CVE-2016-1007
Adobe Reader DC Uninitialized Memory Remote Code Execution Vulnerability
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
Adobe Reader and Acrobat before 11.0.15, Acrobat and Acrobat Reader DC Classic before 15.006.30121, and Acrobat and Acrobat Reader DC Continuous before 15.010.20060 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1009.
Adobe Reader y Acrobat en versiones anteriores a 11.0.15, Acrobat y Acrobat Reader DC Classic en versiones anteriores a 15.006.30121, y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 15.010.20060 on Windows y OS X permiten a atacantes ejecutar código arbitrario o provocar una denegación de servicio (corrupción de memoria) a través de vectores no especificados, una vulnerabilidad diferente a CVE-2016-1009.
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the handling of annotation gestures. The issue lies in the failure to properly initialize the gestures property prior to using it, leading to memory corruption. An attacker can leverage this vulnerability to execute arbitrary code under the context of the current process.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2015-12-22 CVE Reserved
- 2016-03-08 CVE Published
- 2024-08-05 CVE Updated
- 2024-11-14 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer
CAPEC
References (4)
| URL | Tag | Source |
|---|---|---|
| http://www.securityfocus.com/bid/84215 | Vdb Entry | |
| http://www.securitytracker.com/id/1035199 | Vdb Entry | |
| http://www.zerodayinitiative.com/advisories/ZDI-16-189 | X_refsource_misc |
|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb16-09.html | 2016-12-03 |
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Adobe Search vendor "Adobe" | Acrobat Search vendor "Adobe" for product "Acrobat" | <= 11.0.14 Search vendor "Adobe" for product "Acrobat" and version " <= 11.0.14" | - |
Affected
| in | Apple Search vendor "Apple" | Mac Os X Search vendor "Apple" for product "Mac Os X" | * | - |
Safe
|
| Adobe Search vendor "Adobe" | Acrobat Search vendor "Adobe" for product "Acrobat" | <= 11.0.14 Search vendor "Adobe" for product "Acrobat" and version " <= 11.0.14" | - |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows Search vendor "Microsoft" for product "Windows" | * | - |
Safe
|
| Adobe Search vendor "Adobe" | Acrobat Dc Search vendor "Adobe" for product "Acrobat Dc" | <= 15.006.30119 Search vendor "Adobe" for product "Acrobat Dc" and version " <= 15.006.30119" | classic |
Affected
| in | Apple Search vendor "Apple" | Mac Os X Search vendor "Apple" for product "Mac Os X" | * | - |
Safe
|
| Adobe Search vendor "Adobe" | Acrobat Dc Search vendor "Adobe" for product "Acrobat Dc" | <= 15.006.30119 Search vendor "Adobe" for product "Acrobat Dc" and version " <= 15.006.30119" | classic |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows Search vendor "Microsoft" for product "Windows" | * | - |
Safe
|
| Adobe Search vendor "Adobe" | Acrobat Dc Search vendor "Adobe" for product "Acrobat Dc" | <= 15.010.20059 Search vendor "Adobe" for product "Acrobat Dc" and version " <= 15.010.20059" | continuous |
Affected
| in | Apple Search vendor "Apple" | Mac Os X Search vendor "Apple" for product "Mac Os X" | * | - |
Safe
|
| Adobe Search vendor "Adobe" | Acrobat Dc Search vendor "Adobe" for product "Acrobat Dc" | <= 15.010.20059 Search vendor "Adobe" for product "Acrobat Dc" and version " <= 15.010.20059" | continuous |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows Search vendor "Microsoft" for product "Windows" | * | - |
Safe
|
| Adobe Search vendor "Adobe" | Acrobat Reader Search vendor "Adobe" for product "Acrobat Reader" | <= 11.0.14 Search vendor "Adobe" for product "Acrobat Reader" and version " <= 11.0.14" | - |
Affected
| in | Apple Search vendor "Apple" | Mac Os X Search vendor "Apple" for product "Mac Os X" | * | - |
Safe
|
| Adobe Search vendor "Adobe" | Acrobat Reader Search vendor "Adobe" for product "Acrobat Reader" | <= 11.0.14 Search vendor "Adobe" for product "Acrobat Reader" and version " <= 11.0.14" | - |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows Search vendor "Microsoft" for product "Windows" | * | - |
Safe
|
| Adobe Search vendor "Adobe" | Acrobat Reader Dc Search vendor "Adobe" for product "Acrobat Reader Dc" | <= 15.006.30119 Search vendor "Adobe" for product "Acrobat Reader Dc" and version " <= 15.006.30119" | classic |
Affected
| in | Apple Search vendor "Apple" | Mac Os X Search vendor "Apple" for product "Mac Os X" | * | - |
Safe
|
| Adobe Search vendor "Adobe" | Acrobat Reader Dc Search vendor "Adobe" for product "Acrobat Reader Dc" | <= 15.006.30119 Search vendor "Adobe" for product "Acrobat Reader Dc" and version " <= 15.006.30119" | classic |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows Search vendor "Microsoft" for product "Windows" | * | - |
Safe
|
| Adobe Search vendor "Adobe" | Acrobat Reader Dc Search vendor "Adobe" for product "Acrobat Reader Dc" | <= 15.010.20059 Search vendor "Adobe" for product "Acrobat Reader Dc" and version " <= 15.010.20059" | continuous |
Affected
| in | Apple Search vendor "Apple" | Mac Os X Search vendor "Apple" for product "Mac Os X" | * | - |
Safe
|
| Adobe Search vendor "Adobe" | Acrobat Reader Dc Search vendor "Adobe" for product "Acrobat Reader Dc" | <= 15.010.20059 Search vendor "Adobe" for product "Acrobat Reader Dc" and version " <= 15.010.20059" | continuous |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows Search vendor "Microsoft" for product "Windows" | * | - |
Safe
|