Adobe Acrobat Reader up to 11.0.17/15.006.30201/15.017.20053 memory corruption

A vulnerability, which was classified as critical, was found in Adobe Acrobat Reader up to 11.0.17/15.006.30201/15.017.20053 (Document Reader Software). Affected is some unknown functionality. Upgrading to version 11.0.18, 15.006.30243 or 15.020.20039 eliminates this vulnerability. A possible mitigation has been published immediately after the disclosure of the vulnerability.

Field04/07/2017 11:07 AM09/23/2022 03:01 PM09/23/2022 03:02 PM
typeDocument Reader SoftwareDocument Reader SoftwareDocument Reader Software
vendorAdobeAdobeAdobe
nameAcrobat ReaderAcrobat ReaderAcrobat Reader
version<=11.0.17/15.006.30201/15.017.20053<=11.0.17/15.006.30201/15.017.20053<=11.0.17/15.006.30201/15.017.20053
cwe119 (memory corruption)119 (memory corruption)119 (memory corruption)
risk222
historic000
cvss2_vuldb_basescore6.86.86.8
cvss2_vuldb_tempscore5.95.95.9
cvss2_vuldb_avNNN
cvss2_vuldb_acMMM
cvss2_vuldb_auNNN
cvss2_vuldb_ciPPP
cvss2_vuldb_iiPPP
cvss2_vuldb_aiPPP
cvss2_nvd_avNNN
cvss2_nvd_acLLL
cvss2_nvd_auNNN
cvss2_nvd_ciCCC
cvss2_nvd_iiCCC
cvss2_nvd_aiCCC
cvss3_meta_basescore8.08.08.0
cvss3_meta_tempscore7.77.97.9
cvss3_vuldb_basescore6.36.36.3
cvss3_vuldb_tempscore6.06.06.0
cvss3_vuldb_avNNN
cvss3_vuldb_acLLL
cvss3_vuldb_prNNN
cvss3_vuldb_uiRRR
cvss3_vuldb_sUUU
cvss3_vuldb_cLLL
cvss3_vuldb_iLLL
cvss3_vuldb_aLLL
date1475712000 (10/06/2016)1475712000 (10/06/2016)1475712000 (10/06/2016)
locationWebsiteWebsiteWebsite
typeSecurity BulletinSecurity BulletinSecurity Bulletin
urlhttps://helpx.adobe.com/security/products/acrobat/apsb16-33.htmlhttps://helpx.adobe.com/security/products/acrobat/apsb16-33.htmlhttps://helpx.adobe.com/security/products/acrobat/apsb16-33.html
identifierAPSB16-33APSB16-33APSB16-33
disputed000
freeformdeDas Hersteller-Advisory zeigt auf, dass es eigentlich am 06. Oktober 2016 veröffentlicht wurde. Es macht aber den Anschein, dass dies erst im Zuge des 11. Oktober 2016 geschehen ist.Das Hersteller-Advisory zeigt auf, dass es eigentlich am 06. Oktober 2016 veröffentlicht wurde. Es macht aber den Anschein, dass dies erst im Zuge des 11. Oktober 2016 geschehen ist.Das Hersteller-Advisory zeigt auf, dass es eigentlich am 06. Oktober 2016 veröffentlicht wurde. Es macht aber den Anschein, dass dies erst im Zuge des 11. Oktober 2016 geschehen ist.
freeformenThe vendor advisory states that the initial disclosure was October 6, 2016. But it appears that the advisory got released on October 11, 2016 to the public.The vendor advisory states that the initial disclosure was October 6, 2016. But it appears that the advisory got released on October 11, 2016 to the public.The vendor advisory states that the initial disclosure was October 6, 2016. But it appears that the advisory got released on October 11, 2016 to the public.
price_0day$25k-$100k$25k-$100k$25k-$100k
nameUpgradeUpgradeUpgrade
date1475712000 (10/06/2016)1475712000 (10/06/2016)1475712000 (10/06/2016)
upgrade_version11.0.18/15.006.30243/15.020.2003911.0.18/15.006.30243/15.020.2003911.0.18/15.006.30243/15.020.20039
cveCVE-2016-6943CVE-2016-6943CVE-2016-6943
cve_nvd_published147631680014763168001476316800
securityfocus_titleAdobe Acrobat and Reader APSB16-33 Multiple Memory Corruption VulnerabilitiesAdobe Acrobat and Reader APSB16-33 Multiple Memory Corruption VulnerabilitiesAdobe Acrobat and Reader APSB16-33 Multiple Memory Corruption Vulnerabilities
