Multiple vulnerabilities in Adobe Acrobat and Reader
| Risk | High |
| Patch available | YES |
| Number of vulnerabilities | 72 |
| CVE-ID | CVE-2016-6993 CVE-2016-6994 CVE-2016-6999 CVE-2016-6958 CVE-2016-6957 CVE-2016-7019 CVE-2016-7018 CVE-2016-7017 CVE-2016-7016 CVE-2016-7015 CVE-2016-7014 CVE-2016-7013 CVE-2016-7012 CVE-2016-7010 CVE-2016-7011 CVE-2016-7009 CVE-2016-7008 CVE-2016-7007 CVE-2016-7006 CVE-2016-7005 CVE-2016-7004 CVE-2016-7003 CVE-2016-7002 CVE-2016-7001 CVE-2016-7000 CVE-2016-6998 CVE-2016-6997 CVE-2016-6996 CVE-2016-6995 CVE-2016-6978 CVE-2016-6977 CVE-2016-6976 CVE-2016-6975 CVE-2016-6974 CVE-2016-6973 CVE-2016-6972 CVE-2016-6971 CVE-2016-6970 CVE-2016-6966 CVE-2016-6960 CVE-2016-6959 CVE-2016-6956 CVE-2016-6955 CVE-2016-6954 CVE-2016-6951 CVE-2016-6950 CVE-2016-6948 CVE-2016-6947 CVE-2016-6943 CVE-2016-6942 CVE-2016-6941 CVE-2016-6940 CVE-2016-6939 CVE-2016-6979 CVE-2016-6969 CVE-2016-6968 CVE-2016-6967 CVE-2016-6965 CVE-2016-6964 CVE-2016-6963 CVE-2016-6962 CVE-2016-6961 CVE-2016-6953 CVE-2016-6952 CVE-2016-6949 CVE-2016-6946 CVE-2016-6945 CVE-2016-6944 CVE-2016-1091 CVE-2016-1089 |
| CWE-ID | CWE-416 CWE-122 CWE-190 CWE-284 CWE-119 CWE-20 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software Subscribe |
Adobe Acrobat Client/Desktop applications / Office applications Adobe Reader Client/Desktop applications / Office applications |
| Vendor | Adobe |
Security Bulletin
This security bulletin contains information about 72 vulnerabilities.
1) Arbitrary code execution
EUVDB-ID: #VU839
Risk: High
CVSSv3.1: 8.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2016-6993
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a remote unauthenticated user to cause arbitrary code execution on the target system.
The weakness is due to use-after-free memory error. By tricking the victim to download a specially crafted file attackers can bypass security restrictions and trigger an arbitrary code to be executed.
Successful exploitatin of the vulnerability leads to arbitrary code execution on the vulnerable system.
Update Adobe Acrobat DC to version 15.020.20039.
Update Adobe Acrobat Reader DC to version 15.006.30243.
Update Adobe Reader IX and Adobe Acrobat IX to version 11.0.18
Adobe Acrobat: 11.0.0 - 15.017.20053
Adobe Reader: 11.0.0 - 15.017.20053
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb16-33.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Arbitrary code execution
EUVDB-ID: #VU840
Risk: High
CVSSv3.1: 8.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2016-6994
CWE-ID:
CWE-122 - Heap-based Buffer Overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote unauthenticated user to cause arbitrary code execution on the target system.
The weakness is due to heap buffer overflow. By tricking the victim to download a specially crafted file attackers can bypass security restrictions and trigger an arbitrary code to be executed.
Successful exploitatin of the vulnerability leads to arbitrary code execution on the vulnerable system.
Update Adobe Acrobat DC to version 15.020.20039.
Update Adobe Acrobat Reader DC to version 15.006.30243.
Update Adobe Reader IX and Adobe Acrobat IX to version 11.0.18
Adobe Reader: 11.0.0 - 15.017.20053
Adobe Acrobat: 11.0.0 - 15.017.20053
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb16-33.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Arbitrary code execution
EUVDB-ID: #VU841
Risk: High
CVSSv3.1: 8.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2016-6999
CWE-ID:
CWE-190 - Integer overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote unauthenticated user to cause arbitrary code execution on the target system.
The weakness is due to integer overflow. By tricking the victim to download a specially crafted file attackers can bypass security restrictions and trigger an arbitrary code to be executed.
Successful exploitatin of the vulnerability leads to arbitrary code execution on the vulnerable system.
Update Adobe Acrobat DC to version 15.020.20039.
Update Adobe Acrobat Reader DC to version 15.006.30243.
Update Adobe Reader IX and Adobe Acrobat IX to version 11.0.18
Adobe Acrobat: 11.0.0 - 15.017.20053
Adobe Reader: 11.0.0 - 15.017.20053
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb16-33.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Arbitrary code execution
EUVDB-ID: #VU842
Risk: High
CVSSv3.1: 8.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2016-6958
CWE-ID:
CWE-284 - Improper Access Control
Exploit availability: No
DescriptionThe vulnerability allows a remote unauthenticated user to cause arbitrary code execution on the target system.
The weakness is due to access control error. By tricking the victim to download a specially crafted file attackers can bypass security restrictions and trigger an arbitrary code to be executed.
Successful exploitatin of the vulnerability leads to arbitrary code execution on the vulnerable system.
Update Adobe Acrobat DC to version 15.020.20039.
Update Adobe Acrobat Reader DC to version 15.006.30243.
Update Adobe Reader IX and Adobe Acrobat IX to version 11.0.18
Adobe Reader: 11.0.0 - 15.017.20053
Adobe Acrobat: 11.0.0 - 15.017.20053
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb16-33.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
5) Arbitrary code execution
EUVDB-ID: #VU843
Risk: High
CVSSv3.1: 8.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2016-6957
CWE-ID:
CWE-284 - Improper Access Control
Exploit availability: No
DescriptionThe vulnerability allows a remote unauthenticated user to cause arbitrary code execution on the target system.
The weakness is due to access control error. By tricking the victim to download a specially crafted file attackers can bypass security restrictions on Javascript API execution and trigger an arbitrary code to be executed.
Successful exploitatin of the vulnerability leads to arbitrary code execution on the vulnerable system.
Update Adobe Acrobat DC to version 15.020.20039.
Update Adobe Acrobat Reader DC to version 15.006.30243.
Update Adobe Reader IX and Adobe Acrobat IX to version 11.0.18
Adobe Acrobat: 11.0.0 - 15.017.20053
Adobe Reader: 11.0.0 - 15.017.20053
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb16-33.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
6) Arbitrary code execution
EUVDB-ID: #VU844
Risk: High
CVSSv3.1: 8.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2016-7019
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote unauthenticated user to execute arbitrary code on the target system.
The weakness is due to memory corruption error. By tricking the victim to download a specially crafted .pdf file, attackers can bypass security restrictions and to execute arbitrary code.
Successful exploitatin of the vulnerability leads to arbitrary code execution on the vulnerable system.
Update Adobe Acrobat DC to version 15.020.20039.
Update Adobe Acrobat Reader DC to version 15.006.30243.
Update Adobe Reader IX and Adobe Acrobat IX to version 11.0.18
Adobe Reader: 11.0.0 - 15.017.20053
Adobe Acrobat: 11.0.0 - 15.017.20053
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb16-33.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
7) Arbitrary code execution
EUVDB-ID: #VU862
Risk: High
CVSSv3.1: 8.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2016-7018
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote unauthenticated user to execute arbitrary code on the target system.
