cvelistv5 - cve-2016-4209

CVE-2016-4209 (GCVE-0-2016-4209)

Vulnerability from cvelistv5 – Published: 2016-07-13 01:00 – Updated: 2024-08-06 00:25

Summary

Severity ?

No CVSS data available.

CWE

Assigner

adobe

References

URL

Tags

	http://www.securityfocus.com/bid/91711	vdb-entryx_refsource_BID
	http://www.securitytracker.com/id/1036281	vdb-entryx_refsource_SECTRACK
	https://helpx.adobe.com/security/products/acrobat…	x_refsource_CONFIRM

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T00:25:12.820Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "91711",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/91711"
          },
          {
            "name": "1036281",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1036281"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-07-12T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Heap-based buffer overflow in Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-08-31T09:57:01",
        "orgId": "078d4453-3bcd-4900-85e6-15281da43538",
        "shortName": "adobe"
      },
      "references": [
        {
          "name": "91711",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/91711"
        },
        {
          "name": "1036281",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1036281"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@adobe.com",
          "ID": "CVE-2016-4209",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Heap-based buffer overflow in Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "91711",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/91711"
            },
            {
              "name": "1036281",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1036281"
            },
            {
              "name": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html",
              "refsource": "CONFIRM",
              "url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
    "assignerShortName": "adobe",
    "cveId": "CVE-2016-4209",
    "datePublished": "2016-07-13T01:00:00",
    "dateReserved": "2016-04-27T00:00:00",
    "dateUpdated": "2024-08-06T00:25:12.820Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0FF5999A-9D12-4CDD-8DE9-A89C10B2D574\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2CF61F35-5905-4BA9-AD7E-7DB261D2F256\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"11.0.16\", \"matchCriteriaId\": \"48F7FCE4-6C44-45DA-B1F0-7808F497AA93\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*\", \"versionEndIncluding\": \"15.006.30174\", \"matchCriteriaId\": \"3F3C7F23-77F4-4698-8E74-72917F2A83E9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*\", \"versionEndIncluding\": \"15.016.20045\", \"matchCriteriaId\": \"2E46BF91-F475-46CB-8575-13FE3A57BD55\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*\", \"versionEndIncluding\": \"15.006.30174\", \"matchCriteriaId\": \"6D455EA4-9459-471D-8B4E-D7D78C1772F3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*\", \"versionEndIncluding\": \"15.016.20045\", \"matchCriteriaId\": \"79074ABD-9720-4298-A680-0B636FFC6151\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"11.0.16\", \"matchCriteriaId\": \"2CD2EDEC-3767-4713-ACD7-D463DAE2D273\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Heap-based buffer overflow in Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors.\"}, {\"lang\": \"es\", \"value\": \"Desbordamiento de buffer basado en memoria din\\u00e1mica en Adobe Reader y Acrobat en versiones anteriores a 11.0.17, Acrobat y Acrobat Reader DC Classic en versiones a 15.006.30198, y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 15.017.20050 en Windows y OS X permite a atacantes ejecutar c\\u00f3digo arbitrario a trav\\u00e9s de vectores no especificados.\"}]",
      "id": "CVE-2016-4209",
      "lastModified": "2024-11-21T02:51:38.010",
      "metrics": "{\"cvssMetricV30\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.0\", \"vectorString\": \"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 9.8, \"baseSeverity\": \"CRITICAL\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 5.9}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:C/I:C/A:C\", \"baseScore\": 10.0, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"COMPLETE\", \"integrityImpact\": \"COMPLETE\", \"availabilityImpact\": \"COMPLETE\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 10.0, \"impactScore\": 10.0, \"acInsufInfo\": true, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2016-07-13T02:00:18.527",
      "references": "[{\"url\": \"http://www.securityfocus.com/bid/91711\", \"source\": \"psirt@adobe.com\"}, {\"url\": \"http://www.securitytracker.com/id/1036281\", \"source\": \"psirt@adobe.com\"}, {\"url\": \"https://helpx.adobe.com/security/products/acrobat/apsb16-26.html\", \"source\": \"psirt@adobe.com\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"http://www.securityfocus.com/bid/91711\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securitytracker.com/id/1036281\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://helpx.adobe.com/security/products/acrobat/apsb16-26.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}]",
      "sourceIdentifier": "psirt@adobe.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-119\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2016-4209\",\"sourceIdentifier\":\"psirt@adobe.com\",\"published\":\"2016-07-13T02:00:18.527\",\"lastModified\":\"2025-04-12T10:46:40.837\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Heap-based buffer overflow in Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors.\"},{\"lang\":\"es\",\"value\":\"Desbordamiento de buffer basado en memoria din\u00e1mica en Adobe Reader y Acrobat en versiones anteriores a 11.0.17, Acrobat y Acrobat Reader DC Classic en versiones a 15.006.30198, y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 15.017.20050 en Windows y OS X permite a atacantes ejecutar c\u00f3digo arbitrario a trav\u00e9s de vectores no especificados.\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":9.8,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:C/I:C/A:C\",\"baseScore\":10.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":10.0,\"acInsufInfo\":true,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-119\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0FF5999A-9D12-4CDD-8DE9-A89C10B2D574\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2CF61F35-5905-4BA9-AD7E-7DB261D2F256\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"11.0.16\",\"matchCriteriaId\":\"48F7FCE4-6C44-45DA-B1F0-7808F497AA93\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*\",\"versionEndIncluding\":\"15.006.30174\",\"matchCriteriaId\":\"3F3C7F23-77F4-4698-8E74-72917F2A83E9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*\",\"versionEndIncluding\":\"15.016.20045\",\"matchCriteriaId\":\"2E46BF91-F475-46CB-8575-13FE3A57BD55\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*\",\"versionEndIncluding\":\"15.006.30174\",\"matchCriteriaId\":\"6D455EA4-9459-471D-8B4E-D7D78C1772F3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*\",\"versionEndIncluding\":\"15.016.20045\",\"matchCriteriaId\":\"79074ABD-9720-4298-A680-0B636FFC6151\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"11.0.16\",\"matchCriteriaId\":\"2CD2EDEC-3767-4713-ACD7-D463DAE2D273\"}]}]}],\"references\":[{\"url\":\"http://www.securityfocus.com/bid/91711\",\"source\":\"psirt@adobe.com\"},{\"url\":\"http://www.securitytracker.com/id/1036281\",\"source\":\"psirt@adobe.com\"},{\"url\":\"https://helpx.adobe.com/security/products/acrobat/apsb16-26.html\",\"source\":\"psirt@adobe.com\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/91711\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securitytracker.com/id/1036281\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://helpx.adobe.com/security/products/acrobat/apsb16-26.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]}]}}"
  }
}

