-2016-1067, CVE-2016-1068, CVE-2016-1069, CVE-2016-1070, CVE-2016-1075, CVE-2016-1094, CVE-2016-1121, CVE-2016-1122, CVE-2016-4102, and CVE-2016-4107."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "90512",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/90512"
},
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-16-297",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-297"
},
{
"name": "1035828",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2016-1049",
"datePublished": "2016-05-11T10:00:00",
"dateReserved": "2015-12-22T00:00:00",
"dateUpdated": "2024-08-05T22:38:41.595Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-11236 (GCVE-0-2017-11236)
Vulnerability from cvelistv5
Published
2017-08-11 19:00
Modified
2024-09-16 23:52
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Memory Corruption
Summary
Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the internal handling of UTF-16 literal strings. Successful exploitation could lead to arbitrary code execution.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Adobe Systems Incorporated | Acrobat Reader |
Version: 2017.009.20058 and earlier Version: 2017.008.30051 and earlier Version: 2015.006.30306 and earlier Version: 11.0.20 and earlier |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T18:05:30.576Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "100184",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/100184"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"name": "1039098",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1039098"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe Systems Incorporated",
"versions": [
{
"status": "affected",
"version": "2017.009.20058 and earlier"
},
{
"status": "affected",
"version": "2017.008.30051 and earlier"
},
{
"status": "affected",
"version": "2015.006.30306 and earlier"
},
{
"status": "affected",
"version": "11.0.20 and earlier"
}
]
}
],
"datePublic": "2017-08-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the internal handling of UTF-16 literal strings. Successful exploitation could lead to arbitrary code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Memory Corruption",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-12T09:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "100184",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/100184"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"name": "1039098",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1039098"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2017-08-08T00:00:00",
"ID": "CVE-2017-11236",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_value": "2017.009.20058 and earlier"
},
{
"version_value": "2017.008.30051 and earlier"
},
{
"version_value": "2015.006.30306 and earlier"
},
{
"version_value": "11.0.20 and earlier"
}
]
}
}
]
},
"vendor_name": "Adobe Systems Incorporated"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the internal handling of UTF-16 literal strings. Successful exploitation could lead to arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Memory Corruption"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "100184",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/100184"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"name": "1039098",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039098"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2017-11236",
"datePublished": "2017-08-11T19:00:00Z",
"dateReserved": "2017-07-13T00:00:00",
"dateUpdated": "2024-09-16T23:52:09.054Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-11260 (GCVE-0-2017-11260)
Vulnerability from cvelistv5
Published
2017-08-11 19:00
Modified
2024-09-17 03:29
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Memory Corruption
Summary
Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conversion engine when processing Enhanced Metafile Format (EMF) private data interpreted as a GIF image. Successful exploitation could lead to arbitrary code execution.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Adobe Systems Incorporated | Acrobat Reader |
Version: 2017.009.20058 and earlier Version: 2017.008.30051 and earlier Version: 2015.006.30306 and earlier Version: 11.0.20 and earlier |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T18:05:30.567Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"name": "1039098",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1039098"
},
{
"name": "100179",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/100179"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe Systems Incorporated",
"versions": [
{
"status": "affected",
"version": "2017.009.20058 and earlier"
},
{
"status": "affected",
"version": "2017.008.30051 and earlier"
},
{
"status": "affected",
"version": "2015.006.30306 and earlier"
},
{
"status": "affected",
"version": "11.0.20 and earlier"
}
]
}
],
"datePublic": "2017-08-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conversion engine when processing Enhanced Metafile Format (EMF) private data interpreted as a GIF image. Successful exploitation could lead to arbitrary code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Memory Corruption",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-12T09:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"name": "1039098",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1039098"
},
{
"name": "100179",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/100179"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2017-08-08T00:00:00",
"ID": "CVE-2017-11260",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_value": "2017.009.20058 and earlier"
},
{
"version_value": "2017.008.30051 and earlier"
},
{
"version_value": "2015.006.30306 and earlier"
},
{
"version_value": "11.0.20 and earlier"
}
]
}
}
]
},
"vendor_name": "Adobe Systems Incorporated"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conversion engine when processing Enhanced Metafile Format (EMF) private data interpreted as a GIF image. Successful exploitation could lead to arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Memory Corruption"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"name": "1039098",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039098"
},
{
"name": "100179",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/100179"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2017-11260",
"datePublished": "2017-08-11T19:00:00Z",
"dateReserved": "2017-07-13T00:00:00",
"dateUpdated": "2024-09-17T03:29:01.468Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-4097 (GCVE-0-2016-4097)
Vulnerability from cvelistv5
Published
2016-05-11 10:00
Modified
2024-08-06 00:17
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T00:17:31.024Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1035828",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1035828"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-05-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-11-29T16:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "1035828",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1035828"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-4097",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1035828",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2016-4097",
"datePublished": "2016-05-11T10:00:00",
"dateReserved": "2016-04-27T00:00:00",
"dateUpdated": "2024-08-06T00:17:31.024Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-1064 (GCVE-0-2016-1064)
Vulnerability from cvelistv5
Published
2016-05-11 10:00
Modified
2024-08-05 22:38
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T22:38:41.752Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1035828",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1035828"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-05-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-11-29T16:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "1035828",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1035828"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-1064",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1035828",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2016-1064",
"datePublished": "2016-05-11T10:00:00",
"dateReserved": "2015-12-22T00:00:00",
"dateUpdated": "2024-08-05T22:38:41.752Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-7006 (GCVE-0-2016-7006)
Vulnerability from cvelistv5
Published
2016-10-13 19:00
Modified
2024-08-06 01:50
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T01:50:47.369Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1036986",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1036986"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"name": "93496",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/93496"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-10-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-29T09:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "1036986",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1036986"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"name": "93496",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/93496"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-7006",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1036986",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"name": "93496",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93496"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2016-7006",
"datePublished": "2016-10-13T19:00:00",
"dateReserved": "2016-08-23T00:00:00",
"dateUpdated": "2024-08-06T01:50:47.369Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-1044 (GCVE-0-2016-1044)
Vulnerability from cvelistv5
Published
2016-05-11 10:00
Modified
2024-08-05 22:38
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to bypass JavaScript API execution restrictions via unspecified vectors, a different vulnerability than CVE-2016-1038, CVE-2016-1039, CVE-2016-1040, CVE-2016-1041, CVE-2016-1042, CVE-2016-1062, and CVE-2016-1117.
References
| ► | URL | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T22:38:41.575Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1035828",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1035828"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-291"
},
{
"name": "90517",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/90517"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-05-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to bypass JavaScript API execution restrictions via unspecified vectors, a different vulnerability than CVE-2016-1038, CVE-2016-1039, CVE-2016-1040, CVE-2016-1041, CVE-2016-1042, CVE-2016-1062, and CVE-2016-1117."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-11-29T16:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "1035828",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1035828"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-291"
},
{
"name": "90517",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/90517"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-1044",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to bypass JavaScript API execution restrictions via unspecified vectors, a different vulnerability than CVE-2016-1038, CVE-2016-1039, CVE-2016-1040, CVE-2016-1041, CVE-2016-1042, CVE-2016-1062, and CVE-2016-1117."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1035828",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-16-291",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-291"
},
{
"name": "90517",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/90517"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2016-1044",
"datePublished": "2016-05-11T10:00:00",
"dateReserved": "2015-12-22T00:00:00",
"dateUpdated": "2024-08-05T22:38:41.575Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-7004 (GCVE-0-2016-7004)
Vulnerability from cvelistv5
Published
2016-10-13 19:00
Modified
2024-08-06 01:50
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T01:50:47.437Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1036986",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1036986"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"name": "93496",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/93496"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-10-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-29T09:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "1036986",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1036986"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"name": "93496",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/93496"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-7004",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1036986",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"name": "93496",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93496"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2016-7004",
"datePublished": "2016-10-13T19:00:00",
"dateReserved": "2016-08-23T00:00:00",
"dateUpdated": "2024-08-06T01:50:47.437Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-1050 (GCVE-0-2016-1050)
Vulnerability from cvelistv5
Published
2016-05-11 10:00
Modified
2024-08-05 22:38
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1045, CVE-2016-1046, CVE-2016-1047, CVE-2016-1048, CVE-2016-1049, CVE-2016-1051, CVE-2016-1052, CVE-2016-1053, CVE-2016-1054, CVE-2016-1055, CVE-2016-1056, CVE-2016-1057, CVE-2016-1058, CVE-2016-1059, CVE-2016-1060, CVE-2016-1061, CVE-2016-1065, CVE-2016-1066, CVE-2016-1067, CVE-2016-1068, CVE-2016-1069, CVE-2016-1070, CVE-2016-1075, CVE-2016-1094, CVE-2016-1121, CVE-2016-1122, CVE-2016-4102, and CVE-2016-4107.