The weakness is due to memory corruption error. By tricking the victim to download a specially crafted .pdf file, attackers can bypass security restrictions and to execute arbitrary code.
Successful exploitatin of the vulnerability leads to arbitrary code execution on the vulnerable system.
Update Adobe Acrobat DC to version 15.020.20039.
Update Adobe Acrobat Reader DC to version 15.006.30243.
Update Adobe Reader IX and Adobe Acrobat IX to version 11.0.18
Adobe Reader: 11.0.0 - 15.017.20053
Adobe Acrobat: 11.0.0 - 15.017.20053
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb16-33.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
8) Arbitrary code execution
EUVDB-ID: #VU863
Risk: High
CVSSv3.1: 8.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2016-7017
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote unauthenticated user to execute arbitrary code on the target system.
The weakness is due to memory corruption error. By tricking the victim to download a specially crafted .pdf file, attackers can bypass security restrictions and to execute arbitrary code.
Successful exploitatin of the vulnerability leads to arbitrary code execution on the vulnerable system.
Update Adobe Acrobat DC to version 15.020.20039.
Update Adobe Acrobat Reader DC to version 15.006.30243.
Update Adobe Reader IX and Adobe Acrobat IX to version 11.0.18
Adobe Acrobat: 11.0.0 - 15.017.20053
Adobe Reader: 11.0.0 - 15.017.20053
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb16-33.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
9) Arbitrary code execution
EUVDB-ID: #VU864
Risk: High
CVSSv3.1: 8.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2016-7016
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote unauthenticated user to execute arbitrary code on the target system.
The weakness is due to memory corruption error. By tricking the victim to download a specially crafted .pdf file, attackers can bypass security restrictions and to execute arbitrary code.
Successful exploitatin of the vulnerability leads to arbitrary code execution on the vulnerable system.
Update Adobe Acrobat DC to version 15.020.20039.
Update Adobe Acrobat Reader DC to version 15.006.30243.
Update Adobe Reader IX and Adobe Acrobat IX to version 11.0.18
Adobe Reader: 11.0.0 - 15.017.20053
Adobe Acrobat: 11.0.0 - 15.017.20053
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb16-33.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
10) Arbitrary code execution
EUVDB-ID: #VU865
Risk: High
CVSSv3.1: 8.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2016-7015
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote unauthenticated user to execute arbitrary code on the target system.
The weakness is due to memory corruption error. By tricking the victim to download a specially crafted .pdf file, attackers can bypass security restrictions and to execute arbitrary code.
Successful exploitatin of the vulnerability leads to arbitrary code execution on the vulnerable system.
Update Adobe Acrobat DC to version 15.020.20039.
Update Adobe Acrobat Reader DC to version 15.006.30243.
Update Adobe Reader IX and Adobe Acrobat IX to version 11.0.18
Adobe Acrobat: 11.0.0 - 15.017.20053
Adobe Reader: 11.0.0 - 15.017.20053
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb16-33.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
11) Arbitrary code execution
EUVDB-ID: #VU866
Risk: High
CVSSv3.1: 8.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2016-7014
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote unauthenticated user to execute arbitrary code on the target system.
The weakness is due to memory corruption error. By tricking the victim to download a specially crafted .pdf file, attackers can bypass security restrictions and to execute arbitrary code.
Successful exploitatin of the vulnerability leads to arbitrary code execution on the vulnerable system.
Update Adobe Acrobat DC to version 15.020.20039.
Update Adobe Acrobat Reader DC to version 15.006.30243.
Update Adobe Reader IX and Adobe Acrobat IX to version 11.0.18
Adobe Reader: 11.0.0 - 15.017.20053
Adobe Acrobat: 11.0.0 - 15.017.20053
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb16-33.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
12) Arbitrary code execution
EUVDB-ID: #VU867
Risk: High
CVSSv3.1: 8.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2016-7013
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote unauthenticated user to execute arbitrary code on the target system.
The weakness is due to memory corruption error. By tricking the victim to download a specially crafted .pdf file, attackers can bypass security restrictions and to execute arbitrary code.
Successful exploitatin of the vulnerability leads to arbitrary code execution on the vulnerable system.
Update Adobe Acrobat DC to version 15.020.20039.
Update Adobe Acrobat Reader DC to version 15.006.30243.
Update Adobe Reader IX and Adobe Acrobat IX to version 11.0.18
Adobe Acrobat: 11.0.0 - 15.017.20053
Adobe Reader: 11.0.0 - 15.017.20053
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb16-33.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
13) Arbitrary code execution
EUVDB-ID: #VU868
Risk: High
CVSSv3.1: 8.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2016-7012
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote unauthenticated user to execute arbitrary code on the target system.
The weakness is due to memory corruption error. By tricking the victim to download a specially crafted .pdf file, attackers can bypass security restrictions and to execute arbitrary code.
Successful exploitatin of the vulnerability leads to arbitrary code execution on the vulnerable system.
Update Adobe Acrobat DC to version 15.020.20039.
Update Adobe Acrobat Reader DC to version 15.006.30243.
Update Adobe Reader IX and Adobe Acrobat IX to version 11.0.18
Adobe Acrobat: 11.0.0 - 15.017.20053
Adobe Reader: 11.0.0 - 15.017.20053
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb16-33.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
14) Arbitrary code execution
EUVDB-ID: #VU869
Risk: High
CVSSv3.1: 8.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2016-7010
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote unauthenticated user to execute arbitrary code on the target system.
The weakness is due to memory corruption error. By tricking the victim to download a specially crafted .pdf file, attackers can bypass security restrictions and to execute arbitrary code.
Successful exploitatin of the vulnerability leads to arbitrary code execution on the vulnerable system.
Update Adobe Acrobat DC to version 15.020.20039.
Update Adobe Acrobat Reader DC to version 15.006.30243.
Update Adobe Reader IX and Adobe Acrobat IX to version 11.0.18
Adobe Reader: 11.0.0 - 15.017.20053
Adobe Acrobat: 11.0.0 - 15.017.20053
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb16-33.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
15) Arbitrary code execution
EUVDB-ID: #VU870
Risk: High
CVSSv3.1: 8.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2016-7011
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote unauthenticated user to execute arbitrary code on the target system.
The weakness is due to memory corruption error. By tricking the victim to download a specially crafted .pdf file, attackers can bypass security restrictions and to execute arbitrary code.
Successful exploitatin of the vulnerability leads to arbitrary code execution on the vulnerable system.
Update Adobe Acrobat DC to version 15.020.20039.
Update Adobe Acrobat Reader DC to version 15.006.30243.
Update Adobe Reader IX and Adobe Acrobat IX to version 11.0.18
Adobe Acrobat: 11.0.0 - 15.017.20053
Adobe Reader: 11.0.0 - 15.017.20053
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb16-33.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
16) Arbitrary code execution
EUVDB-ID: #VU871
Risk: High
CVSSv3.1: 8.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2016-7009
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote unauthenticated user to execute arbitrary code on the target system.
The weakness is due to memory corruption error. By tricking the victim to download a specially crafted .pdf file, attackers can bypass security restrictions and to execute arbitrary code.
Successful exploitatin of the vulnerability leads to arbitrary code execution on the vulnerable system.
Update Adobe Acrobat DC to version 15.020.20039.