GSD-2016-4209

Vulnerability from gsd - Updated: 2023-12-13 01:21

Details

Aliases

CVE-2016-4209

Aliases

CVE-2016-4209

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2016-4209",
    "description": "Heap-based buffer overflow in Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors.",
    "id": "GSD-2016-4209"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2016-4209"
      ],
      "details": "Heap-based buffer overflow in Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors.",
      "id": "GSD-2016-4209",
      "modified": "2023-12-13T01:21:18.721922Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "psirt@adobe.com",
        "ID": "CVE-2016-4209",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Heap-based buffer overflow in Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "91711",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/91711"
          },
          {
            "name": "1036281",
            "refsource": "SECTRACK",
            "url": "http://www.securitytracker.com/id/1036281"
          },
          {
            "name": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html",
            "refsource": "CONFIRM",
            "url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "11.0.16",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "15.016.20045",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "11.0.16",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "15.006.30174",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "15.016.20045",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "15.006.30174",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@adobe.com",
          "ID": "CVE-2016-4209"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Heap-based buffer overflow in Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-119"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html",
              "refsource": "CONFIRM",
              "tags": [
                "Patch",
                "Vendor Advisory"
              ],
              "url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html"
            },
            {
              "name": "91711",
              "refsource": "BID",
              "tags": [],
              "url": "http://www.securityfocus.com/bid/91711"
            },
            {
              "name": "1036281",
              "refsource": "SECTRACK",
              "tags": [],
              "url": "http://www.securitytracker.com/id/1036281"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "acInsufInfo": true,
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 10.0,
            "confidentialityImpact": "COMPLETE",
            "integrityImpact": "COMPLETE",
            "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 10.0,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "exploitabilityScore": 3.9,
          "impactScore": 5.9
        }
      },
      "lastModifiedDate": "2017-09-01T01:29Z",
      "publishedDate": "2016-07-13T02:00Z"
    }
  }
}

CERTFR-2016-AVI-233

Vulnerability from certfr_avis - Published: - Updated:

De multiples vulnérabilités ont été corrigées dans Adobe Acrobat et Reader. Elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance et un contournement de la politique de sécurité.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Adobe	Acrobat	Adobe Acrobat DC Classic versions antérieures à 15.006.30198 sur Windows et Macintosh
Adobe	Acrobat	Adobe Acrobat Reader DC versions antérieures à 15.017.20050 sur Windows et Macintosh
Adobe	Acrobat	Adobe Acrobat Reader DC Classic versions antérieures à 15.006.30198 sur Windows et Macintosh
Adobe	Acrobat	Adobe Acrobat XI versions antérieures à 11.0.17 sur Windows et Macintosh
Adobe	Acrobat	Adobe Reader XI versions antérieures à 11.0.17 sur Windows et Macintosh
Adobe	Acrobat	Adobe Acrobat DC versions antérieures à 15.017.20050 sur Windows et Macintosh