References
| ► | URL | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T22:38:41.732Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "90512",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/90512"
},
{
"name": "1035828",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1035828"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-298"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-05-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1045, CVE-2016-1046, CVE-2016-1047, CVE-2016-1048, CVE-2016-1049, CVE-2016-1051, CVE-2016-1052, CVE-2016-1053, CVE-2016-1054, CVE-2016-1055, CVE-2016-1056, CVE-2016-1057, CVE-2016-1058, CVE-2016-1059, CVE-2016-1060, CVE-2016-1061, CVE-2016-1065, CVE-2016-1066, CVE-2016-1067, CVE-2016-1068, CVE-2016-1069, CVE-2016-1070, CVE-2016-1075, CVE-2016-1094, CVE-2016-1121, CVE-2016-1122, CVE-2016-4102, and CVE-2016-4107."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-11-29T16:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "90512",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/90512"
},
{
"name": "1035828",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1035828"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-298"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-1050",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1045, CVE-2016-1046, CVE-2016-1047, CVE-2016-1048, CVE-2016-1049, CVE-2016-1051, CVE-2016-1052, CVE-2016-1053, CVE-2016-1054, CVE-2016-1055, CVE-2016-1056, CVE-2016-1057, CVE-2016-1058, CVE-2016-1059, CVE-2016-1060, CVE-2016-1061, CVE-2016-1065, CVE-2016-1066, CVE-2016-1067, CVE-2016-1068, CVE-2016-1069, CVE-2016-1070, CVE-2016-1075, CVE-2016-1094, CVE-2016-1121, CVE-2016-1122, CVE-2016-4102, and CVE-2016-4107."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "90512",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/90512"
},
{
"name": "1035828",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-16-298",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-298"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2016-1050",
"datePublished": "2016-05-11T10:00:00",
"dateReserved": "2015-12-22T00:00:00",
"dateUpdated": "2024-08-05T22:38:41.732Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-1052 (GCVE-0-2016-1052)
Vulnerability from cvelistv5
Published
2016-05-11 10:00
Modified
2024-08-05 22:38
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1045, CVE-2016-1046, CVE-2016-1047, CVE-2016-1048, CVE-2016-1049, CVE-2016-1050, CVE-2016-1051, CVE-2016-1053, CVE-2016-1054, CVE-2016-1055, CVE-2016-1056, CVE-2016-1057, CVE-2016-1058, CVE-2016-1059, CVE-2016-1060, CVE-2016-1061, CVE-2016-1065, CVE-2016-1066, CVE-2016-1067, CVE-2016-1068, CVE-2016-1069, CVE-2016-1070, CVE-2016-1075, CVE-2016-1094, CVE-2016-1121, CVE-2016-1122, CVE-2016-4102, and CVE-2016-4107.
References
| ► | URL | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T22:38:41.625Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "90512",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/90512"
},
{
"name": "1035828",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1035828"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-300"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-05-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1045, CVE-2016-1046, CVE-2016-1047, CVE-2016-1048, CVE-2016-1049, CVE-2016-1050, CVE-2016-1051, CVE-2016-1053, CVE-2016-1054, CVE-2016-1055, CVE-2016-1056, CVE-2016-1057, CVE-2016-1058, CVE-2016-1059, CVE-2016-1060, CVE-2016-1061, CVE-2016-1065, CVE-2016-1066, CVE-2016-1067, CVE-2016-1068, CVE-2016-1069, CVE-2016-1070, CVE-2016-1075, CVE-2016-1094, CVE-2016-1121, CVE-2016-1122, CVE-2016-4102, and CVE-2016-4107."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-11-29T16:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "90512",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/90512"
},
{
"name": "1035828",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1035828"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-300"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-1052",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1045, CVE-2016-1046, CVE-2016-1047, CVE-2016-1048, CVE-2016-1049, CVE-2016-1050, CVE-2016-1051, CVE-2016-1053, CVE-2016-1054, CVE-2016-1055, CVE-2016-1056, CVE-2016-1057, CVE-2016-1058, CVE-2016-1059, CVE-2016-1060, CVE-2016-1061, CVE-2016-1065, CVE-2016-1066, CVE-2016-1067, CVE-2016-1068, CVE-2016-1069, CVE-2016-1070, CVE-2016-1075, CVE-2016-1094, CVE-2016-1121, CVE-2016-1122, CVE-2016-4102, and CVE-2016-4107."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "90512",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/90512"
},
{
"name": "1035828",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-16-300",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-300"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2016-1052",
"datePublished": "2016-05-11T10:00:00",
"dateReserved": "2015-12-22T00:00:00",
"dateUpdated": "2024-08-05T22:38:41.625Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-3046 (GCVE-0-2017-3046)
Vulnerability from cvelistv5
Published
2017-04-12 14:00
Modified
2024-08-05 14:16
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Information Disclosure
Summary
Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have a memory address leak vulnerability in the JPEG 2000 parser, related to contiguous code-stream parsing.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier. |
Version: Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier. |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T14:16:26.433Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "97554",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/97554"
},
{
"name": "1038228",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1038228"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier.",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier."
}
]
}
],
"datePublic": "2017-04-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have a memory address leak vulnerability in the JPEG 2000 parser, related to contiguous code-stream parsing."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information Disclosure",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T09:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "97554",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/97554"
},
{
"name": "1038228",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1038228"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2017-3046",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier.",
"version": {
"version_data": [
{
"version_value": "Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier."
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have a memory address leak vulnerability in the JPEG 2000 parser, related to contiguous code-stream parsing."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information Disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "97554",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/97554"
},
{
"name": "1038228",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038228"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2017-3046",
"datePublished": "2017-04-12T14:00:00",
"dateReserved": "2016-12-02T00:00:00",
"dateUpdated": "2024-08-05T14:16:26.433Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2009-1062 (GCVE-0-2009-1062)
Vulnerability from cvelistv5
Published
2009-03-25 01:00
Modified
2024-08-07 04:57
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Adobe Acrobat Reader 9 before 9.1, 8 before 8.1.4, and 7 before 7.1.1 might allow remote attackers to trigger memory corruption and possibly execute arbitrary code via unknown attack vectors related to JBIG2, a different vulnerability than CVE-2009-0193 and CVE-2009-1061.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T04:57:17.666Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "34790",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34790"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.adobe.com/support/security/bulletins/apsb09-04.html"
},
{
"name": "34229",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/34229"
},
{
"name": "34490",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34490"
},
{
"name": "1021892",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1021892"
},
{
"name": "RHSA-2009:0376",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-0376.html"
},
{
"name": "34392",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34392"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.ivizsecurity.com/security-advisory-iviz-sr-09001.html"
},
{
"name": "SUSE-SA:2009:014",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00005.html"
},
{
"name": "34706",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34706"
},
{
"name": "256788",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT",
"x_transferred"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-256788-1"
},
{
"name": "GLSA-200904-17",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200904-17.xml"
},
{
"name": "SUSE-SR:2009:009",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00010.html"
},
{
"name": "ADV-2009-1019",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/1019"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-03-24T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader 9 before 9.1, 8 before 8.1.4, and 7 before 7.1.1 might allow remote attackers to trigger memory corruption and possibly execute arbitrary code via unknown attack vectors related to JBIG2, a different vulnerability than CVE-2009-0193 and CVE-2009-1061."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2009-04-02T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "34790",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34790"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.adobe.com/support/security/bulletins/apsb09-04.html"
},
{
"name": "34229",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/34229"
},
{
"name": "34490",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34490"
},
{
"name": "1021892",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1021892"
},
{
"name": "RHSA-2009:0376",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-0376.html"
},
{
"name": "34392",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34392"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.ivizsecurity.com/security-advisory-iviz-sr-09001.html"
},
{
"name": "SUSE-SA:2009:014",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00005.html"
},
{
"name": "34706",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34706"
},
{
"name": "256788",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-256788-1"
},
{
"name": "GLSA-200904-17",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200904-17.xml"
},
{
"name": "SUSE-SR:2009:009",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00010.html"
},
{
"name": "ADV-2009-1019",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/1019"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-1062",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Acrobat Reader 9 before 9.1, 8 before 8.1.4, and 7 before 7.1.1 might allow remote attackers to trigger memory corruption and possibly execute arbitrary code via unknown attack vectors related to JBIG2, a different vulnerability than CVE-2009-0193 and CVE-2009-1061."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "34790",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34790"
},
{
"name": "http://www.adobe.com/support/security/bulletins/apsb09-04.html",
"refsource": "CONFIRM",
"url": "http://www.adobe.com/support/security/bulletins/apsb09-04.html"
},
{
"name": "34229",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/34229"
},
{
"name": "34490",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34490"
},
{
"name": "1021892",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1021892"
},
{
"name": "RHSA-2009:0376",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2009-0376.html"
},
{
"name": "34392",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34392"
},
{
"name": "http://www.ivizsecurity.com/security-advisory-iviz-sr-09001.html",
"refsource": "MISC",
"url": "http://www.ivizsecurity.com/security-advisory-iviz-sr-09001.html"
},
{
"name": "SUSE-SA:2009:014",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00005.html"
},
{
"name": "34706",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34706"
},
{
"name": "256788",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-256788-1"
},
{
"name": "GLSA-200904-17",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200904-17.xml"
},
{
"name": "SUSE-SR:2009:009",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00010.html"
},
{
"name": "ADV-2009-1019",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/1019"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-1062",
"datePublished": "2009-03-25T01:00:00",
"dateReserved": "2009-03-24T00:00:00",
"dateUpdated": "2024-08-07T04:57:17.666Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-3015 (GCVE-0-2017-3015)
Vulnerability from cvelistv5
Published
2017-04-12 14:00
Modified
2024-08-05 14:09
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Memory Corruption
Summary
Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability in the JBIG2 parsing functionality. Successful exploitation could lead to arbitrary code execution.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier. |
Version: Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier. |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T14:09:17.806Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1038228",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1038228"
},
{
"name": "97556",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/97556"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier.",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier."
}
]
}
],
"datePublic": "2017-04-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability in the JBIG2 parsing functionality. Successful exploitation could lead to arbitrary code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Memory Corruption",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T09:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "1038228",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1038228"
},
{
"name": "97556",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/97556"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2017-3015",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier.",
"version": {
"version_data": [
{
"version_value": "Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier."
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability in the JBIG2 parsing functionality. Successful exploitation could lead to arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Memory Corruption"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1038228",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038228"
},
{
"name": "97556",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/97556"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2017-3015",
"datePublished": "2017-04-12T14:00:00",
"dateReserved": "2016-12-02T00:00:00",
"dateUpdated": "2024-08-05T14:09:17.806Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-1077 (GCVE-0-2016-1077)
Vulnerability from cvelistv5
Published
2016-05-11 10:00
Modified
2024-08-05 22:38
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105.