Update Adobe Acrobat Reader DC to version 15.006.30243.
Update Adobe Reader IX and Adobe Acrobat IX to version 11.0.18
Adobe Reader: 11.0.0 - 15.017.20053
Adobe Acrobat: 11.0.0 - 15.017.20053
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb16-33.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
17) Arbitrary code execution
EUVDB-ID: #VU872
Risk: High
CVSSv3.1: 8.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2016-7008
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote unauthenticated user to execute arbitrary code on the target system.
The weakness is due to memory corruption error. By tricking the victim to download a specially crafted .pdf file, attackers can bypass security restrictions and to execute arbitrary code.
Successful exploitatin of the vulnerability leads to arbitrary code execution on the vulnerable system.
Update Adobe Acrobat DC to version 15.020.20039.
Update Adobe Acrobat Reader DC to version 15.006.30243.
Update Adobe Reader IX and Adobe Acrobat IX to version 11.0.18.
Adobe Acrobat: 11.0.0 - 15.017.20053
Adobe Reader: 11.0.0 - 15.017.20053
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb16-33.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
18) Arbitrary code execution
EUVDB-ID: #VU873
Risk: High
CVSSv3.1: 8.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2016-7007
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote unauthenticated user to execute arbitrary code on the target system.
The weakness is due to memory corruption error. By tricking the victim to download a specially crafted .pdf file, attackers can bypass security restrictions and to execute arbitrary code.
Successful exploitatin of the vulnerability leads to arbitrary code execution on the vulnerable system.
Update Adobe Acrobat DC to version 15.020.20039.
Update Adobe Acrobat Reader DC to version 15.006.30243.
Update Adobe Reader IX and Adobe Acrobat IX to version 11.0.18
Adobe Acrobat: 11.0.0 - 15.017.20053
Adobe Reader: 11.0.0 - 15.017.20053
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb16-33.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
19) Arbitrary code execution
EUVDB-ID: #VU874
Risk: High
CVSSv3.1: 8.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2016-7006
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote unauthenticated user to execute arbitrary code on the target system.
The weakness is due to memory corruption error. By tricking the victim to download a specially crafted .pdf file, attackers can bypass security restrictions and to execute arbitrary code.
Successful exploitation of the vulnerability leads to arbitrary code execution on the vulnerable system.
Update Adobe Acrobat DC to version 15.020.20039.
Update Adobe Acrobat Reader DC to version 15.006.30243.
Update Adobe Reader IX and Adobe Acrobat IX to version 11.0.18
Adobe Reader: 11.0.0 - 15.017.20053
Adobe Acrobat: 11.0.0 - 15.017.20053
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb16-33.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
20) Arbitrary code execution
EUVDB-ID: #VU875
Risk: High
CVSSv3.1: 8.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2016-7005
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote unauthenticated user to execute arbitrary code on the target system.
The weakness is due to memory corruption error. By tricking the victim to download a specially crafted .pdf file, attackers can bypass security restrictions and to execute arbitrary code.
Successful exploitatin of the vulnerability leads to arbitrary code execution on the vulnerable system.
Update Adobe Acrobat DC to version 15.020.20039.
Update Adobe Acrobat Reader DC to version 15.006.30243.
Update Adobe Reader IX and Adobe Acrobat IX to version 11.0.18
Adobe Reader: 11.0.0 - 15.010.20060
Adobe Acrobat: 11.0.0 - 11.0.17
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb16-33.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
21) Arbitrary code execution
EUVDB-ID: #VU876
Risk: High
CVSSv3.1: 8.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2016-7004
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote unauthenticated user to execute arbitrary code on the target system.
The weakness is due to memory corruption error. By tricking the victim to download a specially crafted .pdf file, attackers can bypass security restrictions and to execute arbitrary code.
Successful exploitatin of the vulnerability leads to arbitrary code execution on the vulnerable system.
Update Adobe Acrobat DC to version 15.020.20039.
Update Adobe Acrobat Reader DC to version 15.006.30243.
Update Adobe Reader IX and Adobe Acrobat IX to version 11.0.18.
Adobe Reader: 11.0.17 - 15.017.20053
Adobe Acrobat: 15.006.30201
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb16-33.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
22) Arbitrary code execution
EUVDB-ID: #VU877
Risk: High
CVSSv3.1: 8.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2016-7003
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote unauthenticated user to execute arbitrary code on the target system.
The weakness is due to memory corruption error. By tricking the victim to download a specially crafted .pdf file, attackers can bypass security restrictions and to execute arbitrary code.
Successful exploitatin of the vulnerability leads to arbitrary code execution on the vulnerable system.
Update Adobe Acrobat DC to version 15.020.20039.
Update Adobe Acrobat Reader DC to version 15.006.30243.
Update Adobe Reader IX and Adobe Acrobat IX to version 11.0.18.
Adobe Reader: 11.0.17 - 15.017.20053
Adobe Acrobat: 15.006.30201
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb16-33.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
23) Arbitrary code execution
EUVDB-ID: #VU878
Risk: High
CVSSv3.1: 8.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2016-7002
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote unauthenticated user to execute arbitrary code on the target system.
The weakness is due to memory corruption error. By tricking the victim to download a specially crafted .pdf file, attackers can bypass security restrictions and to execute arbitrary code.
Successful exploitatin of the vulnerability leads to arbitrary code execution on the vulnerable system.
Update Adobe Acrobat DC to version 15.020.20039.
Update Adobe Acrobat Reader DC to version 15.006.30243.
Update Adobe Reader IX and Adobe Acrobat IX to version 11.0.18
Adobe Acrobat: 11.0.0 - 15.017.20053
Adobe Reader: 11.0.0 - 15.017.20053
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb16-33.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
24) Arbitrary code execution
EUVDB-ID: #VU879
Risk: High
CVSSv3.1: 8.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2016-7001
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote unauthenticated user to execute arbitrary code on the target system.
The weakness is due to memory corruption error. By tricking the victim to download a specially crafted .pdf file, attackers can bypass security restrictions and to execute arbitrary code.
Successful exploitatin of the vulnerability leads to arbitrary code execution on the vulnerable system.
Update Adobe Acrobat DC to version 15.020.20039.
Update Adobe Acrobat Reader DC to version 15.006.30243.
Update Adobe Reader IX and Adobe Acrobat IX to version 11.0.18
Adobe Reader: 11.0.0 - 15.017.20053
Adobe Acrobat: 11.0.0 - 15.017.20053
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb16-33.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
25) Arbitrary code execution
EUVDB-ID: #VU880
Risk: High
CVSSv3.1: 8.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2016-7000
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote unauthenticated user to execute arbitrary code on the target system.
The weakness is due to memory corruption error. By tricking the victim to download a specially crafted .pdf file, attackers can bypass security restrictions and to execute arbitrary code.
Successful exploitatin of the vulnerability leads to arbitrary code execution on the vulnerable system.
Update Adobe Acrobat DC to version 15.020.20039.
Update Adobe Acrobat Reader DC to version 15.006.30243.
Update Adobe Reader IX and Adobe Acrobat IX to version 11.0.18
Adobe Reader: 11.0.0 - 15.017.20053
Adobe Acrobat: 11.0.0 - 15.017.20053
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb16-33.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
26) Arbitrary code execution
EUVDB-ID: #VU881
Risk: High
CVSSv3.1: 8.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2016-6998
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote unauthenticated user to execute arbitrary code on the target system.