References

Title

Publication Time

Tags

Bulletin de sécurité Adobe APSB16-26 du 12 juillet 2016

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Adobe Acrobat DC Classic versions ant\u00e9rieures \u00e0 15.006.30198 sur Windows et Macintosh",
      "product": {
        "name": "Acrobat",
        "vendor": {
          "name": "Adobe",
          "scada": false
        }
      }
    },
    {
      "description": "Adobe Acrobat Reader DC versions ant\u00e9rieures \u00e0 15.017.20050 sur Windows et Macintosh",
      "product": {
        "name": "Acrobat",
        "vendor": {
          "name": "Adobe",
          "scada": false
        }
      }
    },
    {
      "description": "Adobe Acrobat Reader DC Classic versions ant\u00e9rieures \u00e0 15.006.30198 sur Windows et Macintosh",
      "product": {
        "name": "Acrobat",
        "vendor": {
          "name": "Adobe",
          "scada": false
        }
      }
    },
    {
      "description": "Adobe Acrobat XI versions ant\u00e9rieures \u00e0 11.0.17 sur Windows et Macintosh",
      "product": {
        "name": "Acrobat",
        "vendor": {
          "name": "Adobe",
          "scada": false
        }
      }
    },
    {
      "description": "Adobe Reader XI versions ant\u00e9rieures \u00e0 11.0.17 sur Windows et Macintosh",
      "product": {
        "name": "Acrobat",
        "vendor": {
          "name": "Adobe",
          "scada": false
        }
      }
    },
    {
      "description": "Adobe Acrobat DC versions ant\u00e9rieures \u00e0 15.017.20050 sur Windows et Macintosh",
      "product": {
        "name": "Acrobat",
        "vendor": {
          "name": "Adobe",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2016-4195",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4195"
    },
    {
      "name": "CVE-2016-4255",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4255"
    },
    {
      "name": "CVE-2016-4200",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4200"
    },
    {
      "name": "CVE-2016-4212",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4212"
    },
    {
      "name": "CVE-2016-4215",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4215"
    },
    {
      "name": "CVE-2016-4252",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4252"
    },
    {
      "name": "CVE-2016-4209",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4209"
    },
    {
      "name": "CVE-2016-4251",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4251"
    },
    {
      "name": "CVE-2016-4213",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4213"
    },
    {
      "name": "CVE-2016-4206",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4206"
    },
    {
      "name": "CVE-2016-4198",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4198"
    },
    {
      "name": "CVE-2016-4205",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4205"
    },
    {
      "name": "CVE-2016-4196",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4196"
    },
    {
      "name": "CVE-2016-4211",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4211"
    },
    {
      "name": "CVE-2016-4250",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4250"
    },
    {
      "name": "CVE-2016-4207",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4207"
    },
    {
      "name": "CVE-2016-4214",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4214"
    },
    {
      "name": "CVE-2016-4194",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4194"
    },
    {
      "name": "CVE-2016-4193",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4193"
    },
    {
      "name": "CVE-2016-4197",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4197"
    },
    {
      "name": "CVE-2016-4201",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4201"
    },
    {
      "name": "CVE-2016-4254",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4254"
    },
    {
      "name": "CVE-2016-4208",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4208"
    },
    {
      "name": "CVE-2016-4191",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4191"
    },
    {
      "name": "CVE-2016-4204",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4204"
    },
    {
      "name": "CVE-2016-4199",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4199"
    },
    {
      "name": "CVE-2016-4203",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4203"
    },
    {
      "name": "CVE-2016-4192",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4192"
    },
    {
      "name": "CVE-2016-4210",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4210"
    },
    {
      "name": "CVE-2016-4202",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4202"
    }
  ],
  "links": [],
  "reference": "CERTFR-2016-AVI-233",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2016-07-13T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003eAdobe Acrobat et Reader\u003c/span\u003e. Elles permettent \u00e0 un\nattaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance et un\ncontournement de la politique de s\u00e9curit\u00e9.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans Adobe Acrobat et Reader",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Adobe APSB16-26 du 12 juillet 2016",
      "url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html"
    }
  ]
}

CERTFR-2016-AVI-233

Vulnerability from certfr_avis - Published: - Updated:

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Adobe	Acrobat	Adobe Acrobat DC Classic versions antérieures à 15.006.30198 sur Windows et Macintosh
Adobe	Acrobat	Adobe Acrobat Reader DC versions antérieures à 15.017.20050 sur Windows et Macintosh
Adobe	Acrobat	Adobe Acrobat Reader DC Classic versions antérieures à 15.006.30198 sur Windows et Macintosh
Adobe	Acrobat	Adobe Acrobat XI versions antérieures à 11.0.17 sur Windows et Macintosh
Adobe	Acrobat	Adobe Reader XI versions antérieures à 11.0.17 sur Windows et Macintosh
Adobe	Acrobat	Adobe Acrobat DC versions antérieures à 15.017.20050 sur Windows et Macintosh

