KLA10807
Multiple vulnerabilities in Adobe Acrobat
Updated: 06/01/2019
Detect date
?
05/10/2016
Severity
?
Critical
Description

Multiple serious vulnerabilities have been found in Adobe Acrobat. Malicious users can exploit these vulnerabilities to cause denial of service, execute arbitrary code, bypass security restrictions or obtain sensitive information.

Below is a complete list of vulnerabilities

  1. Multiple use-after-free, heap buffer overflow, integer overflow and memory corruption vulnerabilities can be exploited to execute arbitrary code;
  2. Memory leak vulnerability can be potentially exploited to cause denial of service;
  3. An unknown vulnerability can be exploited remotely to obtain sensitive information;
  4. An unknown vulnerabilities can be exploited to bypass Javascript API restrictions;
  5. An insecure search path while updates resolve can be exploited to execute arbitrary code;
  6. Memory corruption vulnerability can be exploited remotely to cause denial of service.
Affected products

Adobe Acrobat XI versions earlier than 11.0.16
Adobe Acrobat Reader XI versions earlier than 11.0.16
Adobe Acrobat DC Classic versions earlier than 15.006.30172
Adobe Acrobat Reader DC Classic versions earlier than 15.006.30172
Adobe Acrobat DC Continuous versions earlier than 15.016.20039
Adobe Acrobat Reader DC Continuous versions earlier than 15.016.20039

Solution

Update to the latest version
Get reader

Original advisories

Adobe security bulletin

Impacts
?
ACE 
[?]

OSI 
[?]

DoS 
[?]

SB 
[?]
Related products
Adobe Reader XI
Adobe Acrobat Reader DC Continuous
Adobe Acrobat Reader DC Classic
CVE-IDS
?
CVE-2016-103710.0Critical
CVE-2016-103810.0Critical
CVE-2016-103910.0Critical
CVE-2016-104010.0Critical
CVE-2016-104110.0Critical
CVE-2016-104210.0Critical
CVE-2016-104310.0Critical
CVE-2016-104410.0Critical
CVE-2016-104510.0Critical
CVE-2016-104610.0Critical
CVE-2016-104710.0Critical
CVE-2016-104810.0Critical
CVE-2016-104910.0Critical
CVE-2016-105010.0Critical
CVE-2016-105110.0Critical
CVE-2016-105210.0Critical
CVE-2016-105310.0Critical
CVE-2016-105410.0Critical
CVE-2016-105510.0Critical
CVE-2016-105610.0Critical
CVE-2016-105710.0Critical
CVE-2016-105810.0Critical
CVE-2016-105910.0Critical
CVE-2016-106010.0Critical
CVE-2016-106110.0Critical
CVE-2016-106210.0Critical
CVE-2016-106310.0Critical
CVE-2016-106410.0Critical
CVE-2016-106510.0Critical
CVE-2016-106610.0Critical
CVE-2016-106710.0Critical
CVE-2016-106810.0Critical
CVE-2016-106910.0Critical
CVE-2016-107010.0Critical
CVE-2016-107110.0Critical
CVE-2016-107210.0Critical
CVE-2016-107310.0Critical
CVE-2016-107410.0Critical
CVE-2016-107510.0Critical
CVE-2016-107610.0Critical
CVE-2016-107710.0Critical
CVE-2016-107810.0Critical
CVE-2016-10795.0Critical
CVE-2016-108010.0Critical
CVE-2016-108110.0Critical
CVE-2016-108210.0Critical
CVE-2016-108310.0Critical
CVE-2016-108410.0Critical
CVE-2016-108510.0Critical
CVE-2016-108610.0Critical
CVE-2016-10877.2High
CVE-2016-108810.0Critical
CVE-2016-10907.2High
CVE-2016-10925.0Critical
CVE-2016-109310.0Critical
CVE-2016-109410.0Critical
CVE-2016-109510.0Critical
CVE-2016-111210.0Critical
CVE-2016-111610.0Critical
CVE-2016-111710.0Critical
CVE-2016-111810.0Critical
CVE-2016-111910.0Critical
CVE-2016-112010.0Critical
CVE-2016-112110.0Critical
CVE-2016-112210.0Critical
CVE-2016-112310.0Critical
CVE-2016-112410.0Critical
CVE-2016-112510.0Critical
CVE-2016-112610.0Critical
CVE-2016-112710.0Critical
CVE-2016-112810.0Critical
CVE-2016-112910.0Critical
CVE-2016-113010.0Critical
CVE-2016-408810.0Critical
CVE-2016-408910.0Critical
CVE-2016-409010.0Critical
CVE-2016-409110.0Critical
CVE-2016-409210.0Critical
CVE-2016-409310.0Critical
CVE-2016-409410.0Critical
CVE-2016-409610.0Critical
CVE-2016-409710.0Critical
CVE-2016-409810.0Critical
CVE-2016-409910.0Critical
CVE-2016-410010.0Critical
CVE-2016-410110.0Critical
CVE-2016-410210.0Critical
CVE-2016-410310.0Critical
CVE-2016-410410.0Critical
CVE-2016-410510.0Critical
CVE-2016-41067.2High
CVE-2016-410710.0Critical
CVE-2016-411910.0Critical