The weakness is due to memory corruption error. By tricking the victim to download a specially crafted .pdf file, attackers can bypass security restrictions and to execute arbitrary code.
Successful exploitatin of the vulnerability leads to arbitrary code execution on the vulnerable system.
Update Adobe Acrobat DC to version 15.020.20039.
Update Adobe Acrobat Reader DC to version 15.006.30243.
Update Adobe Reader IX and Adobe Acrobat IX to version 11.0.18
Adobe Acrobat: 11.0.0 - 15.017.20053
Adobe Reader: 11.0.0 - 15.017.20053
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb16-33.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
27) Arbitrary code execution
EUVDB-ID: #VU882
Risk: High
CVSSv3.1: 8.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2016-6997
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote unauthenticated user to execute arbitrary code on the target system.
The weakness is due to memory corruption error. By tricking the victim to download a specially crafted .pdf file, attackers can bypass security restrictions and to execute arbitrary code.
Successful exploitatin of the vulnerability leads to arbitrary code execution on the vulnerable system.
Update Adobe Acrobat DC to version 15.020.20039.
Update Adobe Acrobat Reader DC to version 15.006.30243.
Update Adobe Reader IX and Adobe Acrobat IX to version 11.0.18
Adobe Reader: 11.0.0 - 15.017.20053
Adobe Acrobat: 11.0.0 - 15.017.20053
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb16-33.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
28) Arbitrary code execution
EUVDB-ID: #VU883
Risk: High
CVSSv3.1: 8.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2016-6996
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote unauthenticated user to execute arbitrary code on the target system.
The weakness is due to memory corruption error. By tricking the victim to download a specially crafted .pdf file, attackers can bypass security restrictions and to execute arbitrary code.
Successful exploitatin of the vulnerability leads to arbitrary code execution on the vulnerable system.
Update Adobe Acrobat DC to version 15.020.20039.
Update Adobe Acrobat Reader DC to version 15.006.30243.
Update Adobe Reader IX and Adobe Acrobat IX to version 11.0.18
Adobe Acrobat: 11.0.0 - 15.017.20053
Adobe Reader: 11.0.0 - 15.017.20053
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb16-33.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
29) Arbitrary code execution
EUVDB-ID: #VU884
Risk: High
CVSSv3.1: 8.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2016-6995
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote unauthenticated user to execute arbitrary code on the target system.
The weakness is due to memory corruption error. By tricking the victim to download a specially crafted .pdf file, attackers can bypass security restrictions and to execute arbitrary code.
Successful exploitatin of the vulnerability leads to arbitrary code execution on the vulnerable system.
Update Adobe Acrobat DC to version 15.020.20039.
Update Adobe Acrobat Reader DC to version 15.006.30243.
Update Adobe Reader IX and Adobe Acrobat IX to version 11.0.18
Adobe Reader: 11.0.0 - 15.017.20053
Adobe Acrobat: 11.0.0 - 15.017.20053
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb16-33.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
30) Arbitrary code execution
EUVDB-ID: #VU885
Risk: High
CVSSv3.1: 8.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2016-6978
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote unauthenticated user to execute arbitrary code on the target system.
The weakness is due to memory corruption error. By tricking the victim to download a specially crafted .pdf file, attackers can bypass security restrictions and to execute arbitrary code.
Successful exploitatin of the vulnerability leads to arbitrary code execution on the vulnerable system.
Update Adobe Acrobat DC to version 15.020.20039.
Update Adobe Acrobat Reader DC to version 15.006.30243.
Update Adobe Reader IX and Adobe Acrobat IX to version 11.0.18
Adobe Acrobat: 11.0.0 - 15.017.20053
Adobe Reader: 11.0.0 - 15.017.20053
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb16-33.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
31) Arbitrary code execution
EUVDB-ID: #VU886
Risk: High
CVSSv3.1: 8.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2016-6977
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote unauthenticated user to execute arbitrary code on the target system.
The weakness is due to memory corruption error. By tricking the victim to download a specially crafted .pdf file, attackers can bypass security restrictions and to execute arbitrary code.
Successful exploitatin of the vulnerability leads to arbitrary code execution on the vulnerable system.
Update Adobe Acrobat DC to version 15.020.20039.
Update Adobe Acrobat Reader DC to version 15.006.30243.
Update Adobe Reader IX and Adobe Acrobat IX to version 11.0.18
Adobe Reader: 11.0.0 - 15.017.20053
Adobe Acrobat: 11.0.0 - 15.017.20053
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb16-33.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
32) Arbitrary code execution
EUVDB-ID: #VU887
Risk: High
CVSSv3.1: 8.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2016-6976
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote unauthenticated user to execute arbitrary code on the target system.
The weakness is due to memory corruption error. By tricking the victim to download a specially crafted .pdf file, attackers can bypass security restrictions and to execute arbitrary code.
Successful exploitatin of the vulnerability leads to arbitrary code execution on the vulnerable system.
Update Adobe Acrobat DC to version 15.020.20039.
Update Adobe Acrobat Reader DC to version 15.006.30243.
Update Adobe Reader IX and Adobe Acrobat IX to version 11.0.18.
Adobe Acrobat: 11.0.0 - 15.017.20053
Adobe Reader: 11.0.0 - 15.017.20053
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb16-33.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
33) Arbitrary code execution
EUVDB-ID: #VU888
Risk: High
CVSSv3.1: 8.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2016-6975
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote unauthenticated user to execute arbitrary code on the target system.
The weakness is due to memory corruption error. By tricking the victim to download a specially crafted .pdf file, attackers can bypass security restrictions and to execute arbitrary code.
Successful exploitatin of the vulnerability leads to arbitrary code execution on the vulnerable system.
Update Adobe Acrobat DC to version 15.020.20039.
Update Adobe Acrobat Reader DC to version 15.006.30243.
Update Adobe Reader IX and Adobe Acrobat IX to version 11.0.18.
Adobe Reader: 11.0.0 - 15.017.20053
Adobe Acrobat: 11.0.0 - 15.017.20053
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb16-33.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
34) Arbitrary code execution
EUVDB-ID: #VU889
Risk: High
CVSSv3.1: 6.2 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2016-6974
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote unauthenticated user to execute arbitrary code on the target system.
The weakness is due to memory corruption error. By tricking the victim to download a specially crafted .pdf file, attackers can bypass security restrictions and to execute arbitrary code.
Successful exploitatin of the vulnerability leads to arbitrary code execution on the vulnerable system.
Update Adobe Acrobat DC to version 15.020.20039.
Update Adobe Acrobat Reader DC to version 15.006.30243.
Update Adobe Reader IX and Adobe Acrobat IX to version 11.0.18.
Adobe Acrobat: 11.0.0 - 15.017.20053
Adobe Reader: 11.0.0 - 15.017.20053
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb16-33.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
35) Arbitrary code execution
EUVDB-ID: #VU890
Risk: High
CVSSv3.1: 8.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2016-6973
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote unauthenticated user to execute arbitrary code on the target system.
The weakness is due to memory corruption error. By tricking the victim to download a specially crafted .pdf file, attackers can bypass security restrictions and to execute arbitrary code.
Successful exploitatin of the vulnerability leads to arbitrary code execution on the vulnerable system.
Update Adobe Acrobat DC to version 15.020.20039.