References

Title

Publication Time

Tags

Bulletin de sécurité Adobe APSB16-26 du 12 juillet 2016

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Adobe Acrobat DC Classic versions ant\u00e9rieures \u00e0 15.006.30198 sur Windows et Macintosh",
      "product": {
        "name": "Acrobat",
        "vendor": {
          "name": "Adobe",
          "scada": false
        }
      }
    },
    {
      "description": "Adobe Acrobat Reader DC versions ant\u00e9rieures \u00e0 15.017.20050 sur Windows et Macintosh",
      "product": {
        "name": "Acrobat",
        "vendor": {
          "name": "Adobe",
          "scada": false
        }
      }
    },
    {
      "description": "Adobe Acrobat Reader DC Classic versions ant\u00e9rieures \u00e0 15.006.30198 sur Windows et Macintosh",
      "product": {
        "name": "Acrobat",
        "vendor": {
          "name": "Adobe",
          "scada": false
        }
      }
    },
    {
      "description": "Adobe Acrobat XI versions ant\u00e9rieures \u00e0 11.0.17 sur Windows et Macintosh",
      "product": {
        "name": "Acrobat",
        "vendor": {
          "name": "Adobe",
          "scada": false
        }
      }
    },
    {
      "description": "Adobe Reader XI versions ant\u00e9rieures \u00e0 11.0.17 sur Windows et Macintosh",
      "product": {
        "name": "Acrobat",
        "vendor": {
          "name": "Adobe",
          "scada": false
        }
      }
    },
    {
      "description": "Adobe Acrobat DC versions ant\u00e9rieures \u00e0 15.017.20050 sur Windows et Macintosh",
      "product": {
        "name": "Acrobat",
        "vendor": {
          "name": "Adobe",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2016-4195",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4195"
    },
    {
      "name": "CVE-2016-4255",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4255"
    },
    {
      "name": "CVE-2016-4200",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4200"
    },
    {
      "name": "CVE-2016-4212",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4212"
    },
    {
      "name": "CVE-2016-4215",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4215"
    },
    {
      "name": "CVE-2016-4252",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4252"
    },
    {
      "name": "CVE-2016-4209",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4209"
    },
    {
      "name": "CVE-2016-4251",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4251"
    },
    {
      "name": "CVE-2016-4213",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4213"
    },
    {
      "name": "CVE-2016-4206",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4206"
    },
    {
      "name": "CVE-2016-4198",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4198"
    },
    {
      "name": "CVE-2016-4205",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4205"
    },
    {
      "name": "CVE-2016-4196",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4196"
    },
    {
      "name": "CVE-2016-4211",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4211"
    },
    {
      "name": "CVE-2016-4250",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4250"
    },
    {
      "name": "CVE-2016-4207",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4207"
    },
    {
      "name": "CVE-2016-4214",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4214"
    },
    {
      "name": "CVE-2016-4194",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4194"
    },
    {
      "name": "CVE-2016-4193",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4193"
    },
    {
      "name": "CVE-2016-4197",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4197"
    },
    {
      "name": "CVE-2016-4201",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4201"
    },
    {
      "name": "CVE-2016-4254",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4254"
    },
    {
      "name": "CVE-2016-4208",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4208"
    },
    {
      "name": "CVE-2016-4191",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4191"
    },
    {
      "name": "CVE-2016-4204",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4204"
    },
    {
      "name": "CVE-2016-4199",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4199"
    },
    {
      "name": "CVE-2016-4203",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4203"
    },
    {
      "name": "CVE-2016-4192",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4192"
    },
    {
      "name": "CVE-2016-4210",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4210"
    },
    {
      "name": "CVE-2016-4202",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4202"
    }
  ],
  "links": [],
  "reference": "CERTFR-2016-AVI-233",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2016-07-13T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003eAdobe Acrobat et Reader\u003c/span\u003e. Elles permettent \u00e0 un\nattaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance et un\ncontournement de la politique de s\u00e9curit\u00e9.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans Adobe Acrobat et Reader",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Adobe APSB16-26 du 12 juillet 2016",
      "url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html"
    }
  ]
}

CNVD-2016-04918

Vulnerability from cnvd - Published: 2016-08-26

Title

Adobe Acrobat Reader DC远程代码执行漏洞（CNVD-2016-04918）

Description

Adobe Reader是PDF文档阅读软件。 Adobe Reader DC存在安全漏洞，允许攻击者通过精心构造的PDF文件可使Adobe Reader DC触发堆溢出漏洞，攻击者利用此漏洞可在当前进程上下文中执行任意代码。

Severity

高

Patch Name

Adobe Acrobat Reader DC远程代码执行漏洞（CNVD-2016-04918）的补丁

Patch Description

Adobe Reader是PDF文档阅读软件。 Adobe Reader DC存在安全漏洞，允许攻击者通过精心构造的PDF文件可使Adobe Reader DC触发堆溢出漏洞，攻击者利用此漏洞可在当前进程上下文中执行任意代码。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description

Adobe已经为此发布了一个安全公告（APSB16-26）以及相应补丁： https://helpx.adobe.com/security/products/acrobat/apsb16-26.html

Reference

https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4209

Impacted products

Name
['Adobe Acrobat DC(on Windows and Macintosh) <=15.016.20045', 'Adobe Acrobat DC(on Windows and Macintosh) <=15.006.30174', 'Adobe Acrobat Reader DC(on Windows and Macintosh) <=15.016.20045', 'Adobe Acrobat Reader DC(on Windows and Macintosh) <=15.006.30174', 'Adobe Acrobat XI(on Windows and Macintosh) <=11.0.16', 'Adobe Reader XI(on Windows and Macintosh) <=11.0.16']

