var-201605-0112
Vulnerability from variot
Heap-based buffer overflow in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4091. This vulnerability CVE-2016-4091 Is a different vulnerability.An attacker could execute arbitrary code. Failed attempts will likely cause a denial-of-service condition. Adobe Acrobat DC, etc. are all products of Adobe (Adobe) in the United States. Acrobat DC is a desktop PDF solution; Acrobat Reader DC is a set of tools for viewing, printing and annotating PDF
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201605-0112",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "acrobat dc",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.010.20060"
},
{
"model": "reader",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.15"
},
{
"model": "acrobat",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "11.0.15"
},
{
"model": "acrobat reader dc",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30121"
},
{
"model": "acrobat reader dc",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.010.20060"
},
{
"model": "acrobat dc",
"scope": "lte",
"trust": 1.0,
"vendor": "adobe",
"version": "15.006.30121"
},
{
"model": "acrobat",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "xi desktop 11.0.16 (windows/macintosh)"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "classic 15.006.30172 (windows/macintosh)"
},
{
"model": "acrobat dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "continuous track 15.016.20039 (windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "classic 15.006.30172 (windows/macintosh)"
},
{
"model": "acrobat reader dc",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "continuous track 15.016.20039 (windows/macintosh)"
},
{
"model": "reader",
"scope": "lt",
"trust": 0.8,
"vendor": "adobe",
"version": "xi desktop 11.0.16 (windows/macintosh)"
},
{
"model": "windows",
"scope": null,
"trust": 0.6,
"vendor": "microsoft",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-002678"
},
{
"db": "CNNVD",
"id": "CNNVD-201605-313"
},
{
"db": "NVD",
"id": "CVE-2016-4092"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:adobe:acrobat",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_dc",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader_dc",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:adobe:acrobat_reader",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-002678"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Ke Liu of Tencent\u0027s Xuanwu LAB",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201605-313"
}
],
"trust": 0.6
},
"cve": "CVE-2016-4092",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2016-4092",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-92911",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2016-4092",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2016-4092",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "CVE-2016-4092",
"trust": 0.8,
"value": "Critical"
},
{
"author": "CNNVD",
"id": "CNNVD-201605-313",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-92911",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-92911"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-002678"
},
{
"db": "CNNVD",
"id": "CNNVD-201605-313"
},
{
"db": "NVD",
"id": "CVE-2016-4092"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Heap-based buffer overflow in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4091. This vulnerability CVE-2016-4091 Is a different vulnerability.An attacker could execute arbitrary code. Failed attempts will likely cause a denial-of-service condition. Adobe Acrobat DC, etc. are all products of Adobe (Adobe) in the United States. Acrobat DC is a desktop PDF solution; Acrobat Reader DC is a set of tools for viewing, printing and annotating PDF",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-4092"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-002678"
},
{
"db": "BID",
"id": "90508"
},
{
"db": "VULHUB",
"id": "VHN-92911"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-4092",
"trust": 2.8
},
{
"db": "BID",
"id": "90508",
"trust": 1.4
},
{
"db": "SECTRACK",
"id": "1035828",
"trust": 1.1
},
{
"db": "JVNDB",
"id": "JVNDB-2016-002678",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201605-313",
"trust": 0.7
},
{
"db": "AUSCERT",
"id": "ESB-2016.1146",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-92911",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-92911"
},
{
"db": "BID",
"id": "90508"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-002678"
},
{
"db": "CNNVD",
"id": "CNNVD-201605-313"
},
{
"db": "NVD",
"id": "CVE-2016-4092"
}
]
},
"id": "VAR-201605-0112",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-92911"
}
],
"trust": 0.01
},
"last_update_date": "2024-11-23T21:43:05.255000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APSB16-14",
"trust": 0.8,
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
},
{
"title": "APSB16-14",
"trust": 0.8,
"url": "https://helpx.adobe.com/jp/security/products/reader/apsb16-14.html"
},
{
"title": "\u30a2\u30c9\u30d3 \u30b7\u30b9\u30c6\u30e0\u30ba\u793e Adobe Reader \u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.fmworld.net/biz/common/adobe/20160512.html"
},
{
"title": "Multiple Adobe Product-based patch-based buffer overflow vulnerability fixes",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=61631"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-002678"
},
{
"db": "CNNVD",
"id": "CNNVD-201605-313"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-92911"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-002678"
},
{
"db": "NVD",
"id": "CVE-2016-4092"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/bid/90508"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1035828"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-4092"
},
{
"trust": 0.8,
"url": "https://www.ipa.go.jp/security/ciadr/vul/20160511-adobereader.html"
},
{
"trust": 0.8,
"url": "https://www.jpcert.or.jp/at/2016/at160023.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-4092"
},
{
"trust": 0.8,
"url": "http://www.npa.go.jp/cyberpolice/topics/?seq=18377"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/render.html?it=34330"
},
{
"trust": 0.3,
"url": "http://www.adobe.com/products/flash/"
},
{
"trust": 0.3,
"url": "http://www.adobe.com"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-92911"
},
{
"db": "BID",
"id": "90508"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-002678"
},
{
"db": "CNNVD",
"id": "CNNVD-201605-313"
},
{
"db": "NVD",
"id": "CVE-2016-4092"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-92911"
},
{
"db": "BID",
"id": "90508"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-002678"
},
{
"db": "CNNVD",
"id": "CNNVD-201605-313"
},
{
"db": "NVD",
"id": "CVE-2016-4092"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-05-11T00:00:00",
"db": "VULHUB",
"id": "VHN-92911"
},
{
"date": "2016-05-10T00:00:00",
"db": "BID",
"id": "90508"
},
{
"date": "2016-05-17T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-002678"
},
{
"date": "2016-05-11T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201605-313"
},
{
"date": "2016-05-11T11:00:44.200000",
"db": "NVD",
"id": "CVE-2016-4092"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-12-02T00:00:00",
"db": "VULHUB",
"id": "VHN-92911"
},
{
"date": "2016-05-10T00:00:00",
"db": "BID",
"id": "90508"
},
{
"date": "2016-05-17T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-002678"
},
{
"date": "2016-05-11T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201605-313"
},
{
"date": "2024-11-21T02:51:20.937000",
"db": "NVD",
"id": "CVE-2016-4092"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201605-313"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Windows and Mac OS X Run on Adobe Reader and Acrobat Heap-based buffer overflow vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-002678"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201605-313"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…