Update Adobe Acrobat Reader DC to version 15.006.30243.
Update Adobe Reader IX and Adobe Acrobat IX to version 11.0.18.
Adobe Reader: 11.0.0 - 15.017.20053
Adobe Acrobat: 11.0.0 - 15.017.20053
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb16-33.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
36) Arbitrary code execution
EUVDB-ID: #VU891
Risk: High
CVSSv3.1: 8.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2016-6972
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote unauthenticated user to execute arbitrary code on the target system.
The weakness is due to memory corruption error. By tricking the victim to download a specially crafted .pdf file, attackers can bypass security restrictions and to execute arbitrary code.
Successful exploitatin of the vulnerability leads to arbitrary code execution on the vulnerable system.
Update Adobe Acrobat DC to version 15.020.20039.
Update Adobe Acrobat Reader DC to version 15.006.30243.
Update Adobe Reader IX and Adobe Acrobat IX to version 11.0.18.
Adobe Acrobat: 11.0.0 - 15.017.20053
Adobe Reader: 11.0.0 - 15.017.20053
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb16-33.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
37) Arbitrary code execution
EUVDB-ID: #VU892
Risk: High
CVSSv3.1: 8.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2016-6971
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote unauthenticated user to execute arbitrary code on the target system.
The weakness is due to memory corruption error. By tricking the victim to download a specially crafted .pdf file, attackers can bypass security restrictions and to execute arbitrary code.
Successful exploitatin of the vulnerability leads to arbitrary code execution on the vulnerable system.
Update Adobe Acrobat DC to version 15.020.20039.
Update Adobe Acrobat Reader DC to version 15.006.30243.
Update Adobe Reader IX and Adobe Acrobat IX to version 11.0.18.
Adobe Reader: 11.0.0 - 15.017.20053
Adobe Acrobat: 11.0.0 - 15.017.20053
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb16-33.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
38) Arbitrary code execution
EUVDB-ID: #VU893
Risk: High
CVSSv3.1: 8.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2016-6970
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote unauthenticated user to execute arbitrary code on the target system.
The weakness is due to memory corruption error. By tricking the victim to download a specially crafted .pdf file, attackers can bypass security restrictions and to execute arbitrary code.
Successful exploitatin of the vulnerability leads to arbitrary code execution on the vulnerable system.
Update Adobe Acrobat DC to version 15.020.20039.
Update Adobe Acrobat Reader DC to version 15.006.30243.
Update Adobe Reader IX and Adobe Acrobat IX to version 11.0.18.
Adobe Acrobat: 11.0.0 - 15.017.20053
Adobe Reader: 11.0.0 - 15.017.20053
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb16-33.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
39) Arbitrary code execution
EUVDB-ID: #VU894
Risk: High
CVSSv3.1: 8.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2016-6966
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote unauthenticated user to execute arbitrary code on the target system.
The weakness is due to memory corruption error. By tricking the victim to download a specially crafted .pdf file, attackers can bypass security restrictions and to execute arbitrary code.
Successful exploitatin of the vulnerability leads to arbitrary code execution on the vulnerable system.
Update Adobe Acrobat DC to version 15.020.20039.
Update Adobe Acrobat Reader DC to version 15.006.30243.
Update Adobe Reader IX and Adobe Acrobat IX to version 11.0.18.
Adobe Acrobat: 11.0.0 - 15.017.20053
Adobe Reader: 11.0.0 - 15.017.20053
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb16-33.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
40) Arbitrary code execution
EUVDB-ID: #VU895
Risk: High
CVSSv3.1: 8.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2016-6960
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote unauthenticated user to execute arbitrary code on the target system.
The weakness is due to insufficient input validation. By tricking the victim to download a specially crafted .pdf file that may cause a read past the end of an allocated object, attackers can bypass security restrictions and to execute arbitrary code.
Successful exploitatin of the vulnerability leads to arbitrary code execution on the vulnerable system.
Update Adobe Acrobat DC to version 15.020.20039.
Update Adobe Acrobat Reader DC to version 15.006.30243.
Update Adobe Reader IX and Adobe Acrobat IX to version 11.0.18.
Adobe Reader: 11.0.0 - 15.017.20053
Adobe Acrobat: 11.0.0 - 15.017.20053
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb16-33.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
41) Arbitrary code execution
EUVDB-ID: #VU896
Risk: High
CVSSv3.1: 8.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2016-6959
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote unauthenticated user to execute arbitrary code on the target system.
The weakness is due to memory corruption error. By tricking the victim to download a specially crafted .pdf file, attackers can bypass security restrictions and to execute arbitrary code.
Successful exploitatin of the vulnerability leads to arbitrary code execution on the vulnerable system.
Update Adobe Acrobat DC to version 15.020.20039.
Update Adobe Acrobat Reader DC to version 15.006.30243.
Update Adobe Reader IX and Adobe Acrobat IX to version 11.0.18.
Adobe Acrobat: 11.0.0 - 15.017.20053
Adobe Reader: 11.0.0 - 15.017.20053
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb16-33.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
42) Arbitrary code execution
EUVDB-ID: #VU897
Risk: High
CVSSv3.1: 8.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2016-6956
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote unauthenticated user to execute arbitrary code on the target system.
The weakness is due to memory corruption error. By tricking the victim to download a specially crafted .pdf file, attackers can bypass security restrictions and to execute arbitrary code.
Successful exploitatin of the vulnerability leads to arbitrary code execution on the vulnerable system.
Update Adobe Acrobat DC to version 15.020.20039.
Update Adobe Acrobat Reader DC to version 15.006.30243.
Update Adobe Reader IX and Adobe Acrobat IX to version 11.0.18.
Adobe Reader: 11.0.0 - 15.017.20053
Adobe Acrobat: 11.0.0 - 15.017.20053
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb16-33.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
43) Arbitrary code execution
EUVDB-ID: #VU898
Risk: High
CVSSv3.1: 8.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2016-6955
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote unauthenticated user to execute arbitrary code on the target system.
The weakness is due to memory corruption error. By tricking the victim to download a specially crafted .pdf file, attackers can bypass security restrictions and to execute arbitrary code.
Successful exploitatin of the vulnerability leads to arbitrary code execution on the vulnerable system.
Update Adobe Acrobat DC to version 15.020.20039.
Update Adobe Acrobat Reader DC to version 15.006.30243.
Update Adobe Reader IX and Adobe Acrobat IX to version 11.0.18.
Adobe Acrobat: 11.0.0 - 15.017.20053
Adobe Reader: 11.0.0 - 15.017.20053
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb16-33.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
44) Arbitrary code execution
EUVDB-ID: #VU899
Risk: High
CVSSv3.1: 8.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2016-6954
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote unauthenticated user to execute arbitrary code on the target system.
The weakness is due to memory corruption error. By tricking the victim to download a specially crafted .pdf file, attackers can bypass security restrictions and to execute arbitrary code.
Successful exploitatin of the vulnerability leads to arbitrary code execution on the vulnerable system.
Update Adobe Acrobat DC to version 15.020.20039.
Update Adobe Acrobat Reader DC to version 15.006.30243.
Update Adobe Reader IX and Adobe Acrobat IX to version 11.0.18.
Adobe Reader: 11.0.0 - 15.017.20053
Adobe Acrobat: 11.0.0 - 15.017.20053
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb16-33.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
45) Arbitrary code execution
EUVDB-ID: #VU900
Risk: High
CVSSv3.1: 8.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2016-6951
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote unauthenticated user to execute arbitrary code on the target system.