Show details on source website

JSON

To clipboard

{
  "bids": {
    "bid": {
      "bidNumber": "91711"
    }
  },
  "cves": {
    "cve": {
      "cveNumber": "CVE-2016-4209"
    }
  },
  "description": "Adobe Reader\u662fPDF\u6587\u6863\u9605\u8bfb\u8f6f\u4ef6\u3002\r\n\r\nAdobe Reader DC\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\uff0c\u5141\u8bb8\u653b\u51fb\u8005\u901a\u8fc7\u7cbe\u5fc3\u6784\u9020\u7684PDF\u6587\u4ef6\u53ef\u4f7fAdobe Reader DC\u89e6\u53d1\u5806\u6ea2\u51fa\u6f0f\u6d1e\uff0c\u653b\u51fb\u8005\u5229\u7528\u6b64\u6f0f\u6d1e\u53ef\u5728\u5f53\u524d\u8fdb\u7a0b\u4e0a\u4e0b\u6587\u4e2d\u6267\u884c\u4efb\u610f\u4ee3\u7801\u3002",
  "discovererName": "\u817e\u8baf\u7384\u6b66\u5b9e\u9a8c\u5ba4",
  "formalWay": "Adobe\u5df2\u7ecf\u4e3a\u6b64\u53d1\u5e03\u4e86\u4e00\u4e2a\u5b89\u5168\u516c\u544a\uff08APSB16-26\uff09\u4ee5\u53ca\u76f8\u5e94\u8865\u4e01\uff1a \r\nhttps://helpx.adobe.com/security/products/acrobat/apsb16-26.html",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2016-04918",
  "openTime": "2016-08-26",
  "patchDescription": "Adobe Reader\u662fPDF\u6587\u6863\u9605\u8bfb\u8f6f\u4ef6\u3002\r\n\r\nAdobe Reader DC\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\uff0c\u5141\u8bb8\u653b\u51fb\u8005\u901a\u8fc7\u7cbe\u5fc3\u6784\u9020\u7684PDF\u6587\u4ef6\u53ef\u4f7fAdobe Reader DC\u89e6\u53d1\u5806\u6ea2\u51fa\u6f0f\u6d1e\uff0c\u653b\u51fb\u8005\u5229\u7528\u6b64\u6f0f\u6d1e\u53ef\u5728\u5f53\u524d\u8fdb\u7a0b\u4e0a\u4e0b\u6587\u4e2d\u6267\u884c\u4efb\u610f\u4ee3\u7801\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Adobe Acrobat Reader DC\u8fdc\u7a0b\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e\uff08CNVD-2016-04918\uff09\u7684\u8865\u4e01",
  "products": {
    "product": [
      "Adobe Acrobat DC(on Windows and Macintosh) \u003c=15.016.20045",
      "Adobe Acrobat DC(on Windows and Macintosh) \u003c=15.006.30174",
      "Adobe Acrobat Reader DC(on Windows and Macintosh) \u003c=15.016.20045",
      "Adobe Acrobat Reader DC(on Windows and Macintosh) \u003c=15.006.30174",
      "Adobe Acrobat XI(on Windows and Macintosh) \u003c=11.0.16",
      "Adobe Reader XI(on Windows and Macintosh) \u003c=11.0.16"
    ]
  },
  "referenceLink": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4209",
  "serverity": "\u9ad8",
  "submitTime": "2016-07-11",
  "title": "Adobe Acrobat Reader DC\u8fdc\u7a0b\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e\uff08CNVD-2016-04918\uff09"
}

VAR-201607-0124

Vulnerability from variot - Updated: 2023-12-18 12:05

Heap-based buffer overflow in Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors. Attackers can exploit this issue to execute arbitrary code within the context of the affected application. Failed exploit attempts likely result in denial-of-service conditions. Adobe Reader, etc. are all products of Adobe (Adobe) in the United States. Adobe Reader is a free PDF file reader; Acrobat is a PDF file editing and conversion tool; Acrobat Reader DC is a set of tools for viewing, printing and annotating PDF

