← Back

CVE-2016-0943

nvd nist
Published: Jan 14, 2016Modified: May 6, 2026

JSON object

Loading...
8.8
Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Exploitability: 2.8 / Impact: 5.9
Source: NVD

Description

Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC Classic before 15.006.30119, and Acrobat and Acrobat Reader DC Continuous before 15.010.20056 on Windows and OS X mishandle the Global object, which allows attackers to bypass JavaScript API execution restrictions via unspecified vectors.

Affected (32)

Adobe
4 products
Acrobat Dc
Acrobat Reader Dc
Acrobat Reader
Acrobat
Configuration A
4 vulnerable
Vulnerable SoftwareAffected Versions
Adobe
Acrobat Dc
Up to 15.006.30097
Acrobat Dc
Up to 15.009.20077
Adobe
Acrobat Reader Dc
Up to 15.006.30097
Acrobat Reader Dc
Up to 15.009.20077
Configuration B
14 vulnerable
Vulnerable SoftwareAffected Versions
Adobe
Acrobat Reader
Up to 11.0.13
Acrobat Reader
Version 11.0.0
Acrobat Reader
Version 11.0.10
Acrobat Reader
Version 11.0.11
Acrobat Reader
Version 11.0.12
Acrobat Reader
Version 11.0.1
Acrobat Reader
Version 11.0.2
Acrobat Reader
Version 11.0.3
Acrobat Reader
Version 11.0.4
Acrobat Reader
Version 11.0.5
Acrobat Reader
Version 11.0.6
Acrobat Reader
Version 11.0.7
Acrobat Reader
Version 11.0.8
Acrobat Reader
Version 11.0.9
Configuration C
14 vulnerable · 2 platform
Vulnerable SoftwareAffected Versions
Adobe
Acrobat
Up to 11.0.13
Acrobat
Version 11.0.0
Acrobat
Version 11.0.10
Acrobat
Version 11.0.11
Acrobat
Version 11.0.12
Acrobat
Version 11.0.1
Acrobat
Version 11.0.2
Acrobat
Version 11.0.3
Acrobat
Version 11.0.4
Acrobat
Version 11.0.5
Acrobat
Version 11.0.6
Acrobat
Version 11.0.7
Acrobat
Version 11.0.8
Acrobat
Version 11.0.9
Running on/withPlatform Versions
Apple
Mac Os X
All versions
Microsoft
Windows
All versions

Related CWEs

CWE-264
CWE-264

References (6)

Source: psirt@adobe.com
Third Party AdvisoryVDB Entry
Source: psirt@adobe.com
Third Party AdvisoryVDB Entry
Source: psirt@adobe.com
PatchVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryVDB Entry
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryVDB Entry
Source: af854a3a-2127-422b-91ae-364da2661108
PatchVendor Advisory

Timeline

No history available yet.