cnvd-2016-10263
Vulnerability from cnvd
Title
Adobe Reader和Acrobat内存破坏漏洞(CNVD-2016-10263)
Description
Adobe Reader等都是美国奥多比(Adobe)公司的产品。Adobe Reader是一款免费的PDF文件阅读器;Acrobat是一款PDF文件编辑和转换工具;Acrobat Reader DC是一套用于查看、打印和批注PDF的工具。Classic和Continuous是Acrobat Reader DC产品下载中心所提供的两种更新机制。 基于Windows和OS X平台上的Adobe Reader和Acrobat中存在内存破坏漏洞。攻击者可利用该漏洞执行任意代码,或造成拒绝服务(内存破坏)。
Severity
Patch Name
Adobe Reader和Acrobat内存破坏漏洞(NVD-C-2016-77808)的补丁
Patch Description
Adobe Reader等都是美国奥多比(Adobe)公司的产品。Adobe Reader是一款免费的PDF文件阅读器;Acrobat是一款PDF文件编辑和转换工具;Acrobat Reader DC是一套用于查看、打印和批注PDF的工具。Classic和Continuous是Acrobat Reader DC产品下载中心所提供的两种更新机制。 基于Windows和OS X平台上的Adobe Reader和Acrobat中存在内存破坏漏洞。攻击者可利用该漏洞执行任意代码,或造成拒绝服务(内存破坏)。目前,供应商发布了安全公告及相关补丁信息,修复了此漏洞。
Formal description

目前厂商已经发布了升级补丁以修复此安全问题,补丁获取链接: https://helpx.adobe.com/security/products/acrobat/apsb16-33.html

Reference
https://helpx.adobe.com/security/products/acrobat/apsb16-33.html
Impacted products
Name
['Adobe Acrobat Reader DC(on Windows and Macintosh) <=15.017.20053', 'Adobe Acrobat DC(on Windows and Macintosh) <=15.006.30201', 'Adobe Acrobat Reader DC(on Windows and Macintosh) <=15.006.30201', 'Adobe Acrobat DC(on Windows and Macintosh) <= 15.006.30201', 'Adobe Acrobat(on Windows/OS X ) <=11.0.17', 'Adobe Reader(Windows、Macintosh) <=11.0.17']
Show details on source website

To clipboard 

{
  "bids": {
    "bid": {
      "bidNumber": "93496"
    }
  },
  "cves": {
    "cve": {
      "cveNumber": "CVE-2016-7854"
    }
  },
  "description": "Adobe Reader\u7b49\u90fd\u662f\u7f8e\u56fd\u5965\u591a\u6bd4\uff08Adobe\uff09\u516c\u53f8\u7684\u4ea7\u54c1\u3002Adobe Reader\u662f\u4e00\u6b3e\u514d\u8d39\u7684PDF\u6587\u4ef6\u9605\u8bfb\u5668\uff1bAcrobat\u662f\u4e00\u6b3ePDF\u6587\u4ef6\u7f16\u8f91\u548c\u8f6c\u6362\u5de5\u5177\uff1bAcrobat Reader DC\u662f\u4e00\u5957\u7528\u4e8e\u67e5\u770b\u3001\u6253\u5370\u548c\u6279\u6ce8PDF\u7684\u5de5\u5177\u3002Classic\u548cContinuous\u662fAcrobat Reader DC\u4ea7\u54c1\u4e0b\u8f7d\u4e2d\u5fc3\u6240\u63d0\u4f9b\u7684\u4e24\u79cd\u66f4\u65b0\u673a\u5236\u3002\r\n\r\n\u57fa\u4e8eWindows\u548cOS X\u5e73\u53f0\u4e0a\u7684Adobe Reader\u548cAcrobat\u4e2d\u5b58\u5728\u5185\u5b58\u7834\u574f\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u6267\u884c\u4efb\u610f\u4ee3\u7801\uff0c\u6216\u9020\u6210\u62d2\u7edd\u670d\u52a1\uff08\u5185\u5b58\u7834\u574f\uff09\u3002",
  "discovererName": "kdot working with Trend Micro\u0027s Zero Day Initiative, Sebastian Apelt Siberas working with Trend Micro\u0027s Zero Day Initiative, akash Jain and Dhanesh Kizhakkinan of FireEye Inc, Kushal Arvind Shah of Fortinet\u0027s FortiGuard Labs, Jaanus K\u00c3\u00a4\u00c3\u00a4p of Clarified Sec",
  "formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u7ecf\u53d1\u5e03\u4e86\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u6b64\u5b89\u5168\u95ee\u9898\uff0c\u8865\u4e01\u83b7\u53d6\u94fe\u63a5\uff1a\r\nhttps://helpx.adobe.com/security/products/acrobat/apsb16-33.html",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2016-10263",
  "openTime": "2016-10-28",
  "patchDescription": "Adobe Reader\u7b49\u90fd\u662f\u7f8e\u56fd\u5965\u591a\u6bd4\uff08Adobe\uff09\u516c\u53f8\u7684\u4ea7\u54c1\u3002Adobe Reader\u662f\u4e00\u6b3e\u514d\u8d39\u7684PDF\u6587\u4ef6\u9605\u8bfb\u5668\uff1bAcrobat\u662f\u4e00\u6b3ePDF\u6587\u4ef6\u7f16\u8f91\u548c\u8f6c\u6362\u5de5\u5177\uff1bAcrobat Reader DC\u662f\u4e00\u5957\u7528\u4e8e\u67e5\u770b\u3001\u6253\u5370\u548c\u6279\u6ce8PDF\u7684\u5de5\u5177\u3002Classic\u548cContinuous\u662fAcrobat Reader DC\u4ea7\u54c1\u4e0b\u8f7d\u4e2d\u5fc3\u6240\u63d0\u4f9b\u7684\u4e24\u79cd\u66f4\u65b0\u673a\u5236\u3002\r\n\r\n\u57fa\u4e8eWindows\u548cOS X\u5e73\u53f0\u4e0a\u7684Adobe Reader\u548cAcrobat\u4e2d\u5b58\u5728\u5185\u5b58\u7834\u574f\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u6267\u884c\u4efb\u610f\u4ee3\u7801\uff0c\u6216\u9020\u6210\u62d2\u7edd\u670d\u52a1\uff08\u5185\u5b58\u7834\u574f\uff09\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Adobe Reader\u548cAcrobat\u5185\u5b58\u7834\u574f\u6f0f\u6d1e\uff08NVD-C-2016-77808\uff09\u7684\u8865\u4e01",
  "products": {
    "product": [
      "Adobe Acrobat Reader DC(on Windows and Macintosh) \u003c=15.017.20053",
      "Adobe Acrobat DC(on Windows and Macintosh) \u003c=15.006.30201",
      "Adobe Acrobat Reader DC(on Windows and Macintosh) \u003c=15.006.30201",
      "Adobe Acrobat DC(on Windows and Macintosh) \u003c= 15.006.30201",
      "Adobe Acrobat(on Windows/OS X ) \u003c=11.0.17",
      "Adobe Reader\uff08Windows\u3001Macintosh\uff09 \u003c=11.0.17"
    ]
  },
  "referenceLink": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html",
  "serverity": "\u9ad8",
  "submitTime": "2016-10-25",
  "title": "Adobe Reader\u548cAcrobat\u5185\u5b58\u7834\u574f\u6f0f\u6d1e\uff08CNVD-2016-10263\uff09"
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.