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201607-0124",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "acrobat dc",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "adobe",
        "version": "15.006.30174"
      },
      {
        "model": "acrobat dc",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "adobe",
        "version": "15.016.20045"
      },
      {
        "model": "acrobat reader dc",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "adobe",
        "version": "15.016.20045"
      },
      {
        "model": "acrobat reader dc",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "adobe",
        "version": "15.006.30174"
      },
      {
        "model": "reader",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "adobe",
        "version": "11.0.16"
      },
      {
        "model": "acrobat",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "adobe",
        "version": "11.0.16"
      },
      {
        "model": "acrobat",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "adobe",
        "version": "xi desktop  11.0.17   (windows/macintosh)"
      },
      {
        "model": "acrobat dc",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "adobe",
        "version": "classic  15.006.30198   (windows/macintosh)"
      },
      {
        "model": "acrobat dc",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "adobe",
        "version": "continuous track  15.017.20050   (windows/macintosh)"
      },
      {
        "model": "acrobat reader dc",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "adobe",
        "version": "classic  15.006.30198   (windows/macintosh)"
      },
      {
        "model": "acrobat reader dc",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "adobe",
        "version": "continuous track  15.017.20050   (windows/macintosh)"
      },
      {
        "model": "reader",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "adobe",
        "version": "xi desktop  11.0.17   (windows/macintosh)"
      },
      {
        "model": "mac os x",
        "scope": null,
        "trust": 0.6,
        "vendor": "apple",
        "version": null
      },
      {
        "model": "acrobat reader dc",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "adobe",
        "version": "15.6.30174"
      },
      {
        "model": "acrobat",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "adobe",
        "version": "11.0.13"
      },
      {
        "model": "acrobat",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "adobe",
        "version": "11.0.6"
      },
      {
        "model": "acrobat",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "adobe",
        "version": "11.0.09"
      },
      {
        "model": "acrobat dc",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "adobe",
        "version": "15.6.30097"
      },
      {
        "model": "acrobat",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "adobe",
        "version": "11.0.3"
      },
      {
        "model": "acrobat reader dc",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "adobe",
        "version": "15.6.30172"
      },
      {
        "model": "acrobat",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "adobe",
        "version": "11.0"
      },
      {
        "model": "acrobat reader dc",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "adobe",
        "version": "15.16.20045"
      },
      {
        "model": "acrobat reader dc",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "adobe",
        "version": "15.010.20056"
      },
      {
        "model": "acrobat dc",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "adobe",
        "version": "15.10.20059"
      },
      {
        "model": "reader",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "adobe",
        "version": "11.0.17"
      },
      {
        "model": "acrobat reader dc",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "adobe",
        "version": "15.6.30121"
      },
      {
        "model": "reader",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "adobe",
        "version": "11.0.10"
      },
      {
        "model": "reader",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "adobe",
        "version": "11.0.4"
      },
      {
        "model": "reader",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "adobe",
        "version": "11.0.14"
      },
      {
        "model": "acrobat reader dc",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "adobe",
        "version": "15.006.30119"
      },
      {
        "model": "acrobat reader dc",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "adobe",
        "version": "15.16.20039"
      },
      {
        "model": "reader",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "adobe",
        "version": "11.0.1"
      },
      {
        "model": "acrobat reader dc",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "adobe",
        "version": "15.9.20077"
      },
      {
        "model": "acrobat reader",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "adobe",
        "version": "11.0.7"
      },
      {
        "model": "acrobat reader dc",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "adobe",
        "version": "15.17.20050"
      },
      {
        "model": "acrobat dc",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "adobe",
        "version": "15.10.20060"
      },
      {
        "model": "acrobat reader dc",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "adobe",
        "version": "15.6.30097"
      },
      {
        "model": "reader",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "adobe",
        "version": "11.0.16"
      },
      {
        "model": "acrobat reader",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "adobe",
        "version": "11.0.6"
      },
      {
        "model": "acrobat",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "adobe",
        "version": "11.0.4"
      },
      {
        "model": "acrobat",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "adobe",
        "version": "11.0.10"
      },
      {
        "model": "acrobat",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "adobe",
        "version": "11.0.14"
      },
      {
        "model": "acrobat",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "adobe",
        "version": "11.0.1"
      },
      {
        "model": "acrobat reader dc",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "adobe",
        "version": "15.10.20059"
      },
      {
        "model": "reader",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "adobe",
        "version": "11.0.12"
      },
      {
        "model": "reader",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "adobe",
        "version": "11.0.15"
      },
      {
        "model": "reader",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "adobe",
        "version": "11.0.08"
      },
      {
        "model": "acrobat dc",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "adobe",
        "version": "15.6.30174"
      },
      {
        "model": "acrobat",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "adobe",
        "version": "11.0.16"
      },
      {
        "model": "acrobat dc",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "adobe",
        "version": "15.6.30198"
      },
      {
        "model": "acrobat dc",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "adobe",
        "version": "15.6.30172"
      },
      {
        "model": "acrobat reader dc",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "adobe",
        "version": "15.10.20060"
      },
      {
        "model": "acrobat",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "adobe",
        "version": "11.0.2"
      },
      {
        "model": "acrobat dc",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "adobe",
        "version": "15.16.20045"
      },
      {
        "model": "reader",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "adobe",
        "version": "11.0.11"
      },
      {
        "model": "acrobat dc",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "adobe",
        "version": "15.010.20056"
      },
      {
        "model": "reader",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "adobe",
        "version": "11.0.7"
      },
      {
        "model": "acrobat",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "adobe",
        "version": "11.0.9"
      },
      {
        "model": "reader",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "adobe",
        "version": "11.0.13"
      },
      {
        "model": "acrobat",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "adobe",
        "version": "11.0.15"
      },
      {
        "model": "acrobat",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "adobe",
        "version": "11.0.12"
      },
      {
        "model": "acrobat",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "adobe",
        "version": "11.0.08"
      },
      {
        "model": "acrobat dc",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "adobe",
        "version": "15.6.30121"
      },
      {
        "model": "reader",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "adobe",
        "version": "11.0.09"
      },
      {
        "model": "acrobat dc",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "adobe",
        "version": "15.9.20077"
      },
      {
        "model": "acrobat dc",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "adobe",
        "version": "15.006.30119"
      },
      {
        "model": "acrobat dc",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "adobe",
        "version": "15.17.20050"
      },
      {
        "model": "acrobat dc",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "adobe",
        "version": "15.16.20039"
      },
      {
        "model": "reader",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "adobe",
        "version": "11.0.6"
      },
      {
        "model": "acrobat",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "adobe",
        "version": "11.0.11"
      },
      {
        "model": "reader",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "adobe",
        "version": "11.0.05"
      },
      {
        "model": "acrobat reader dc",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "adobe",
        "version": "15.6.30198"
      },
      {
        "model": "acrobat",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "adobe",
