Vulnerability CVE-2016-0941
Published: 2016-01-14

Description:
Use-after-free vulnerability in the Search object implementation in Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC Classic before 15.006.30119, and Acrobat and Acrobat Reader DC Continuous before 15.010.20056 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0932, CVE-2016-0934, CVE-2016-0937, and CVE-2016-0940.

CVSS2 => (AV:N/AC:M/Au:N/C:P/I:P/A:P)

CVSS Base Score
Impact Subscore
Exploitability Subscore
6.8/10
6.4/10
8.6/10
Exploit range
Attack complexity
Authentication
Remote
Medium
No required
Confidentiality impact
Integrity impact
Availability impact
Partial
Partial
Partial
Affected software
Adobe -> Acrobat 
Adobe -> Acrobat dc 
Adobe -> Acrobat reader 
Adobe -> Acrobat reader dc 

 References:
http://www.securitytracker.com/id/1034646
http://zerodayinitiative.com/advisories/ZDI-16-010
https://helpx.adobe.com/security/products/acrobat/apsb16-02.html
Copyright 2024, cxsecurity.com

 

Back to Top