sectracker103698610369861036986
sectracker_date1476144000 (10/11/2016)1476144000 (10/11/2016)1476144000 (10/11/2016)
sectracker_titleAdobe Acrobat/Reader Multiple Flaws Let Remote Users Bypass Security Restrictions and Execute Arbitrary CodeAdobe Acrobat/Reader Multiple Flaws Let Remote Users Bypass Security Restrictions and Execute Arbitrary CodeAdobe Acrobat/Reader Multiple Flaws Let Remote Users Bypass Security Restrictions and Execute Arbitrary Code
sectracker_causeAccess control errorAccess control errorAccess control error
nessus_id940749407494074
nessus_nameAdobe Reader < 11.0.18 / 15.006.30243 / 15.020.20039 Multiple Vulnerabilities (APSB16-33) (macOS)Adobe Reader < 11.0.18 / 15.006.30243 / 15.020.20039 Multiple Vulnerabilities (APSB16-33) (macOS)Adobe Reader < 11.0.18 / 15.006.30243 / 15.020.20039 Multiple Vulnerabilities (APSB16-33) (macOS)
nessus_filenamemacosx_adobe_reader_apsb16-33.naslmacosx_adobe_reader_apsb16-33.naslmacosx_adobe_reader_apsb16-33.nasl
nessus_familyMacOS X Local Security ChecksMacOS X Local Security ChecksMacOS X Local Security Checks
openvas_id861284861284861284
openvas_filenamegb_adobe_acrobat_apsb16-33_macosx.naslgb_adobe_acrobat_apsb16-33_macosx.naslgb_adobe_acrobat_apsb16-33_macosx.nasl
openvas_titleAdobe Acrobat Security Updates(apsb16-33)-MAC OS XAdobe Acrobat Security Updates(apsb16-33)-MAC OS XAdobe Acrobat Security Updates(apsb16-33)-MAC OS X
openvas_familyGeneralGeneralGeneral
qualys_id370154370154370154
qualys_titleAdobe Reader and Acrobat Multiple Vulnerabilities (APSB16-33)Adobe Reader and Acrobat Multiple Vulnerabilities (APSB16-33)Adobe Reader and Acrobat Multiple Vulnerabilities (APSB16-33)
seealso92615 92616 92617 92618 92619 92620 92621 92622 92623 92624 92625 92626 92627 92628 92629 92630 92631 92632 92633 92634 92635 92636 92637 92638 92639 92641 92642 92643 92644 9264592615 92616 92617 92618 92619 92620 92621 92622 92623 92624 92625 92626 92627 92628 92629 92630 92631 92632 92633 92634 92635 92636 92637 92638 92639 92641 92642 92643 92644 9264592615 92616 92617 92618 92619 92620 92621 92622 92623 92624 92625 92626 92627 92628 92629 92630 92631 92632 92633 92634 92635 92636 92637 92638 92639 92641 92642 92643 92644 92645
cvss2_vuldb_eNDNDND
cvss2_vuldb_rlOFOFOF
cvss2_vuldb_rcCCC
cvss3_vuldb_eXXX
cvss3_vuldb_rlOOO
cvss3_vuldb_rcCCC
cvss3_nvd_basescore9.89.89.8
cvss3_nvd_avNNN
cvss3_nvd_acLLL
cvss3_nvd_prNNN
cvss3_nvd_uiNNN
cvss3_nvd_sUUU
cvss3_nvd_cHHH
cvss3_nvd_iHHH
cvss3_nvd_aHHH
person_nameSebastian ApeltSebastian ApeltSebastian Apelt
company_nameFortinet's FortiGuard LabsFortinet's FortiGuard LabsFortinet's FortiGuard Labs
confirm_urlhttps://helpx.adobe.com/security/products/acrobat/apsb16-33.htmlhttps://helpx.adobe.com/security/products/acrobat/apsb16-33.htmlhttps://helpx.adobe.com/security/products/acrobat/apsb16-33.html
cve_assigned1471910400 (08/23/2016)1471910400 (08/23/2016)1471910400 (08/23/2016)
securityfocus934969349693496
securityfocus_date1476144000 (10/11/2016)1476144000 (10/11/2016)1476144000 (10/11/2016)
securityfocus_classInput Validation ErrorInput Validation ErrorInput Validation Error
cve_nvd_summaryAdobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019.Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019.
cvss2_nvd_basescore10.010.0
nessus_riskCritical

Might our Artificial Intelligence support you?

Check our Alexa App!