The weakness is due to memory corruption error. By tricking the victim to download a specially crafted .pdf file, attackers can bypass security restrictions and to execute arbitrary code.
Successful exploitatin of the vulnerability leads to arbitrary code execution on the vulnerable system.
Update Adobe Acrobat DC to version 15.020.20039.
Update Adobe Acrobat Reader DC to version 15.006.30243.
Update Adobe Reader IX and Adobe Acrobat IX to version 11.0.18.
Adobe Acrobat: 11.0.0 - 15.017.20053
Adobe Reader: 11.0.0 - 15.017.20053
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb16-33.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
46) Arbitrary code execution
EUVDB-ID: #VU901
Risk: High
CVSSv3.1: 8.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2016-6950
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote unauthenticated user to execute arbitrary code on the target system.
The weakness is due to memory corruption error. By tricking the victim to download a specially crafted .pdf file, attackers can bypass security restrictions and to execute arbitrary code.
Successful exploitatin of the vulnerability leads to arbitrary code execution on the vulnerable system.
Update Adobe Acrobat DC to version 15.020.20039.
Update Adobe Acrobat Reader DC to version 15.006.30243.
Update Adobe Reader IX and Adobe Acrobat IX to version 11.0.18.
Adobe Reader: 11.0.0 - 15.017.20053
Adobe Acrobat: 11.0.0 - 15.017.20053
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb16-33.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
47) Arbitrary code execution
EUVDB-ID: #VU902
Risk: High
CVSSv3.1: 8.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2016-6948
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote unauthenticated user to execute arbitrary code on the target system.
The weakness is due to memory corruption error. By tricking the victim to download a specially crafted .pdf file, attackers can bypass security restrictions and to execute arbitrary code.
Successful exploitatin of the vulnerability leads to arbitrary code execution on the vulnerable system.
Update Adobe Acrobat DC to version 15.020.20039.
Update Adobe Acrobat Reader DC to version 15.006.30243.
Update Adobe Reader IX and Adobe Acrobat IX to version 11.0.18.
Adobe Acrobat: 11.0.0 - 15.017.20053
Adobe Reader: 11.0.0 - 15.017.20053
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb16-33.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
48) Arbitrary code execution
EUVDB-ID: #VU903
Risk: High
CVSSv3.1: 8.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2016-6947
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote unauthenticated user to execute arbitrary code on the target system.
The weakness is due to memory corruption error. By tricking the victim to download a specially crafted .pdf file, attackers can bypass security restrictions and to execute arbitrary code.
Successful exploitatin of the vulnerability leads to arbitrary code execution on the vulnerable system.
Update Adobe Acrobat DC to version 15.020.20039.
Update Adobe Acrobat Reader DC to version 15.006.30243.
Update Adobe Reader IX and Adobe Acrobat IX to version 11.0.18.
Adobe Reader: 11.0.0 - 15.017.20053
Adobe Acrobat: 11.0.0 - 15.017.20053
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb16-33.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
49) Arbitrary code execution
EUVDB-ID: #VU904
Risk: High
CVSSv3.1: 8.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2016-6943
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote unauthenticated user to execute arbitrary code on the target system.
The weakness is due to memory corruption error. By tricking the victim to download a specially crafted .pdf file, attackers can bypass security restrictions and to execute arbitrary code.
Successful exploitatin of the vulnerability leads to arbitrary code execution on the vulnerable system.
Update Adobe Acrobat DC to version 15.020.20039.
Update Adobe Acrobat Reader DC to version 15.006.30243.
Update Adobe Reader IX and Adobe Acrobat IX to version 11.0.18.
Adobe Acrobat: 11.0.0 - 15.017.20053
Adobe Reader: 11.0.0 - 15.017.20053
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb16-33.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
50) Arbitrary code execution
EUVDB-ID: #VU905
Risk: High
CVSSv3.1: 8.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2016-6942
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote unauthenticated user to execute arbitrary code on the target system.
The weakness is due to memory corruption error. By tricking the victim to download a specially crafted .pdf file, attackers can bypass security restrictions and to execute arbitrary code.
Successful exploitatin of the vulnerability leads to arbitrary code execution on the vulnerable system.
Update Adobe Acrobat DC to version 15.020.20039.
Update Adobe Acrobat Reader DC to version 15.006.30243.
Update Adobe Reader IX and Adobe Acrobat IX to version 11.0.18.
Adobe Reader: 11.0.0 - 15.017.20053
Adobe Acrobat: 11.0.0 - 15.017.20053
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb16-33.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
51) Arbitrary code execution
EUVDB-ID: #VU906
Risk: High
CVSSv3.1: 8.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2016-6941
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote unauthenticated user to execute arbitrary code on the target system.
The weakness is due to memory corruption error. By tricking the victim to download a specially crafted .pdf file, attackers can bypass security restrictions and to execute arbitrary code.
Successful exploitatin of the vulnerability leads to arbitrary code execution on the vulnerable system.
Update Adobe Acrobat DC to version 15.020.20039.
Update Adobe Acrobat Reader DC to version 15.006.30243.
Update Adobe Reader IX and Adobe Acrobat IX to version 11.0.18.
Adobe Acrobat: 11.0.0 - 15.017.20053
Adobe Reader: 11.0.0 - 15.017.20053
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb16-33.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
52) Arbitrary code execution
EUVDB-ID: #VU907
Risk: High
CVSSv3.1: 8.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2016-6940
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote unauthenticated user to execute arbitrary code on the target system.
The weakness is due to memory corruption error. By tricking the victim to download a specially crafted .pdf file, attackers can bypass security restrictions and to execute arbitrary code.
Successful exploitatin of the vulnerability leads to arbitrary code execution on the vulnerable system.
Update Adobe Acrobat DC to version 15.020.20039.
Update Adobe Acrobat Reader DC to version 15.006.30243.
Update Adobe Reader IX and Adobe Acrobat IX to version 11.0.18.
Adobe Reader: 11.0.0 - 15.017.20053
Adobe Acrobat: 11.0.0 - 15.017.20053
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb16-33.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
53) Arbitrary code execution
EUVDB-ID: #VU908
Risk: High
CVSSv3.1: 8.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2016-6939
CWE-ID:
CWE-122 - Heap-based Buffer Overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote unauthenticated user to cause arbitrary code execution on the target system.
The weakness is due to heap buffer overflow. By tricking the victim to download a specially crafted file attackers can bypass security restrictions and trigger an arbitrary code to be executed.
Successful exploitatin of the vulnerability leads to arbitrary code execution on the vulnerable system.
Update Adobe Acrobat DC to version 15.020.20039.
Update Adobe Acrobat Reader DC to version 15.006.30243.
Update Adobe Reader IX and Adobe Acrobat IX to version 11.0.18.
Adobe Reader: 11.0.0 - 15.017.20053
Adobe Acrobat: 11.0.0 - 15.017.20053
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb16-33.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
54) Arbitrary code execution
EUVDB-ID: #VU909
Risk: High
CVSSv3.1: 8.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2016-6979
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a remote unauthenticated user to cause arbitrary code execution on the target system.
The weakness is due to use-after-free memory error. By tricking the victim to download a specially crafted file attackers can bypass security restrictions and trigger an arbitrary code to be executed.