        "version": "11.0.17"
      },
      {
        "model": "reader",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "adobe",
        "version": "11.0.3"
      },
      {
        "model": "acrobat",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "adobe",
        "version": "11.0.7"
      }
    ],
    "sources": [
      {
        "db": "BID",
        "id": "91711"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-003612"
      },
      {
        "db": "NVD",
        "id": "CVE-2016-4209"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201607-266"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "11.0.16",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "15.016.20045",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "11.0.16",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "15.006.30174",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "15.016.20045",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "15.006.30174",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2016-4209"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Ke Liu of Tencent\u0027s Xuanwu LAB.",
    "sources": [
      {
        "db": "BID",
        "id": "91711"
      }
    ],
    "trust": 0.3
  },
  "cve": "CVE-2016-4209",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": true,
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "NVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 10.0,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 10.0,
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "obtainAllPrivilege": false,
            "obtainOtherPrivilege": false,
            "obtainUserPrivilege": false,
            "severity": "HIGH",
            "trust": 1.0,
            "userInteractionRequired": false,
            "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "Medium",
            "accessVector": "Network",
            "authentication": "None",
            "author": "NVD",
            "availabilityImpact": "Partial",
            "baseScore": 6.8,
            "confidentialityImpact": "Partial",
            "exploitabilityScore": null,
            "id": "CVE-2016-4209",
            "impactScore": null,
            "integrityImpact": "Partial",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "Medium",
            "trust": 0.8,
            "userInteractionRequired": null,
            "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "COMPLETE",
            "baseScore": 10.0,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 10.0,
            "id": "VHN-93028",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 0.1,
            "vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "author": "NVD",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "exploitabilityScore": 3.9,
            "impactScore": 5.9,
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          {
            "attackComplexity": "Low",
            "attackVector": "Network",
            "author": "NVD",
            "availabilityImpact": "High",
            "baseScore": 8.8,
            "baseSeverity": "High",
            "confidentialityImpact": "High",
            "exploitabilityScore": null,
            "id": "CVE-2016-4209",
            "impactScore": null,
            "integrityImpact": "High",
            "privilegesRequired": "None",
            "scope": "Unchanged",
            "trust": 0.8,
            "userInteraction": "Required",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "NVD",
            "id": "CVE-2016-4209",
            "trust": 1.0,
            "value": "CRITICAL"
          },
          {
            "author": "NVD",
            "id": "CVE-2016-4209",
            "trust": 0.8,
            "value": "High"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201607-266",
            "trust": 0.6,
            "value": "CRITICAL"
          },
          {
            "author": "VULHUB",
            "id": "VHN-93028",
            "trust": 0.1,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-93028"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-003612"
      },
      {
        "db": "NVD",
        "id": "CVE-2016-4209"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201607-266"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Heap-based buffer overflow in Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors. \nAttackers can exploit this issue to execute arbitrary code within the context of the affected application. Failed exploit attempts likely result in denial-of-service conditions. Adobe Reader, etc. are all products of Adobe (Adobe) in the United States. Adobe Reader is a free PDF file reader; Acrobat is a PDF file editing and conversion tool; Acrobat Reader DC is a set of tools for viewing, printing and annotating PDF",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2016-4209"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-003612"
      },
      {
        "db": "BID",
        "id": "91711"
      },
      {
        "db": "VULHUB",
        "id": "VHN-93028"
      }
    ],
    "trust": 1.98
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2016-4209",
        "trust": 2.8
      },
      {
        "db": "BID",
        "id": "91711",
        "trust": 1.4
      },
      {
        "db": "SECTRACK",
        "id": "1036281",
        "trust": 1.1
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-003612",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201607-266",
        "trust": 0.7
      },
      {
        "db": "VULHUB",
        "id": "VHN-93028",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-93028"
      },
      {
        "db": "BID",
        "id": "91711"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-003612"
      },
      {
        "db": "NVD",
        "id": "CVE-2016-4209"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201607-266"
      }
    ]
  },
  "id": "VAR-201607-0124",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-93028"
      }
    ],
    "trust": 0.01
  },
  "last_update_date": "2023-12-18T12:05:48.510000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "APSB16-26",
        "trust": 0.8,
        "url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html"
      },
      {
        "title": "APSB16-26",
        "trust": 0.8,
        "url": "https://helpx.adobe.com/jp/security/products/acrobat/apsb16-26.html"
      },
      {
        "title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Reader \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
        "trust": 0.8,
        "url": "http://www.fmworld.net/biz/common/adobe/20160714.html"
      },
      {
        "title": "Multiple Adobe Product-based patch-based buffer overflow vulnerability fixes",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=62849"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-003612"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201607-266"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-119",
        "trust": 1.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-93028"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-003612"
      },
      {
        "db": "NVD",
        "id": "CVE-2016-4209"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.0,
        "url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html"
      },
      {
        "trust": 1.1,
        "url": "http://www.securityfocus.com/bid/91711"
      },
      {
        "trust": 1.1,
        "url": "http://www.securitytracker.com/id/1036281"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-4209"
      },
      {
        "trust": 0.8,
        "url": "http://www.ipa.go.jp/security/ciadr/vul/20160713-adobereader.html"
      },
      {
        "trust": 0.8,
        "url": "http://www.jpcert.or.jp/at/2016/at160030.html"
      },
      {
        "trust": 0.8,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-4209"
      },
      {
        "trust": 0.8,
        "url": "http://www.npa.go.jp/cyberpolice/topics/?seq=18716"
      },
      {
        "trust": 0.3,
        "url": "http://www.adobe.com/products/acrobat/"
      },
      {
        "trust": 0.3,
        "url": "http://www.adobe.com"
      },
      {
        "trust": 0.3,
        "url": "http://get.adobe.com/reader/"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-93028"
      },
      {
        "db": "BID",
        "id": "91711"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-003612"
      },
      {
        "db": "NVD",
        "id": "CVE-2016-4209"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201607-266"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "VULHUB",
        "id": "VHN-93028"
      },
      {
        "db": "BID",
        "id": "91711"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-003612"
      },
      {
        "db": "NVD",
        "id": "CVE-2016-4209"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201607-266"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2016-07-13T00:00:00",
        "db": "VULHUB",
        "id": "VHN-93028"
      },
      {
        "date": "2016-07-12T00:00:00",
        "db": "BID",
        "id": "91711"
      },
      {
        "date": "2016-07-14T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2016-003612"
      },
      {
        "date": "2016-07-13T02:00:18.527000",
        "db": "NVD",
        "id": "CVE-2016-4209"
      },
      {
        "date": "2016-07-13T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201607-266"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2017-09-01T00:00:00",
        "db": "VULHUB",
        "id": "VHN-93028"
      },
      {
        "date": "2016-07-12T00:00:00",
        "db": "BID",
        "id": "91711"
      },
      {
        "date": "2016-07-14T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2016-003612"
      },
      {
        "date": "2017-09-01T01:29:20.413000",
        "db": "NVD",
        "id": "CVE-2016-4209"
      },
      {
        "date": "2016-07-13T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201607-266"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201607-266"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Windows and  Mac OS X Run on  Adobe Reader and  Acrobat Heap-based buffer overflow vulnerability",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-003612"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "buffer overflow",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201607-266"
      }
    ],
    "trust": 0.6
  }
}