References
| ► | URL | Tags | |||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T22:38:41.823Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://0patch.blogspot.com/2016/06/writing-0patch-for-acrobat-readers-use.html"
},
{
"name": "1035828",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1035828"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/137035/Adobe-Reader-DC-15.010.20060-Memory-Corruption.html"
},
{
"name": "39799",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/39799/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-05-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-06T09:57:02",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://0patch.blogspot.com/2016/06/writing-0patch-for-acrobat-readers-use.html"
},
{
"name": "1035828",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1035828"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/137035/Adobe-Reader-DC-15.010.20060-Memory-Corruption.html"
},
{
"name": "39799",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/39799/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-1077",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://0patch.blogspot.com/2016/06/writing-0patch-for-acrobat-readers-use.html",
"refsource": "MISC",
"url": "https://0patch.blogspot.com/2016/06/writing-0patch-for-acrobat-readers-use.html"
},
{
"name": "1035828",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"name": "http://packetstormsecurity.com/files/137035/Adobe-Reader-DC-15.010.20060-Memory-Corruption.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/137035/Adobe-Reader-DC-15.010.20060-Memory-Corruption.html"
},
{
"name": "39799",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/39799/"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2016-1077",
"datePublished": "2016-05-11T10:00:00",
"dateReserved": "2015-12-22T00:00:00",
"dateUpdated": "2024-08-05T22:38:41.823Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-6994 (GCVE-0-2016-6994)
Vulnerability from cvelistv5
Published
2016-10-13 19:00
Modified
2024-08-06 01:50
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Heap-based buffer overflow in Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-6939.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T01:50:46.599Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1036986",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1036986"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"name": "93487",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/93487"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-10-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-6939."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-29T09:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "1036986",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1036986"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"name": "93487",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/93487"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-6994",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Heap-based buffer overflow in Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-6939."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1036986",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"name": "93487",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93487"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2016-6994",
"datePublished": "2016-10-13T19:00:00",
"dateReserved": "2016-08-23T00:00:00",
"dateUpdated": "2024-08-06T01:50:46.599Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-11237 (GCVE-0-2017-11237)
Vulnerability from cvelistv5
Published
2017-08-11 19:00
Modified
2024-09-17 01:36
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Memory Corruption
Summary
Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the font parsing module. Successful exploitation could lead to arbitrary code execution.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Adobe Systems Incorporated | Acrobat Reader |
Version: 2017.009.20058 and earlier Version: 2017.008.30051 and earlier Version: 2015.006.30306 and earlier Version: 11.0.20 and earlier |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T18:05:30.442Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"name": "1039098",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1039098"
},
{
"name": "100179",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/100179"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe Systems Incorporated",
"versions": [
{
"status": "affected",
"version": "2017.009.20058 and earlier"
},
{
"status": "affected",
"version": "2017.008.30051 and earlier"
},
{
"status": "affected",
"version": "2015.006.30306 and earlier"
},
{
"status": "affected",
"version": "11.0.20 and earlier"
}
]
}
],
"datePublic": "2017-08-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the font parsing module. Successful exploitation could lead to arbitrary code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Memory Corruption",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-12T09:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"name": "1039098",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1039098"
},
{
"name": "100179",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/100179"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2017-08-08T00:00:00",
"ID": "CVE-2017-11237",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_value": "2017.009.20058 and earlier"
},
{
"version_value": "2017.008.30051 and earlier"
},
{
"version_value": "2015.006.30306 and earlier"
},
{
"version_value": "11.0.20 and earlier"
}
]
}
}
]
},
"vendor_name": "Adobe Systems Incorporated"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the font parsing module. Successful exploitation could lead to arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Memory Corruption"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"name": "1039098",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039098"
},
{
"name": "100179",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/100179"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2017-11237",
"datePublished": "2017-08-11T19:00:00Z",
"dateReserved": "2017-07-13T00:00:00",
"dateUpdated": "2024-09-17T01:36:30.659Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-6942 (GCVE-0-2016-6942)
Vulnerability from cvelistv5
Published
2016-10-13 19:00
Modified
2024-08-06 01:43
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T01:43:38.848Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1036986",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1036986"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"name": "93496",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/93496"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-10-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-29T09:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "1036986",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1036986"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"name": "93496",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/93496"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-6942",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1036986",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"name": "93496",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93496"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2016-6942",
"datePublished": "2016-10-13T19:00:00",
"dateReserved": "2016-08-23T00:00:00",
"dateUpdated": "2024-08-06T01:43:38.848Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-3119 (GCVE-0-2017-3119)
Vulnerability from cvelistv5
Published
2017-08-11 19:00
Modified
2024-09-17 01:10
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Memory Corruption
Summary
Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in Acrobat/Reader 11.0.19 engine. Successful exploitation could lead to arbitrary code execution.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Adobe Systems Incorporated | Acrobat Reader |
Version: 2017.009.20058 and earlier Version: 2017.008.30051 and earlier Version: 2015.006.30306 and earlier Version: 11.0.20 and earlier |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T14:16:28.207Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"name": "1039098",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1039098"
},
{
"name": "100179",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/100179"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe Systems Incorporated",
"versions": [
{
"status": "affected",
"version": "2017.009.20058 and earlier"
},
{
"status": "affected",
"version": "2017.008.30051 and earlier"
},
{
"status": "affected",
"version": "2015.006.30306 and earlier"
},
{
"status": "affected",
"version": "11.0.20 and earlier"
}
]
}
],
"datePublic": "2017-08-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in Acrobat/Reader 11.0.19 engine. Successful exploitation could lead to arbitrary code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Memory Corruption",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-12T09:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"name": "1039098",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1039098"
},
{
"name": "100179",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/100179"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2017-08-08T00:00:00",
"ID": "CVE-2017-3119",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_value": "2017.009.20058 and earlier"
},
{
"version_value": "2017.008.30051 and earlier"
},
{
"version_value": "2015.006.30306 and earlier"
},
{
"version_value": "11.0.20 and earlier"
}
]
}
}
]
},
"vendor_name": "Adobe Systems Incorporated"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in Acrobat/Reader 11.0.19 engine. Successful exploitation could lead to arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Memory Corruption"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"name": "1039098",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039098"
},
{
"name": "100179",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/100179"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2017-3119",
"datePublished": "2017-08-11T19:00:00Z",
"dateReserved": "2016-12-02T00:00:00",
"dateUpdated": "2024-09-17T01:10:59.828Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2011-4374 (GCVE-0-2011-4374)
Vulnerability from cvelistv5
Published
2012-01-19 19:00
Modified
2024-08-07 00:09
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Integer overflow in Adobe Reader 9.x before 9.4.6 on Linux allows attackers to execute arbitrary code via unspecified vectors.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T00:09:18.373Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.adobe.com/support/security/bulletins/apsb11-24.html"
},
{
"name": "oval:org.mitre.oval:def:14812",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14812"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-01-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Integer overflow in Adobe Reader 9.x before 9.4.6 on Linux allows attackers to execute arbitrary code via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-18T12:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.adobe.com/support/security/bulletins/apsb11-24.html"
},
{
"name": "oval:org.mitre.oval:def:14812",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14812"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2011-4374",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Integer overflow in Adobe Reader 9.x before 9.4.6 on Linux allows attackers to execute arbitrary code via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.adobe.com/support/security/bulletins/apsb11-24.html",
"refsource": "CONFIRM",
"url": "http://www.adobe.com/support/security/bulletins/apsb11-24.html"
},
{
"name": "oval:org.mitre.oval:def:14812",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14812"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2011-4374",
"datePublished": "2012-01-19T19:00:00",
"dateReserved": "2011-11-04T00:00:00",
"dateUpdated": "2024-08-07T00:09:18.373Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-2954 (GCVE-0-2017-2954)
Vulnerability from cvelistv5
Published
2017-01-11 04:40
Modified
2024-08-05 14:09
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Memory Corruption
Summary
Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable memory corruption vulnerability in the image conversion module when handling malformed TIFF images. Successful exploitation could lead to arbitrary code execution.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier. |
Version: Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier. |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T14:09:17.922Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "95345",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/95345"
},
{
"name": "1037574",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1037574"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier.",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier."
}
]
}
],
"datePublic": "2017-01-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable memory corruption vulnerability in the image conversion module when handling malformed TIFF images. Successful exploitation could lead to arbitrary code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Memory Corruption",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-01-12T22:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "95345",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/95345"
},
{
"name": "1037574",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1037574"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2017-2954",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier.",
"version": {
"version_data": [
{
"version_value": "Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier."