Successful exploitatin of the vulnerability leads to arbitrary code execution on the vulnerable system.
Update Adobe Acrobat DC to version 15.020.20039.
Update Adobe Acrobat Reader DC to version 15.006.30243.
Update Adobe Reader IX and Adobe Acrobat IX to version 11.0.18.
Adobe Acrobat: 11.0.0 - 15.017.20053
Adobe Reader: 11.0.0 - 15.017.20053
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb16-33.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
55) Arbitrary code execution
EUVDB-ID: #VU910
Risk: High
CVSSv3.1: 8.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2016-6969
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a remote unauthenticated user to cause arbitrary code execution on the target system.
The weakness is due to use-after-free memory error. By tricking the victim to download a specially crafted file attackers can bypass security restrictions and trigger an arbitrary code to be executed.
Successful exploitatin of the vulnerability leads to arbitrary code execution on the vulnerable system.
Update Adobe Acrobat DC to version 15.020.20039.
Update Adobe Acrobat Reader DC to version 15.006.30243.
Update Adobe Reader IX and Adobe Acrobat IX to version 11.0.18.
Adobe Reader: 11.0.0 - 15.017.20053
Adobe Acrobat: 11.0.0 - 15.017.20053
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb16-33.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
56) Arbitrary code execution
EUVDB-ID: #VU911
Risk: High
CVSSv3.1: 8.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2016-6971
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a remote unauthenticated user to cause arbitrary code execution on the target system.
The weakness is due to use-after-free memory error. By tricking the victim to download a specially crafted file attackers can bypass security restrictions and trigger an arbitrary code to be executed.
Successful exploitatin of the vulnerability leads to arbitrary code execution on the vulnerable system.
Update Adobe Acrobat DC to version 15.020.20039.
Update Adobe Acrobat Reader DC to version 15.006.30243.
Update Adobe Reader IX and Adobe Acrobat IX to version 11.0.18.
Adobe Reader: 11.0.0 - 15.017.20053
Adobe Acrobat: 11.0.0 - 15.017.20053
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb16-33.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
57) Arbitrary code execution
EUVDB-ID: #VU912
Risk: High
CVSSv3.1: 8.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2016-6968
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a remote unauthenticated user to cause arbitrary code execution on the target system.
The weakness is due to use-after-free memory error. By tricking the victim to download a specially crafted file attackers can bypass security restrictions and trigger an arbitrary code to be executed.
Successful exploitatin of the vulnerability leads to arbitrary code execution on the vulnerable system.
Update Adobe Acrobat DC to version 15.020.20039.
Update Adobe Acrobat Reader DC to version 15.006.30243.
Update Adobe Reader IX and Adobe Acrobat IX to version 11.0.18.
Adobe Acrobat: 11.0.0 - 15.017.20053
Adobe Reader: 11.0.0 - 15.017.20053
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb16-33.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
58) Arbitrary code execution
EUVDB-ID: #VU913
Risk: High
CVSSv3.1: 8.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2016-6967
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a remote unauthenticated user to cause arbitrary code execution on the target system.
The weakness is due to use-after-free memory error. By tricking the victim to download a specially crafted file attackers can bypass security restrictions and trigger an arbitrary code to be executed.
Successful exploitatin of the vulnerability leads to arbitrary code execution on the vulnerable system.
Update Adobe Acrobat DC to version 15.020.20039.
Update Adobe Acrobat Reader DC to version 15.006.30243.
Update Adobe Reader IX and Adobe Acrobat IX to version 11.0.18.
Adobe Reader: 11.0.0 - 15.017.20053
Adobe Acrobat: 11.0.0 - 15.017.20053
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb16-33.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
59) Arbitrary code execution
EUVDB-ID: #VU914
Risk: High
CVSSv3.1: 8.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2016-6966
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a remote unauthenticated user to cause arbitrary code execution on the target system.
The weakness is due to use-after-free memory error. By tricking the victim to download a specially crafted file attackers can bypass security restrictions and trigger an arbitrary code to be executed.
Successful exploitatin of the vulnerability leads to arbitrary code execution on the vulnerable system.
Update Adobe Acrobat DC to version 15.020.20039.
Update Adobe Acrobat Reader DC to version 15.006.30243.
Update Adobe Reader IX and Adobe Acrobat IX to version 11.0.18.
Adobe Acrobat: 11.0.0 - 15.017.20053
Adobe Reader: 11.0.0 - 15.017.20053
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb16-33.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
60) Arbitrary code execution
EUVDB-ID: #VU915
Risk: High
CVSSv3.1: 8.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2016-6965
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a remote unauthenticated user to cause arbitrary code execution on the target system.
The weakness is due to use-after-free memory error. By tricking the victim to download a specially crafted file attackers can bypass security restrictions and trigger an arbitrary code to be executed.
Successful exploitatin of the vulnerability leads to arbitrary code execution on the vulnerable system.
Update Adobe Acrobat DC to version 15.020.20039.
Update Adobe Acrobat Reader DC to version 15.006.30243.
Update Adobe Reader IX and Adobe Acrobat IX to version 11.0.18.
Adobe Acrobat: 11.0.0 - 15.017.20053
Adobe Reader: 11.0.0 - 15.017.20053
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb16-33.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
61) Arbitrary code execution
EUVDB-ID: #VU916
Risk: High
CVSSv3.1: 6.2 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2016-6964
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a remote unauthenticated user to cause arbitrary code execution on the target system.
The weakness is due to use-after-free memory error within the AXSLE library. By tricking the victim to download a specially crafted file attackers can bypass security restrictions and trigger an arbitrary code to be executed.
Successful exploitatin of the vulnerability leads to arbitrary code execution on the vulnerable system.
Update Adobe Acrobat DC to version 15.020.20039.
Update Adobe Acrobat Reader DC to version 15.006.30243.
Update Adobe Reader IX and Adobe Acrobat IX to version 11.0.18.
Adobe Acrobat: 11.0.0 - 15.017.20053
Adobe Reader: 11.0.0 - 15.017.20053
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb16-33.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
62) Arbitrary code execution
EUVDB-ID: #VU917
Risk: High
CVSSv3.1: 6.2 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2016-6963
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a remote unauthenticated user to cause arbitrary code execution on the target system.
The weakness is due to use-after-free memory error within the AXSLE library. By tricking the victim to download a specially crafted file attackers can bypass security restrictions and trigger an arbitrary code to be executed.
Successful exploitatin of the vulnerability leads to arbitrary code execution on the vulnerable system.
Update Adobe Acrobat DC to version 15.020.20039.
Update Adobe Acrobat Reader DC to version 15.006.30243.
Update Adobe Reader IX and Adobe Acrobat IX to version 11.0.18.
Adobe Reader: 11.0.0 - 15.017.20053
Adobe Acrobat: 11.0.0 - 15.017.20053
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb16-33.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
63) Arbitrary code execution
EUVDB-ID: #VU918
Risk: High
CVSSv3.1: 8.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2016-6962
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a remote unauthenticated user to cause arbitrary code execution on the target system.
The weakness is due to use-after-free memory error. By tricking the victim to download a specially crafted file attackers can bypass security restrictions and trigger an arbitrary code to be executed.
Successful exploitatin of the vulnerability leads to arbitrary code execution on the vulnerable system.
Update Adobe Acrobat DC to version 15.020.20039.
Update Adobe Acrobat Reader DC to version 15.006.30243.