FKIE_CVE-2016-4209

Vulnerability from fkie_nvd - Published: 2016-07-13 02:00 - Updated: 2025-04-12 10:46

Severity ?

9.8 (Critical) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Summary

References

URL	Tags
psirt@adobe.com	http://www.securityfocus.com/bid/91711
psirt@adobe.com	http://www.securitytracker.com/id/1036281
psirt@adobe.com	https://helpx.adobe.com/security/products/acrobat/apsb16-26.html	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/91711
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id/1036281
af854a3a-2127-422b-91ae-364da2661108	https://helpx.adobe.com/security/products/acrobat/apsb16-26.html	Patch, Vendor Advisory

Impacted products

Vendor	Product	Version
apple	mac_os_x	*
microsoft	windows	*
adobe	acrobat	*
adobe	acrobat_dc	*
adobe	acrobat_dc	*
adobe	acrobat_reader_dc	*
adobe	acrobat_reader_dc	*
adobe	reader	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "48F7FCE4-6C44-45DA-B1F0-7808F497AA93",
              "versionEndIncluding": "11.0.16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
              "matchCriteriaId": "3F3C7F23-77F4-4698-8E74-72917F2A83E9",
              "versionEndIncluding": "15.006.30174",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
              "matchCriteriaId": "2E46BF91-F475-46CB-8575-13FE3A57BD55",
              "versionEndIncluding": "15.016.20045",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
              "matchCriteriaId": "6D455EA4-9459-471D-8B4E-D7D78C1772F3",
              "versionEndIncluding": "15.006.30174",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
              "matchCriteriaId": "79074ABD-9720-4298-A680-0B636FFC6151",
              "versionEndIncluding": "15.016.20045",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2CD2EDEC-3767-4713-ACD7-D463DAE2D273",
              "versionEndIncluding": "11.0.16",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Heap-based buffer overflow in Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors."
    },
    {
      "lang": "es",
      "value": "Desbordamiento de buffer basado en memoria din\u00e1mica en Adobe Reader y Acrobat en versiones anteriores a 11.0.17, Acrobat y Acrobat Reader DC Classic en versiones a 15.006.30198, y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 15.017.20050 en Windows y OS X permite a atacantes ejecutar c\u00f3digo arbitrario a trav\u00e9s de vectores no especificados."
    }
  ],
  "id": "CVE-2016-4209",
  "lastModified": "2025-04-12T10:46:40.837",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": true,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 10.0,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.8,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2016-07-13T02:00:18.527",
  "references": [
    {
      "source": "psirt@adobe.com",
      "url": "http://www.securityfocus.com/bid/91711"
    },
    {
      "source": "psirt@adobe.com",
      "url": "http://www.securitytracker.com/id/1036281"
    },
    {
      "source": "psirt@adobe.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/91711"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id/1036281"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html"
    }
  ],
  "sourceIdentifier": "psirt@adobe.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

GHSA-Q598-C4Q5-9HV5

Vulnerability from github – Published: 2022-05-17 01:20 – Updated: 2022-05-17 01:20

Details

Severity ?

9.8 (Critical)


                  
                    CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2016-4209"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-119"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2016-07-13T02:00:00Z",
    "severity": "CRITICAL"
  },
  "details": "Heap-based buffer overflow in Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors.",
  "id": "GHSA-q598-c4q5-9hv5",
  "modified": "2022-05-17T01:20:00Z",
  "published": "2022-05-17T01:20:00Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-4209"
    },
    {
      "type": "WEB",
      "url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/91711"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id/1036281"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2016-4209 (GCVE-0-2016-4209)

GSD-2016-4209

CERTFR-2016-AVI-233

Solution

CERTFR-2016-AVI-233

Solution

CNVD-2016-04918

VAR-201607-0124

FKIE_CVE-2016-4209

GHSA-Q598-C4Q5-9HV5

Tags

Sightings

Nomenclature