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable memory corruption vulnerability in the image conversion module when handling malformed TIFF images. Successful exploitation could lead to arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Memory Corruption"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "95345",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/95345"
},
{
"name": "1037574",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037574"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2017-2954",
"datePublished": "2017-01-11T04:40:00",
"dateReserved": "2016-12-02T00:00:00",
"dateUpdated": "2024-08-05T14:09:17.922Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-11269 (GCVE-0-2017-11269)
Vulnerability from cvelistv5
Published
2017-08-11 19:00
Modified
2024-09-16 16:22
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Memory Corruption
Summary
Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conversion engine when processing Enhanced Metafile Format (EMF) image stream data. Successful exploitation could lead to arbitrary code execution.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Adobe Systems Incorporated | Acrobat Reader |
Version: 2017.009.20058 and earlier Version: 2017.008.30051 and earlier Version: 2015.006.30306 and earlier Version: 11.0.20 and earlier |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T18:05:30.091Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"name": "1039098",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1039098"
},
{
"name": "100179",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/100179"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe Systems Incorporated",
"versions": [
{
"status": "affected",
"version": "2017.009.20058 and earlier"
},
{
"status": "affected",
"version": "2017.008.30051 and earlier"
},
{
"status": "affected",
"version": "2015.006.30306 and earlier"
},
{
"status": "affected",
"version": "11.0.20 and earlier"
}
]
}
],
"datePublic": "2017-08-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conversion engine when processing Enhanced Metafile Format (EMF) image stream data. Successful exploitation could lead to arbitrary code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Memory Corruption",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-12T09:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"name": "1039098",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1039098"
},
{
"name": "100179",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/100179"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2017-08-08T00:00:00",
"ID": "CVE-2017-11269",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_value": "2017.009.20058 and earlier"
},
{
"version_value": "2017.008.30051 and earlier"
},
{
"version_value": "2015.006.30306 and earlier"
},
{
"version_value": "11.0.20 and earlier"
}
]
}
}
]
},
"vendor_name": "Adobe Systems Incorporated"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conversion engine when processing Enhanced Metafile Format (EMF) image stream data. Successful exploitation could lead to arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Memory Corruption"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"name": "1039098",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039098"
},
{
"name": "100179",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/100179"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2017-11269",
"datePublished": "2017-08-11T19:00:00Z",
"dateReserved": "2017-07-13T00:00:00",
"dateUpdated": "2024-09-16T16:22:30.719Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-6998 (GCVE-0-2016-6998)
Vulnerability from cvelistv5
Published
2016-10-13 19:00
Modified
2024-08-06 01:50
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T01:50:47.468Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1036986",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1036986"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"name": "93496",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/93496"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-10-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-29T09:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "1036986",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1036986"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"name": "93496",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/93496"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-6998",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1036986",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"name": "93496",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93496"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2016-6998",
"datePublished": "2016-10-13T19:00:00",
"dateReserved": "2016-08-23T00:00:00",
"dateUpdated": "2024-08-06T01:50:47.468Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-1081 (GCVE-0-2016-1081)
Vulnerability from cvelistv5
Published
2016-05-11 10:00
Modified
2024-08-05 22:38
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T22:38:41.690Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1035828",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1035828"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-05-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-11-29T16:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "1035828",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1035828"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-1081",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1035828",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2016-1081",
"datePublished": "2016-05-11T10:00:00",
"dateReserved": "2015-12-22T00:00:00",
"dateUpdated": "2024-08-05T22:38:41.690Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-3029 (GCVE-0-2017-3029)
Vulnerability from cvelistv5
Published
2017-04-12 14:00
Modified
2024-08-05 14:16
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Information Disclosure
Summary
Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have a memory address leak vulnerability when handling a JPEG 2000 code-stream.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier. |
Version: Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier. |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T14:16:26.288Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "97554",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/97554"
},
{
"name": "1038228",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1038228"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier.",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier."
}
]
}
],
"datePublic": "2017-04-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have a memory address leak vulnerability when handling a JPEG 2000 code-stream."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information Disclosure",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T09:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "97554",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/97554"
},
{
"name": "1038228",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1038228"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2017-3029",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier.",
"version": {
"version_data": [
{
"version_value": "Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier."
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have a memory address leak vulnerability when handling a JPEG 2000 code-stream."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information Disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "97554",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/97554"
},
{
"name": "1038228",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038228"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2017-3029",
"datePublished": "2017-04-12T14:00:00",
"dateReserved": "2016-12-02T00:00:00",
"dateUpdated": "2024-08-05T14:16:26.288Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-6993 (GCVE-0-2016-6993)
Vulnerability from cvelistv5
Published
2016-10-13 19:00
Modified
2024-08-06 01:50
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1089, CVE-2016-1091, CVE-2016-6944, CVE-2016-6945, CVE-2016-6946, CVE-2016-6949, CVE-2016-6952, CVE-2016-6953, CVE-2016-6961, CVE-2016-6962, CVE-2016-6963, CVE-2016-6964, CVE-2016-6965, CVE-2016-6967, CVE-2016-6968, CVE-2016-6969, CVE-2016-6971, CVE-2016-6979, and CVE-2016-6988.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T01:50:46.139Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1036986",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1036986"
},
{
"name": "93491",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/93491"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-10-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1089, CVE-2016-1091, CVE-2016-6944, CVE-2016-6945, CVE-2016-6946, CVE-2016-6949, CVE-2016-6952, CVE-2016-6953, CVE-2016-6961, CVE-2016-6962, CVE-2016-6963, CVE-2016-6964, CVE-2016-6965, CVE-2016-6967, CVE-2016-6968, CVE-2016-6969, CVE-2016-6971, CVE-2016-6979, and CVE-2016-6988."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-29T09:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "1036986",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1036986"
},
{
"name": "93491",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/93491"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-6993",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1089, CVE-2016-1091, CVE-2016-6944, CVE-2016-6945, CVE-2016-6946, CVE-2016-6949, CVE-2016-6952, CVE-2016-6953, CVE-2016-6961, CVE-2016-6962, CVE-2016-6963, CVE-2016-6964, CVE-2016-6965, CVE-2016-6967, CVE-2016-6968, CVE-2016-6969, CVE-2016-6971, CVE-2016-6979, and CVE-2016-6988."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1036986",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"name": "93491",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93491"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2016-6993",
"datePublished": "2016-10-13T19:00:00",
"dateReserved": "2016-08-23T00:00:00",
"dateUpdated": "2024-08-06T01:50:46.139Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-1043 (GCVE-0-2016-1043)
Vulnerability from cvelistv5
Published
2016-05-11 10:00
Modified
2024-08-05 22:38
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Integer overflow in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors.
References
| ► | URL | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T22:38:41.587Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-286"
},
{
"name": "1035828",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1035828"
},
{
"name": "90516",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/90516"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-05-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Integer overflow in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-11-29T16:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-286"
},
{
"name": "1035828",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1035828"
},
{
"name": "90516",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/90516"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-1043",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Integer overflow in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-16-286",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-286"
},
{
"name": "1035828",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"name": "90516",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/90516"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2016-1043",
"datePublished": "2016-05-11T10:00:00",
"dateReserved": "2015-12-22T00:00:00",
"dateUpdated": "2024-08-05T22:38:41.587Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-3054 (GCVE-0-2017-3054)
Vulnerability from cvelistv5
Published
2017-04-12 14:00
Modified
2024-08-05 14:16
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Memory Corruption
Summary
Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability in the image conversion engine, related to manipulation of EMF files. Successful exploitation could lead to arbitrary code execution.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier. |
Version: Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier. |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T14:16:27.538Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1038228",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1038228"
},
{
"name": "97556",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/97556"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier.",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier."
}
]
}
],
"datePublic": "2017-04-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability in the image conversion engine, related to manipulation of EMF files. Successful exploitation could lead to arbitrary code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Memory Corruption",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T09:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "1038228",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1038228"
},
{
"name": "97556",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/97556"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2017-3054",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier.",
"version": {
"version_data": [
{
"version_value": "Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier."
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability in the image conversion engine, related to manipulation of EMF files. Successful exploitation could lead to arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Memory Corruption"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1038228",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038228"
},
{
"name": "97556",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/97556"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2017-3054",
"datePublished": "2017-04-12T14:00:00",
"dateReserved": "2016-12-02T00:00:00",
"dateUpdated": "2024-08-05T14:16:27.538Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-1074 (GCVE-0-2016-1074)
Vulnerability from cvelistv5
Published
2016-05-11 10:00
Modified
2024-08-05 22:38
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T22:38:41.599Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-322"
},
{
"name": "1035828",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1035828"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-05-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-11-29T16:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-322"
},
{
"name": "1035828",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1035828"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-1074",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-16-322",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-322"
},
{
"name": "1035828",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2016-1074",
"datePublished": "2016-05-11T10:00:00",
"dateReserved": "2015-12-22T00:00:00",
"dateUpdated": "2024-08-05T22:38:41.599Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-4212 (GCVE-0-2016-4212)
Vulnerability from cvelistv5
Published
2016-07-13 01:00
Modified
2024-08-06 00:25
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4191, CVE-2016-4192, CVE-2016-4193, CVE-2016-4194, CVE-2016-4195, CVE-2016-4196, CVE-2016-4197, CVE-2016-4198, CVE-2016-4199, CVE-2016-4200, CVE-2016-4201, CVE-2016-4202, CVE-2016-4203, CVE-2016-4204, CVE-2016-4205, CVE-2016-4206, CVE-2016-4207, CVE-2016-4208, CVE-2016-4211, CVE-2016-4213, CVE-2016-4214, CVE-2016-4250, CVE-2016-4251, CVE-2016-4252, and CVE-2016-4254.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T00:25:13.191Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "91716",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/91716"
},
{
"name": "1036281",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1036281"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-07-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4191, CVE-2016-4192, CVE-2016-4193, CVE-2016-4194, CVE-2016-4195, CVE-2016-4196, CVE-2016-4197, CVE-2016-4198, CVE-2016-4199, CVE-2016-4200, CVE-2016-4201, CVE-2016-4202, CVE-2016-4203, CVE-2016-4204, CVE-2016-4205, CVE-2016-4206, CVE-2016-4207, CVE-2016-4208, CVE-2016-4211, CVE-2016-4213, CVE-2016-4214, CVE-2016-4250, CVE-2016-4251, CVE-2016-4252, and CVE-2016-4254."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-31T09:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "91716",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/91716"
},
{
"name": "1036281",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1036281"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-4212",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4191, CVE-2016-4192, CVE-2016-4193, CVE-2016-4194, CVE-2016-4195, CVE-2016-4196, CVE-2016-4197, CVE-2016-4198, CVE-2016-4199, CVE-2016-4200, CVE-2016-4201, CVE-2016-4202, CVE-2016-4203, CVE-2016-4204, CVE-2016-4205, CVE-2016-4206, CVE-2016-4207, CVE-2016-4208, CVE-2016-4211, CVE-2016-4213, CVE-2016-4214, CVE-2016-4250, CVE-2016-4251, CVE-2016-4252, and CVE-2016-4254."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "91716",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/91716"
},
{
"name": "1036281",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036281"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2016-4212",
"datePublished": "2016-07-13T01:00:00",
"dateReserved": "2016-04-27T00:00:00",
"dateUpdated": "2024-08-06T00:25:13.191Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-3019 (GCVE-0-2017-3019)
Vulnerability from cvelistv5
Published
2017-04-12 14:00
Modified
2024-08-05 14:09
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Memory Corruption
Summary
Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability in the Product Representation Compact (PRC) format parser. Successful exploitation could lead to arbitrary code execution.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier. |
Version: Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier. |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T14:09:18.075Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1038228",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1038228"
},
{
"name": "97556",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/97556"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier.",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier."