Update Adobe Reader IX and Adobe Acrobat IX to version 11.0.18.
Adobe Acrobat: 11.0.0 - 15.017.20053
Adobe Reader: 11.0.0 - 15.017.20053
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb16-33.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
64) Arbitrary code execution
EUVDB-ID: #VU919
Risk: High
CVSSv3.1: 8.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2016-6961
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a remote unauthenticated user to cause arbitrary code execution on the target system.
The weakness is due to use-after-free memory error. By tricking the victim to download a specially crafted file attackers can bypass security restrictions and trigger an arbitrary code to be executed.
Successful exploitatin of the vulnerability leads to arbitrary code execution on the vulnerable system.
Update Adobe Acrobat DC to version 15.020.20039.
Update Adobe Acrobat Reader DC to version 15.006.30243.
Update Adobe Reader IX and Adobe Acrobat IX to version 11.0.18.
Adobe Reader: 11.0.0 - 15.017.20053
Adobe Acrobat: 11.0.0 - 15.017.20053
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb16-33.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
65) Arbitrary code execution
EUVDB-ID: #VU920
Risk: High
CVSSv3.1: 8.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2016-6953
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a remote unauthenticated user to cause arbitrary code execution on the target system.
The weakness is due to use-after-free memory error. By tricking the victim to download a specially crafted file attackers can bypass security restrictions and trigger an arbitrary code to be executed.
Successful exploitatin of the vulnerability leads to arbitrary code execution on the vulnerable system.
Update Adobe Acrobat DC to version 15.020.20039.
Update Adobe Acrobat Reader DC to version 15.006.30243.
Update Adobe Reader IX and Adobe Acrobat IX to version 11.0.18.
Adobe Acrobat: 11.0.0 - 15.017.20053
Adobe Reader: 11.0.0 - 15.017.20053
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb16-33.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
66) Arbitrary code execution
EUVDB-ID: #VU921
Risk: High
CVSSv3.1: 8.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2016-6952
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a remote unauthenticated user to cause arbitrary code execution on the target system.
The weakness is due to use-after-free memory error. By tricking the victim to download a specially crafted file attackers can bypass security restrictions and trigger an arbitrary code to be executed.
Successful exploitatin of the vulnerability leads to arbitrary code execution on the vulnerable system.
Update Adobe Acrobat DC to version 15.020.20039.
Update Adobe Acrobat Reader DC to version 15.006.30243.
Update Adobe Reader IX and Adobe Acrobat IX to version 11.0.18.
Adobe Reader: 11.0.0 - 15.017.20053
Adobe Acrobat: 11.0.0 - 15.017.20053
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb16-33.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
67) Arbitrary code execution
EUVDB-ID: #VU922
Risk: High
CVSSv3.1: 8.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2016-6949
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a remote unauthenticated user to cause arbitrary code execution on the target system.
The weakness is due to use-after-free memory error. By tricking the victim to download a specially crafted file attackers can bypass security restrictions and trigger an arbitrary code to be executed.
Successful exploitatin of the vulnerability leads to arbitrary code execution on the vulnerable system.
Update Adobe Acrobat DC to version 15.020.20039.
Update Adobe Acrobat Reader DC to version 15.006.30243.
Update Adobe Reader IX and Adobe Acrobat IX to version 11.0.18.
Adobe Acrobat: 11.0.0 - 15.017.20053
Adobe Reader: 11.0.0 - 15.017.20053
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb16-33.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
68) Arbitrary code execution
EUVDB-ID: #VU923
Risk: High
CVSSv3.1: 8.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2016-6946
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a remote unauthenticated user to cause arbitrary code execution on the target system.
The weakness is due to use-after-free memory error. By tricking the victim to download a specially crafted file attackers can bypass security restrictions and trigger an arbitrary code to be executed.
Successful exploitatin of the vulnerability leads to arbitrary code execution on the vulnerable system.
Update Adobe Acrobat DC to version 15.020.20039.
Update Adobe Acrobat Reader DC to version 15.006.30243.
Update Adobe Reader IX and Adobe Acrobat IX to version 11.0.18.
Adobe Reader: 11.0.0 - 15.017.20053
Adobe Acrobat: 11.0.0 - 15.017.20053
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb16-33.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
69) Arbitrary code execution
EUVDB-ID: #VU924
Risk: High
CVSSv3.1: 8.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2016-6945
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a remote unauthenticated user to cause arbitrary code execution on the target system.
The weakness is due to use-after-free memory error. By tricking the victim to download a specially crafted file attackers can bypass security restrictions and trigger an arbitrary code to be executed.
Successful exploitatin of the vulnerability leads to arbitrary code execution on the vulnerable system.
Update Adobe Acrobat DC to version 15.020.20039.
Update Adobe Acrobat Reader DC to version 15.006.30243.
Update Adobe Reader IX and Adobe Acrobat IX to version 11.0.18.
Adobe Acrobat: 11.0.0 - 15.017.20053
Adobe Reader: 11.0.0 - 15.017.20053
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb16-33.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
70) Arbitrary code execution
EUVDB-ID: #VU925
Risk: High
CVSSv3.1: 8.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2016-6944
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a remote unauthenticated user to cause arbitrary code execution on the target system.
The weakness is due to use-after-free memory error. By tricking the victim to download a specially crafted file attackers can bypass security restrictions and trigger an arbitrary code to be executed.
Successful exploitatin of the vulnerability leads to arbitrary code execution on the vulnerable system.
Update Adobe Acrobat DC to version 15.020.20039.
Update Adobe Acrobat Reader DC to version 15.006.30243.
Update Adobe Reader IX and Adobe Acrobat IX to version 11.0.18.
Adobe Reader: 11.0.0 - 15.017.20053
Adobe Acrobat: 11.0.0 - 15.017.20053
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb16-33.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
71) Arbitrary code execution
EUVDB-ID: #VU926
Risk: High
CVSSv3.1: 8.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2016-1091
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a remote unauthenticated user to cause arbitrary code execution on the target system.
The weakness is due to use-after-free memory error. By tricking the victim to download a specially crafted file attackers can bypass security restrictions and trigger an arbitrary code to be executed.
Successful exploitatin of the vulnerability leads to arbitrary code execution on the vulnerable system.
Update Adobe Acrobat DC to version 15.020.20039.
Update Adobe Acrobat Reader DC to version 15.006.30243.
Update Adobe Reader IX and Adobe Acrobat IX to version 11.0.18.
Adobe Acrobat: 11.0.0 - 15.017.20053
Adobe Reader: 11.0.0 - 15.017.20053
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb16-33.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
72) Arbitrary code execution
EUVDB-ID: #VU927
Risk: High
CVSSv3.1: 8.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2016-1089
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a remote unauthenticated user to cause arbitrary code execution on the target system.
The weakness is due to use-after-free memory error. By tricking the victim to download a specially crafted file attackers can bypass security restrictions and trigger an arbitrary code to be executed.
Successful exploitatin of the vulnerability leads to arbitrary code execution on the vulnerable system.
Update Adobe Acrobat DC to version 15.020.20039.
Update Adobe Acrobat Reader DC to version 15.006.30243.
Update Adobe Reader IX and Adobe Acrobat IX to version 11.0.18.
Adobe Reader: 11.0.0 - 15.017.20053
Adobe Acrobat: 11.0.0 - 15.017.20053
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb16-33.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
