PT-2016-2384 · Adobe · Reader+4
Jaanus
·
Published
2016-07-07
·
Updated
2017-09-01
·
CVE-2016-4255
CVSS v3.1
8.8
High
| Vector | AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Adobe Reader versions prior to 11.0.17
Adobe Reader Document Cloud versions prior to 15.006.30198
Adobe Acrobat versions prior to 11.0.17
Adobe Acrobat Document Cloud Classic versions prior to 15.006.30198
Adobe Acrobat Document Cloud Continuous versions prior to 15.017.20050
Description
The issue is related to a use-after-free vulnerability, which can be exploited by a remote attacker to execute arbitrary code. This vulnerability is associated with the improper use of memory after it has been freed.
Recommendations
For Adobe Reader versions prior to 11.0.17, update to version 11.0.17 or later.
For Adobe Reader Document Cloud versions prior to 15.006.30198, update to version 15.006.30198 or later.
For Adobe Acrobat versions prior to 11.0.17, update to version 11.0.17 or later.
For Adobe Acrobat Document Cloud Classic versions prior to 15.006.30198, update to version 15.006.30198 or later.
For Adobe Acrobat Document Cloud Continuous versions prior to 15.017.20050, update to version 15.017.20050 or later.
Fix
Use After Free
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Acrobat
Adobe Acrobat Document Cloud Classic
Adobe Acrobat Document Cloud Continuous
Reader
Reader Document Cloud