}
]
}
],
"datePublic": "2017-04-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability in the Product Representation Compact (PRC) format parser. Successful exploitation could lead to arbitrary code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Memory Corruption",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T09:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "1038228",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1038228"
},
{
"name": "97556",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/97556"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2017-3019",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier.",
"version": {
"version_data": [
{
"version_value": "Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier."
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability in the Product Representation Compact (PRC) format parser. Successful exploitation could lead to arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Memory Corruption"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1038228",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038228"
},
{
"name": "97556",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/97556"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2017-3019",
"datePublished": "2017-04-12T14:00:00",
"dateReserved": "2016-12-02T00:00:00",
"dateUpdated": "2024-08-05T14:09:18.075Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-7000 (GCVE-0-2016-7000)
Vulnerability from cvelistv5
Published
2016-10-13 19:00
Modified
2024-08-06 01:50
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T01:50:46.638Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1036986",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1036986"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"name": "93496",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/93496"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-10-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-29T09:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "1036986",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1036986"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"name": "93496",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/93496"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-7000",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1036986",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"name": "93496",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93496"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2016-7000",
"datePublished": "2016-10-13T19:00:00",
"dateReserved": "2016-08-23T00:00:00",
"dateUpdated": "2024-08-06T01:50:46.638Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-1055 (GCVE-0-2016-1055)
Vulnerability from cvelistv5
Published
2016-05-11 10:00
Modified
2024-08-05 22:38
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1045, CVE-2016-1046, CVE-2016-1047, CVE-2016-1048, CVE-2016-1049, CVE-2016-1050, CVE-2016-1051, CVE-2016-1052, CVE-2016-1053, CVE-2016-1054, CVE-2016-1056, CVE-2016-1057, CVE-2016-1058, CVE-2016-1059, CVE-2016-1060, CVE-2016-1061, CVE-2016-1065, CVE-2016-1066, CVE-2016-1067, CVE-2016-1068, CVE-2016-1069, CVE-2016-1070, CVE-2016-1075, CVE-2016-1094, CVE-2016-1121, CVE-2016-1122, CVE-2016-4102, and CVE-2016-4107.
References
| ► | URL | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T22:38:41.617Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "90512",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/90512"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-303"
},
{
"name": "1035828",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1035828"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-05-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1045, CVE-2016-1046, CVE-2016-1047, CVE-2016-1048, CVE-2016-1049, CVE-2016-1050, CVE-2016-1051, CVE-2016-1052, CVE-2016-1053, CVE-2016-1054, CVE-2016-1056, CVE-2016-1057, CVE-2016-1058, CVE-2016-1059, CVE-2016-1060, CVE-2016-1061, CVE-2016-1065, CVE-2016-1066, CVE-2016-1067, CVE-2016-1068, CVE-2016-1069, CVE-2016-1070, CVE-2016-1075, CVE-2016-1094, CVE-2016-1121, CVE-2016-1122, CVE-2016-4102, and CVE-2016-4107."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-11-29T16:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "90512",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/90512"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-303"
},
{
"name": "1035828",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1035828"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-1055",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1045, CVE-2016-1046, CVE-2016-1047, CVE-2016-1048, CVE-2016-1049, CVE-2016-1050, CVE-2016-1051, CVE-2016-1052, CVE-2016-1053, CVE-2016-1054, CVE-2016-1056, CVE-2016-1057, CVE-2016-1058, CVE-2016-1059, CVE-2016-1060, CVE-2016-1061, CVE-2016-1065, CVE-2016-1066, CVE-2016-1067, CVE-2016-1068, CVE-2016-1069, CVE-2016-1070, CVE-2016-1075, CVE-2016-1094, CVE-2016-1121, CVE-2016-1122, CVE-2016-4102, and CVE-2016-4107."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "90512",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/90512"
},
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-16-303",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-303"
},
{
"name": "1035828",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2016-1055",
"datePublished": "2016-05-11T10:00:00",
"dateReserved": "2015-12-22T00:00:00",
"dateUpdated": "2024-08-05T22:38:41.617Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-3033 (GCVE-0-2017-3033)
Vulnerability from cvelistv5
Published
2017-04-12 14:00
Modified
2024-08-05 14:16
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Information Disclosure
Summary
Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have a memory address leak vulnerability when handling JPEG 2000 code-stream tile data.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier. |
Version: Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier. |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T14:16:27.461Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "97554",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/97554"
},
{
"name": "1038228",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1038228"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier.",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier."
}
]
}
],
"datePublic": "2017-04-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have a memory address leak vulnerability when handling JPEG 2000 code-stream tile data."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information Disclosure",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T09:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "97554",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/97554"
},
{
"name": "1038228",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1038228"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2017-3033",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier.",
"version": {
"version_data": [
{
"version_value": "Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier."
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have a memory address leak vulnerability when handling JPEG 2000 code-stream tile data."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information Disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "97554",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/97554"
},
{
"name": "1038228",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038228"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2017-3033",
"datePublished": "2017-04-12T14:00:00",
"dateReserved": "2016-12-02T00:00:00",
"dateUpdated": "2024-08-05T14:16:27.461Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-2955 (GCVE-0-2017-2955)
Vulnerability from cvelistv5
Published
2017-01-11 04:40
Modified
2024-08-05 14:09
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Use After Free
Summary
Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable use after free vulnerability in the JavaScript engine. Successful exploitation could lead to arbitrary code execution.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier. |
Version: Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier. |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T14:09:17.781Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1037574",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1037574"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html"
},
{
"name": "95343",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/95343"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier.",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier."
}
]
}
],
"datePublic": "2017-01-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable use after free vulnerability in the JavaScript engine. Successful exploitation could lead to arbitrary code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Use After Free",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-01-12T22:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "1037574",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1037574"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html"
},
{
"name": "95343",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/95343"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2017-2955",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier.",
"version": {
"version_data": [
{
"version_value": "Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier."
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable use after free vulnerability in the JavaScript engine. Successful exploitation could lead to arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use After Free"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1037574",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037574"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-01.html"
},
{
"name": "95343",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/95343"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2017-2955",
"datePublished": "2017-01-11T04:40:00",
"dateReserved": "2016-12-02T00:00:00",
"dateUpdated": "2024-08-05T14:09:17.781Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-4265 (GCVE-0-2016-4265)
Vulnerability from cvelistv5
Published
2016-08-26 19:00
Modified
2024-08-06 00:25
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4191, CVE-2016-4192, CVE-2016-4193, CVE-2016-4194, CVE-2016-4195, CVE-2016-4196, CVE-2016-4197, CVE-2016-4198, CVE-2016-4199, CVE-2016-4200, CVE-2016-4201, CVE-2016-4202, CVE-2016-4203, CVE-2016-4204, CVE-2016-4205, CVE-2016-4206, CVE-2016-4207, CVE-2016-4208, CVE-2016-4211, CVE-2016-4212, CVE-2016-4213, CVE-2016-4214, CVE-2016-4250, CVE-2016-4251, CVE-2016-4252, CVE-2016-4254, CVE-2016-4266, CVE-2016-4267, CVE-2016-4268, CVE-2016-4269, and CVE-2016-4270.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T00:25:13.736Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "92640",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/92640"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-488"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-08-23T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4191, CVE-2016-4192, CVE-2016-4193, CVE-2016-4194, CVE-2016-4195, CVE-2016-4196, CVE-2016-4197, CVE-2016-4198, CVE-2016-4199, CVE-2016-4200, CVE-2016-4201, CVE-2016-4202, CVE-2016-4203, CVE-2016-4204, CVE-2016-4205, CVE-2016-4206, CVE-2016-4207, CVE-2016-4208, CVE-2016-4211, CVE-2016-4212, CVE-2016-4213, CVE-2016-4214, CVE-2016-4250, CVE-2016-4251, CVE-2016-4252, CVE-2016-4254, CVE-2016-4266, CVE-2016-4267, CVE-2016-4268, CVE-2016-4269, and CVE-2016-4270."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-11-25T20:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "92640",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/92640"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-488"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-4265",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4191, CVE-2016-4192, CVE-2016-4193, CVE-2016-4194, CVE-2016-4195, CVE-2016-4196, CVE-2016-4197, CVE-2016-4198, CVE-2016-4199, CVE-2016-4200, CVE-2016-4201, CVE-2016-4202, CVE-2016-4203, CVE-2016-4204, CVE-2016-4205, CVE-2016-4206, CVE-2016-4207, CVE-2016-4208, CVE-2016-4211, CVE-2016-4212, CVE-2016-4213, CVE-2016-4214, CVE-2016-4250, CVE-2016-4251, CVE-2016-4252, CVE-2016-4254, CVE-2016-4266, CVE-2016-4267, CVE-2016-4268, CVE-2016-4269, and CVE-2016-4270."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "92640",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/92640"
},
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-16-488",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-488"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2016-4265",
"datePublished": "2016-08-26T19:00:00",
"dateReserved": "2016-04-27T00:00:00",
"dateUpdated": "2024-08-06T00:25:13.736Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-3115 (GCVE-0-2017-3115)
Vulnerability from cvelistv5
Published
2017-08-11 19:00
Modified
2024-09-17 02:01
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Information Disclosure
Summary
Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an information disclosure vulnerability when handling links in a PDF document.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Adobe Systems Incorporated | Acrobat Reader |
Version: 2017.009.20058 and earlier Version: 2017.008.30051 and earlier Version: 2015.006.30306 and earlier Version: 11.0.20 and earlier |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T14:16:27.953Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "100187",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/100187"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"name": "1039098",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1039098"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe Systems Incorporated",
"versions": [
{
"status": "affected",
"version": "2017.009.20058 and earlier"
},
{
"status": "affected",
"version": "2017.008.30051 and earlier"
},
{
"status": "affected",
"version": "2015.006.30306 and earlier"
},
{
"status": "affected",
"version": "11.0.20 and earlier"
}
]
}
],
"datePublic": "2017-08-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an information disclosure vulnerability when handling links in a PDF document."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information Disclosure",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-12T09:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "100187",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/100187"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"name": "1039098",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1039098"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2017-08-08T00:00:00",
"ID": "CVE-2017-3115",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_value": "2017.009.20058 and earlier"
},
{
"version_value": "2017.008.30051 and earlier"
},
{
"version_value": "2015.006.30306 and earlier"
},
{
"version_value": "11.0.20 and earlier"
}
]
}
}
]
},
"vendor_name": "Adobe Systems Incorporated"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an information disclosure vulnerability when handling links in a PDF document."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information Disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "100187",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/100187"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"name": "1039098",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039098"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2017-3115",
