CVE-2016-4208
Adobe Acrobat Reader DC 15.016.20045 - Invalid Font '.ttf' Memory Corruption
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
1Exploited in Wild
-Decision
Descriptions
Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4191, CVE-2016-4192, CVE-2016-4193, CVE-2016-4194, CVE-2016-4195, CVE-2016-4196, CVE-2016-4197, CVE-2016-4198, CVE-2016-4199, CVE-2016-4200, CVE-2016-4201, CVE-2016-4202, CVE-2016-4203, CVE-2016-4204, CVE-2016-4205, CVE-2016-4206, CVE-2016-4207, CVE-2016-4211, CVE-2016-4212, CVE-2016-4213, CVE-2016-4214, CVE-2016-4250, CVE-2016-4251, CVE-2016-4252, and CVE-2016-4254.
Adobe Reader y Acrobat en versiones anteriores a 11.0.17, Acrobat y Acrobat Reader DC Classic en versiones anteriores a 15.006.30198 y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 15.017.20050 en Windows y OS X permiten a atacantes ejecutar código arbitrario o provocar una denegación de servicio (corrupción de memoria) a través de vectores no especificados, una vulnerabilidad diferente a CVE-2016-4191, CVE-2016-4192, CVE-2016-4193, CVE-2016-4194, CVE-2016-4195, CVE-2016-4196, CVE-2016-4197, CVE-2016-4198, CVE-2016-4199, CVE-2016-4200, CVE-2016-4201, CVE-2016-4202, CVE-2016-4203, CVE-2016-4204, CVE-2016-4205, CVE-2016-4206, CVE-2016-4207, CVE-2016-4211, CVE-2016-4212, CVE-2016-4213, CVE-2016-4214, CVE-2016-4250, CVE-2016-4251, CVE-2016-4252 y CVE-2016-4254.
Adobe Acrobat Reader DC version 15.016.20045 suffers from multiple memory corruption vulnerabilities while handling font (.ttf) files. Adobe is offering support for this issue here: https://forums.adobe.com/community/adobe_reader_forums.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2016-04-27 CVE Reserved
- 2016-07-13 CVE Published
- 2024-05-05 EPSS Updated
- 2024-08-06 CVE Updated
- 2024-08-06 First Exploit
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer
CAPEC
References (4)
URL | Tag | Source |
---|---|---|
http://www.securityfocus.com/bid/91716 | Vdb Entry | |
http://www.securitytracker.com/id/1036281 | Vdb Entry |
URL | Date | SRC |
---|---|---|
https://www.exploit-db.com/exploits/40098 | 2024-08-06 |
URL | Date | SRC |
---|---|---|
https://helpx.adobe.com/security/products/acrobat/apsb16-26.html | 2017-09-03 |
URL | Date | SRC |
---|
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Adobe Search vendor "Adobe" | Acrobat Search vendor "Adobe" for product "Acrobat" | <= 11.0.16 Search vendor "Adobe" for product "Acrobat" and version " <= 11.0.16" | - |
Affected
| in | Apple Search vendor "Apple" | Mac Os X Search vendor "Apple" for product "Mac Os X" | * | - |
Safe
|
Adobe Search vendor "Adobe" | Acrobat Search vendor "Adobe" for product "Acrobat" | <= 11.0.16 Search vendor "Adobe" for product "Acrobat" and version " <= 11.0.16" | - |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows Search vendor "Microsoft" for product "Windows" | * | - |
Safe
|
Adobe Search vendor "Adobe" | Acrobat Dc Search vendor "Adobe" for product "Acrobat Dc" | <= 15.006.30174 Search vendor "Adobe" for product "Acrobat Dc" and version " <= 15.006.30174" | classic |
Affected
| in | Apple Search vendor "Apple" | Mac Os X Search vendor "Apple" for product "Mac Os X" | * | - |
Safe
|
Adobe Search vendor "Adobe" | Acrobat Dc Search vendor "Adobe" for product "Acrobat Dc" | <= 15.006.30174 Search vendor "Adobe" for product "Acrobat Dc" and version " <= 15.006.30174" | classic |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows Search vendor "Microsoft" for product "Windows" | * | - |
Safe
|
Adobe Search vendor "Adobe" | Acrobat Dc Search vendor "Adobe" for product "Acrobat Dc" | <= 15.016.20045 Search vendor "Adobe" for product "Acrobat Dc" and version " <= 15.016.20045" | continuous |
Affected
| in | Apple Search vendor "Apple" | Mac Os X Search vendor "Apple" for product "Mac Os X" | * | - |
Safe
|
Adobe Search vendor "Adobe" | Acrobat Dc Search vendor "Adobe" for product "Acrobat Dc" | <= 15.016.20045 Search vendor "Adobe" for product "Acrobat Dc" and version " <= 15.016.20045" | continuous |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows Search vendor "Microsoft" for product "Windows" | * | - |
Safe
|
Adobe Search vendor "Adobe" | Acrobat Reader Dc Search vendor "Adobe" for product "Acrobat Reader Dc" | <= 15.006.30174 Search vendor "Adobe" for product "Acrobat Reader Dc" and version " <= 15.006.30174" | classic |
Affected
| in | Apple Search vendor "Apple" | Mac Os X Search vendor "Apple" for product "Mac Os X" | * | - |
Safe
|
Adobe Search vendor "Adobe" | Acrobat Reader Dc Search vendor "Adobe" for product "Acrobat Reader Dc" | <= 15.006.30174 Search vendor "Adobe" for product "Acrobat Reader Dc" and version " <= 15.006.30174" | classic |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows Search vendor "Microsoft" for product "Windows" | * | - |
Safe
|
Adobe Search vendor "Adobe" | Acrobat Reader Dc Search vendor "Adobe" for product "Acrobat Reader Dc" | <= 15.016.20045 Search vendor "Adobe" for product "Acrobat Reader Dc" and version " <= 15.016.20045" | continuous |
Affected
| in | Apple Search vendor "Apple" | Mac Os X Search vendor "Apple" for product "Mac Os X" | * | - |
Safe
|
Adobe Search vendor "Adobe" | Acrobat Reader Dc Search vendor "Adobe" for product "Acrobat Reader Dc" | <= 15.016.20045 Search vendor "Adobe" for product "Acrobat Reader Dc" and version " <= 15.016.20045" | continuous |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows Search vendor "Microsoft" for product "Windows" | * | - |
Safe
|
Adobe Search vendor "Adobe" | Reader Search vendor "Adobe" for product "Reader" | <= 11.0.16 Search vendor "Adobe" for product "Reader" and version " <= 11.0.16" | - |
Affected
| in | Apple Search vendor "Apple" | Mac Os X Search vendor "Apple" for product "Mac Os X" | * | - |
Safe
|
Adobe Search vendor "Adobe" | Reader Search vendor "Adobe" for product "Reader" | <= 11.0.16 Search vendor "Adobe" for product "Reader" and version " <= 11.0.16" | - |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows Search vendor "Microsoft" for product "Windows" | * | - |
Safe
|