"datePublished": "2017-08-11T19:00:00Z",
"dateReserved": "2016-12-02T00:00:00",
"dateUpdated": "2024-09-17T02:01:04.905Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-1092 (GCVE-0-2016-1092)
Vulnerability from cvelistv5
Published
2016-05-11 10:00
Modified
2024-08-05 22:48
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to obtain sensitive information from process memory via unspecified vectors, a different vulnerability than CVE-2016-1079.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T22:48:12.078Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1035828",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1035828"
},
{
"name": "90511",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/90511"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-05-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to obtain sensitive information from process memory via unspecified vectors, a different vulnerability than CVE-2016-1079."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-11-29T16:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "1035828",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1035828"
},
{
"name": "90511",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/90511"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-1092",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to obtain sensitive information from process memory via unspecified vectors, a different vulnerability than CVE-2016-1079."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1035828",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"name": "90511",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/90511"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2016-1092",
"datePublished": "2016-05-11T10:00:00",
"dateReserved": "2015-12-22T00:00:00",
"dateUpdated": "2024-08-05T22:48:12.078Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-6974 (GCVE-0-2016-6974)
Vulnerability from cvelistv5
Published
2016-10-13 19:00
Modified
2024-08-06 01:50
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T01:50:46.074Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1036986",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1036986"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"name": "93496",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/93496"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-10-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-29T09:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "1036986",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1036986"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"name": "93496",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/93496"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-6974",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1036986",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"name": "93496",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93496"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2016-6974",
"datePublished": "2016-10-13T19:00:00",
"dateReserved": "2016-08-23T00:00:00",
"dateUpdated": "2024-08-06T01:50:46.074Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-4089 (GCVE-0-2016-4089)
Vulnerability from cvelistv5
Published
2016-05-11 10:00
Modified
2024-08-06 00:17
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T00:17:30.970Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1035828",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1035828"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-05-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-11-29T16:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "1035828",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1035828"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-4089",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1035828",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2016-4089",
"datePublished": "2016-05-11T10:00:00",
"dateReserved": "2016-04-27T00:00:00",
"dateUpdated": "2024-08-06T00:17:30.970Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-4267 (GCVE-0-2016-4267)
Vulnerability from cvelistv5
Published
2016-08-26 19:00
Modified
2024-08-06 00:25
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4191, CVE-2016-4192, CVE-2016-4193, CVE-2016-4194, CVE-2016-4195, CVE-2016-4196, CVE-2016-4197, CVE-2016-4198, CVE-2016-4199, CVE-2016-4200, CVE-2016-4201, CVE-2016-4202, CVE-2016-4203, CVE-2016-4204, CVE-2016-4205, CVE-2016-4206, CVE-2016-4207, CVE-2016-4208, CVE-2016-4211, CVE-2016-4212, CVE-2016-4213, CVE-2016-4214, CVE-2016-4250, CVE-2016-4251, CVE-2016-4252, CVE-2016-4254, CVE-2016-4265, CVE-2016-4266, CVE-2016-4268, CVE-2016-4269, and CVE-2016-4270.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T00:25:14.186Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-490"
},
{
"name": "92637",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/92637"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-08-23T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4191, CVE-2016-4192, CVE-2016-4193, CVE-2016-4194, CVE-2016-4195, CVE-2016-4196, CVE-2016-4197, CVE-2016-4198, CVE-2016-4199, CVE-2016-4200, CVE-2016-4201, CVE-2016-4202, CVE-2016-4203, CVE-2016-4204, CVE-2016-4205, CVE-2016-4206, CVE-2016-4207, CVE-2016-4208, CVE-2016-4211, CVE-2016-4212, CVE-2016-4213, CVE-2016-4214, CVE-2016-4250, CVE-2016-4251, CVE-2016-4252, CVE-2016-4254, CVE-2016-4265, CVE-2016-4266, CVE-2016-4268, CVE-2016-4269, and CVE-2016-4270."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-11-25T20:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-490"
},
{
"name": "92637",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/92637"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-4267",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4191, CVE-2016-4192, CVE-2016-4193, CVE-2016-4194, CVE-2016-4195, CVE-2016-4196, CVE-2016-4197, CVE-2016-4198, CVE-2016-4199, CVE-2016-4200, CVE-2016-4201, CVE-2016-4202, CVE-2016-4203, CVE-2016-4204, CVE-2016-4205, CVE-2016-4206, CVE-2016-4207, CVE-2016-4208, CVE-2016-4211, CVE-2016-4212, CVE-2016-4213, CVE-2016-4214, CVE-2016-4250, CVE-2016-4251, CVE-2016-4252, CVE-2016-4254, CVE-2016-4265, CVE-2016-4266, CVE-2016-4268, CVE-2016-4269, and CVE-2016-4270."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html"
},
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-16-490",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-490"
},
{
"name": "92637",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/92637"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2016-4267",
"datePublished": "2016-08-26T19:00:00",
"dateReserved": "2016-04-27T00:00:00",
"dateUpdated": "2024-08-06T00:25:14.186Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-4205 (GCVE-0-2016-4205)
Vulnerability from cvelistv5
Published
2016-07-13 01:00
Modified
2024-08-06 00:17
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4191, CVE-2016-4192, CVE-2016-4193, CVE-2016-4194, CVE-2016-4195, CVE-2016-4196, CVE-2016-4197, CVE-2016-4198, CVE-2016-4199, CVE-2016-4200, CVE-2016-4201, CVE-2016-4202, CVE-2016-4203, CVE-2016-4204, CVE-2016-4206, CVE-2016-4207, CVE-2016-4208, CVE-2016-4211, CVE-2016-4212, CVE-2016-4213, CVE-2016-4214, CVE-2016-4250, CVE-2016-4251, CVE-2016-4252, and CVE-2016-4254.
References
| ► | URL | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T00:17:31.312Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "40095",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/40095/"
},
{
"name": "91716",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/91716"
},
{
"name": "1036281",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1036281"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-07-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4191, CVE-2016-4192, CVE-2016-4193, CVE-2016-4194, CVE-2016-4195, CVE-2016-4196, CVE-2016-4197, CVE-2016-4198, CVE-2016-4199, CVE-2016-4200, CVE-2016-4201, CVE-2016-4202, CVE-2016-4203, CVE-2016-4204, CVE-2016-4206, CVE-2016-4207, CVE-2016-4208, CVE-2016-4211, CVE-2016-4212, CVE-2016-4213, CVE-2016-4214, CVE-2016-4250, CVE-2016-4251, CVE-2016-4252, and CVE-2016-4254."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-02T09:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "40095",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/40095/"
},
{
"name": "91716",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/91716"
},
{
"name": "1036281",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1036281"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-4205",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4191, CVE-2016-4192, CVE-2016-4193, CVE-2016-4194, CVE-2016-4195, CVE-2016-4196, CVE-2016-4197, CVE-2016-4198, CVE-2016-4199, CVE-2016-4200, CVE-2016-4201, CVE-2016-4202, CVE-2016-4203, CVE-2016-4204, CVE-2016-4206, CVE-2016-4207, CVE-2016-4208, CVE-2016-4211, CVE-2016-4212, CVE-2016-4213, CVE-2016-4214, CVE-2016-4250, CVE-2016-4251, CVE-2016-4252, and CVE-2016-4254."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "40095",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/40095/"
},
{
"name": "91716",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/91716"
},
{
"name": "1036281",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036281"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2016-4205",
"datePublished": "2016-07-13T01:00:00",
"dateReserved": "2016-04-27T00:00:00",
"dateUpdated": "2024-08-06T00:17:31.312Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-1120 (GCVE-0-2016-1120)
Vulnerability from cvelistv5
Published
2016-05-11 10:00
Modified
2024-08-05 22:48
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T22:48:13.156Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1035828",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1035828"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-05-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-11-29T16:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "1035828",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1035828"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-1120",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1035828",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2016-1120",
"datePublished": "2016-05-11T10:00:00",
"dateReserved": "2015-12-22T00:00:00",
"dateUpdated": "2024-08-05T22:48:13.156Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-11239 (GCVE-0-2017-11239)
Vulnerability from cvelistv5
Published
2017-08-11 19:00
Modified
2024-09-16 18:14
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Memory Corruption
Summary
Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conversion engine when processing Enhanced Metafile Format (EMF) data related to text strings. Successful exploitation could lead to arbitrary code execution.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Adobe Systems Incorporated | Acrobat Reader |
Version: 2017.009.20058 and earlier Version: 2017.008.30051 and earlier Version: 2015.006.30306 and earlier Version: 11.0.20 and earlier |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T18:05:29.945Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "100184",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/100184"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"name": "1039098",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1039098"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe Systems Incorporated",
"versions": [
{
"status": "affected",
"version": "2017.009.20058 and earlier"
},
{
"status": "affected",
"version": "2017.008.30051 and earlier"
},
{
"status": "affected",
"version": "2015.006.30306 and earlier"
},
{
"status": "affected",
"version": "11.0.20 and earlier"
}
]
}
],
"datePublic": "2017-08-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conversion engine when processing Enhanced Metafile Format (EMF) data related to text strings. Successful exploitation could lead to arbitrary code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Memory Corruption",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-12T09:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "100184",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/100184"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"name": "1039098",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1039098"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2017-08-08T00:00:00",
"ID": "CVE-2017-11239",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_value": "2017.009.20058 and earlier"
},
{
"version_value": "2017.008.30051 and earlier"
},
{
"version_value": "2015.006.30306 and earlier"
},
{
"version_value": "11.0.20 and earlier"
}
]
}
}
]
},
"vendor_name": "Adobe Systems Incorporated"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conversion engine when processing Enhanced Metafile Format (EMF) data related to text strings. Successful exploitation could lead to arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Memory Corruption"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "100184",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/100184"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"name": "1039098",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039098"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2017-11239",
"datePublished": "2017-08-11T19:00:00Z",
"dateReserved": "2017-07-13T00:00:00",
"dateUpdated": "2024-09-16T18:14:16.553Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-6947 (GCVE-0-2016-6947)
Vulnerability from cvelistv5
Published
2016-10-13 19:00
Modified
2024-08-06 01:43
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T01:43:38.761Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1036986",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1036986"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"name": "93496",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/93496"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-10-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-29T09:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "1036986",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1036986"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"name": "93496",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/93496"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-6947",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1036986",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"name": "93496",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93496"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2016-6947",
"datePublished": "2016-10-13T19:00:00",
"dateReserved": "2016-08-23T00:00:00",
"dateUpdated": "2024-08-06T01:43:38.761Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-11248 (GCVE-0-2017-11248)
Vulnerability from cvelistv5
Published
2017-08-11 19:00
Modified
2024-09-16 19:14
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Memory Corruption
Summary
Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conversion engine when processing Enhanced Metafile Format (EMF) data related to pixel block transfer. Successful exploitation could lead to arbitrary code execution.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Adobe Systems Incorporated | Acrobat Reader |
Version: 2017.009.20058 and earlier Version: 2017.008.30051 and earlier Version: 2015.006.30306 and earlier Version: 11.0.20 and earlier |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T18:05:29.975Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "100184",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/100184"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"name": "1039098",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1039098"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe Systems Incorporated",
"versions": [
{
"status": "affected",
"version": "2017.009.20058 and earlier"
},
{
"status": "affected",
"version": "2017.008.30051 and earlier"
},
{
"status": "affected",
"version": "2015.006.30306 and earlier"
},
{
"status": "affected",
"version": "11.0.20 and earlier"
}
]
}
],
"datePublic": "2017-08-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conversion engine when processing Enhanced Metafile Format (EMF) data related to pixel block transfer. Successful exploitation could lead to arbitrary code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Memory Corruption",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-12T09:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "100184",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/100184"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"name": "1039098",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1039098"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2017-08-08T00:00:00",
"ID": "CVE-2017-11248",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_value": "2017.009.20058 and earlier"
},
{
"version_value": "2017.008.30051 and earlier"
},
{
"version_value": "2015.006.30306 and earlier"
},
{
"version_value": "11.0.20 and earlier"
}
]
}
}
]
},
"vendor_name": "Adobe Systems Incorporated"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conversion engine when processing Enhanced Metafile Format (EMF) data related to pixel block transfer. Successful exploitation could lead to arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Memory Corruption"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "100184",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/100184"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"name": "1039098",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039098"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2017-11248",
"datePublished": "2017-08-11T19:00:00Z",
"dateReserved": "2017-07-13T00:00:00",
"dateUpdated": "2024-09-16T19:14:54.860Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-1072 (GCVE-0-2016-1072)
Vulnerability from cvelistv5
Published
2016-05-11 10:00
Modified
2024-08-05 22:38
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T22:38:41.752Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1035828",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1035828"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-320"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-05-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-11-29T16:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "1035828",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1035828"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-320"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-1072",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1035828",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-16-320",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-320"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2016-1072",
"datePublished": "2016-05-11T10:00:00",
"dateReserved": "2015-12-22T00:00:00",
"dateUpdated": "2024-08-05T22:38:41.752Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-6962 (GCVE-0-2016-6962)
Vulnerability from cvelistv5
Published
2016-10-13 19:00
Modified
2024-08-06 01:43
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1089, CVE-2016-1091, CVE-2016-6944, CVE-2016-6945, CVE-2016-6946, CVE-2016-6949, CVE-2016-6952, CVE-2016-6953, CVE-2016-6961, CVE-2016-6963, CVE-2016-6964, CVE-2016-6965, CVE-2016-6967, CVE-2016-6968, CVE-2016-6969, CVE-2016-6971, CVE-2016-6979, CVE-2016-6988, and CVE-2016-6993.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T01:43:38.839Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1036986",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1036986"
},
{
"name": "93491",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/93491"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-10-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1089, CVE-2016-1091, CVE-2016-6944, CVE-2016-6945, CVE-2016-6946, CVE-2016-6949, CVE-2016-6952, CVE-2016-6953, CVE-2016-6961, CVE-2016-6963, CVE-2016-6964, CVE-2016-6965, CVE-2016-6967, CVE-2016-6968, CVE-2016-6969, CVE-2016-6971, CVE-2016-6979, CVE-2016-6988, and CVE-2016-6993."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-29T09:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "1036986",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1036986"
},
{
"name": "93491",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/93491"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-6962",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1089, CVE-2016-1091, CVE-2016-6944, CVE-2016-6945, CVE-2016-6946, CVE-2016-6949, CVE-2016-6952, CVE-2016-6953, CVE-2016-6961, CVE-2016-6963, CVE-2016-6964, CVE-2016-6965, CVE-2016-6967, CVE-2016-6968, CVE-2016-6969, CVE-2016-6971, CVE-2016-6979, CVE-2016-6988, and CVE-2016-6993."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1036986",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"name": "93491",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93491"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2016-6962",
"datePublished": "2016-10-13T19:00:00",
"dateReserved": "2016-08-23T00:00:00",
"dateUpdated": "2024-08-06T01:43:38.839Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-4251 (GCVE-0-2016-4251)
Vulnerability from cvelistv5
Published
2016-07-13 01:00
Modified
2024-08-06 00:25
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4191, CVE-2016-4192, CVE-2016-4193, CVE-2016-4194, CVE-2016-4195, CVE-2016-4196, CVE-2016-4197, CVE-2016-4198, CVE-2016-4199, CVE-2016-4200, CVE-2016-4201, CVE-2016-4202, CVE-2016-4203, CVE-2016-4204, CVE-2016-4205, CVE-2016-4206, CVE-2016-4207, CVE-2016-4208, CVE-2016-4211, CVE-2016-4212, CVE-2016-4213, CVE-2016-4214, CVE-2016-4250, CVE-2016-4252, and CVE-2016-4254.
References
| ► | URL | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T00:25:13.834Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "91716",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/91716"
},
{
"name": "1036281",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1036281"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-421"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-07-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4191, CVE-2016-4192, CVE-2016-4193, CVE-2016-4194, CVE-2016-4195, CVE-2016-4196, CVE-2016-4197, CVE-2016-4198, CVE-2016-4199, CVE-2016-4200, CVE-2016-4201, CVE-2016-4202, CVE-2016-4203, CVE-2016-4204, CVE-2016-4205, CVE-2016-4206, CVE-2016-4207, CVE-2016-4208, CVE-2016-4211, CVE-2016-4212, CVE-2016-4213, CVE-2016-4214, CVE-2016-4250, CVE-2016-4252, and CVE-2016-4254."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-31T09:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "91716",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/91716"
},
{
"name": "1036281",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1036281"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-421"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-4251",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4191, CVE-2016-4192, CVE-2016-4193, CVE-2016-4194, CVE-2016-4195, CVE-2016-4196, CVE-2016-4197, CVE-2016-4198, CVE-2016-4199, CVE-2016-4200, CVE-2016-4201, CVE-2016-4202, CVE-2016-4203, CVE-2016-4204, CVE-2016-4205, CVE-2016-4206, CVE-2016-4207, CVE-2016-4208, CVE-2016-4211, CVE-2016-4212, CVE-2016-4213, CVE-2016-4214, CVE-2016-4250, CVE-2016-4252, and CVE-2016-4254."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "91716",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/91716"
},
{
"name": "1036281",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036281"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html"
},
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-16-421",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-421"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2016-4251",
"datePublished": "2016-07-13T01:00:00",
"dateReserved": "2016-04-27T00:00:00",
"dateUpdated": "2024-08-06T00:25:13.834Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-11243 (GCVE-0-2017-11243)
Vulnerability from cvelistv5
Published
2017-08-11 19:00
Modified
2024-09-16 17:27
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Memory Corruption
Summary
Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the XSLT engine. Successful exploitation could lead to arbitrary code execution.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Adobe Systems Incorporated | Acrobat Reader |
Version: 2017.009.20058 and earlier Version: 2017.008.30051 and earlier Version: 2015.006.30306 and earlier Version: 11.0.20 and earlier |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T18:05:30.586Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "100184",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/100184"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"name": "1039098",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1039098"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Acrobat Reader",
"vendor": "Adobe Systems Incorporated",
"versions": [
{
"status": "affected",
"version": "2017.009.20058 and earlier"
},
{
"status": "affected",
"version": "2017.008.30051 and earlier"
},
{
"status": "affected",
"version": "2015.006.30306 and earlier"
},
{
"status": "affected",
"version": "11.0.20 and earlier"
}
]
}
],
"datePublic": "2017-08-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the XSLT engine. Successful exploitation could lead to arbitrary code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Memory Corruption",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-12T09:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "100184",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/100184"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"name": "1039098",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1039098"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"DATE_PUBLIC": "2017-08-08T00:00:00",
"ID": "CVE-2017-11243",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Acrobat Reader",
"version": {
"version_data": [
{
"version_value": "2017.009.20058 and earlier"
},
{
"version_value": "2017.008.30051 and earlier"
},
{
"version_value": "2015.006.30306 and earlier"
},
{
"version_value": "11.0.20 and earlier"
}
]
}
}
]
},
"vendor_name": "Adobe Systems Incorporated"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the XSLT engine. Successful exploitation could lead to arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Memory Corruption"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "100184",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/100184"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html"
},
{
"name": "1039098",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039098"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2017-11243",
"datePublished": "2017-08-11T19:00:00Z",
"dateReserved": "2017-07-13T00:00:00",
"dateUpdated": "2024-09-16T17:27:37.369Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-1063 (GCVE-0-2016-1063)
Vulnerability from cvelistv5
Published
2016-05-11 10:00
Modified
2024-08-05 22:38
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T22:38:41.624Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-311"
},
{
"name": "1035828",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1035828"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-05-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-11-29T16:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-311"
},
{
"name": "1035828",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1035828"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-1063",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-16-311",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-311"
},
{
"name": "1035828",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2016-1063",
"datePublished": "2016-05-11T10:00:00",
"dateReserved": "2015-12-22T00:00:00",
"dateUpdated": "2024-08-05T22:38:41.624Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-1082 (GCVE-0-2016-1082)
Vulnerability from cvelistv5
Published
2016-05-11 10:00
Modified
2024-08-05 22:38
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T22:38:41.620Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1035828",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1035828"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-05-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-11-29T16:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "1035828",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1035828"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-1082",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1035828",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2016-1082",
"datePublished": "2016-05-11T10:00:00",
"dateReserved": "2015-12-22T00:00:00",
"dateUpdated": "2024-08-05T22:38:41.620Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-4104 (GCVE-0-2016-4104)
Vulnerability from cvelistv5
Published
2016-05-11 10:00
Modified
2024-08-06 00:17
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, and CVE-2016-4105.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T00:17:30.876Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1035828",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1035828"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-05-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, and CVE-2016-4105."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-11-29T16:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "1035828",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1035828"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-4104",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, and CVE-2016-4105."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1035828",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2016-4104",
"datePublished": "2016-05-11T10:00:00",
"dateReserved": "2016-04-27T00:00:00",
"dateUpdated": "2024-08-06T00:17:30.876Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-3041 (GCVE-0-2017-3041)
Vulnerability from cvelistv5
Published
2017-04-12 14:00
Modified
2024-08-05 14:16
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Memory Corruption
Summary
Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability when parsing font data in the MakeAccessible plugin. Successful exploitation could lead to arbitrary code execution.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier. |
Version: Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier. |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T14:16:26.334Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1038228",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1038228"
},
{
"name": "97556",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/97556"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier.",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier."
}
]
}
],
"datePublic": "2017-04-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability when parsing font data in the MakeAccessible plugin. Successful exploitation could lead to arbitrary code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Memory Corruption",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T09:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "1038228",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1038228"
},
{
"name": "97556",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/97556"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2017-3041",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier.",
"version": {
"version_data": [
{
"version_value": "Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier."
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability when parsing font data in the MakeAccessible plugin. Successful exploitation could lead to arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Memory Corruption"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1038228",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038228"
},
{
"name": "97556",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/97556"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2017-3041",
"datePublished": "2017-04-12T14:00:00",
"dateReserved": "2016-12-02T00:00:00",
"dateUpdated": "2024-08-05T14:16:26.334Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-3030 (GCVE-0-2017-3030)
Vulnerability from cvelistv5
Published
2017-04-12 14:00
Modified
2024-08-05 14:16
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Memory Corruption
Summary
Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability in the AES module. Successful exploitation could lead to arbitrary code execution.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier. |
Version: Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier. |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T14:16:26.286Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1038228",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1038228"
},
{
"name": "97556",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/97556"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier.",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier."
}
]
}
],
"datePublic": "2017-04-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability in the AES module. Successful exploitation could lead to arbitrary code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Memory Corruption",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T09:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "1038228",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1038228"
},
{
"name": "97556",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/97556"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2017-3030",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier.",
"version": {
"version_data": [
{
"version_value": "Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier."
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability in the AES module. Successful exploitation could lead to arbitrary code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Memory Corruption"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1038228",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038228"
},
{
"name": "97556",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/97556"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-11.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2017-3030",
"datePublished": "2017-04-12T14:00:00",
"dateReserved": "2016-12-02T00:00:00",
"dateUpdated": "2024-08-05T14:16:26.286Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2009-1493 (GCVE-0-2009-1493)
Vulnerability from cvelistv5
Published
2009-04-30 20:00
Modified
2024-08-07 05:13
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The customDictionaryOpen spell method in the JavaScript API in Adobe Reader 9.1, 8.1.4, 7.1.1, and earlier on Linux and UNIX allows remote attackers to cause a denial of service (memory corruption) or execute arbitrary code via a PDF file that triggers a call to this method with a long string in the second argument.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T05:13:25.583Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "34740",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/34740"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://blogs.adobe.com/psirt/2009/05/adobe_reader_issue_update.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL\u0026id=926953"
},
{
"name": "35734",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/35734"
},
{
"name": "TA09-133B",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA09-133B.html"
},
{
"name": "8570",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/8570"
},
{
"name": "ADV-2009-1189",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/1189"
},
{
"name": "reader-spellcustom-code-execution(50146)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50146"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.adobe.com/support/security/bulletins/apsb09-06.html"
},
{
"name": "SUSE-SR:2009:011",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00003.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://blogs.adobe.com/psirt/2009/04/update_on_adobe_reader_issue.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstorm.linuxsecurity.com/0904-exploits/spell.txt"
},
{
"name": "54129",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/54129"
},
{
"name": "GLSA-200907-06",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200907-06.xml"
},
{
"name": "259028",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT",
"x_transferred"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-259028-1"
},
{
"name": "SUSE-SA:2009:027",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00001.html"
},
{
"name": "34924",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34924"
},
{
"name": "ADV-2009-1317",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/1317"
},
{
"name": "1022139",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1022139"
},
{
"name": "35358",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/35358"
},
{
"name": "35055",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/35055"
},
{
"name": "VU#970180",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/970180"
},
{
"name": "35416",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/35416"
},
{
"name": "RHSA-2009:0478",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-0478.html"
},
{
"name": "35096",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/35096"
},
{
"name": "35152",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/35152"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-04-27T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The customDictionaryOpen spell method in the JavaScript API in Adobe Reader 9.1, 8.1.4, 7.1.1, and earlier on Linux and UNIX allows remote attackers to cause a denial of service (memory corruption) or execute arbitrary code via a PDF file that triggers a call to this method with a long string in the second argument."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "34740",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/34740"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://blogs.adobe.com/psirt/2009/05/adobe_reader_issue_update.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL\u0026id=926953"
},
{
"name": "35734",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/35734"
},
{
"name": "TA09-133B",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA09-133B.html"
},
{
"name": "8570",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/8570"
},
{
"name": "ADV-2009-1189",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/1189"
},
{
"name": "reader-spellcustom-code-execution(50146)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50146"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.adobe.com/support/security/bulletins/apsb09-06.html"
},
{
"name": "SUSE-SR:2009:011",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00003.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://blogs.adobe.com/psirt/2009/04/update_on_adobe_reader_issue.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstorm.linuxsecurity.com/0904-exploits/spell.txt"
},
{
"name": "54129",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/54129"
},
{
"name": "GLSA-200907-06",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200907-06.xml"
},
{
"name": "259028",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-259028-1"
},
{
"name": "SUSE-SA:2009:027",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00001.html"
},
{
"name": "34924",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34924"
},
{
"name": "ADV-2009-1317",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/1317"
},
{
"name": "1022139",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1022139"
},
{
"name": "35358",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/35358"
},
{
"name": "35055",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/35055"
},
{
"name": "VU#970180",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/970180"
},
{
"name": "35416",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/35416"
},
{
"name": "RHSA-2009:0478",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-0478.html"
},
{
"name": "35096",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/35096"
},
{
"name": "35152",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/35152"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-1493",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The customDictionaryOpen spell method in the JavaScript API in Adobe Reader 9.1, 8.1.4, 7.1.1, and earlier on Linux and UNIX allows remote attackers to cause a denial of service (memory corruption) or execute arbitrary code via a PDF file that triggers a call to this method with a long string in the second argument."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "34740",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/34740"
},
{
"name": "http://blogs.adobe.com/psirt/2009/05/adobe_reader_issue_update.html",
"refsource": "CONFIRM",
"url": "http://blogs.adobe.com/psirt/2009/05/adobe_reader_issue_update.html"
},
{
"name": "http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL\u0026id=926953",
"refsource": "CONFIRM",
"url": "http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL\u0026id=926953"
},
{
"name": "35734",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/35734"
},
{
"name": "TA09-133B",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA09-133B.html"
},
{
"name": "8570",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/8570"
},
{
"name": "ADV-2009-1189",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/1189"
},
{
"name": "reader-spellcustom-code-execution(50146)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50146"
},
{
"name": "http://www.adobe.com/support/security/bulletins/apsb09-06.html",
"refsource": "CONFIRM",
"url": "http://www.adobe.com/support/security/bulletins/apsb09-06.html"
},
{
"name": "SUSE-SR:2009:011",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00003.html"
},
{
"name": "http://blogs.adobe.com/psirt/2009/04/update_on_adobe_reader_issue.html",
"refsource": "MISC",
"url": "http://blogs.adobe.com/psirt/2009/04/update_on_adobe_reader_issue.html"
},
{
"name": "http://packetstorm.linuxsecurity.com/0904-exploits/spell.txt",
"refsource": "MISC",
"url": "http://packetstorm.linuxsecurity.com/0904-exploits/spell.txt"
},
{
"name": "54129",
"refsource": "OSVDB",
"url": "http://osvdb.org/54129"
},
{
"name": "GLSA-200907-06",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200907-06.xml"
},
{
"name": "259028",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-259028-1"
},
{
"name": "SUSE-SA:2009:027",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00001.html"
},
{
"name": "34924",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34924"
},
{
"name": "ADV-2009-1317",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/1317"
},
{
"name": "1022139",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1022139"
},
{
"name": "35358",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/35358"
},
{
"name": "35055",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/35055"
},
{
"name": "VU#970180",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/970180"
},
{
"name": "35416",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/35416"
},
{
"name": "RHSA-2009:0478",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2009-0478.html"
},
{
"name": "35096",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/35096"
},
{
"name": "35152",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/35152"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-1493",
"datePublished": "2009-04-30T20:00:00",
"dateReserved": "2009-04-30T00:00:00",
"dateUpdated": "2024-08-07T05:13:25.583Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}