CVE-2016-0947

Published: Jan 14, 2016Modified: May 6, 2026

7.8

Vector

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Exploitability: 1.8 / Impact: 5.9

Source: NVD

Description

Untrusted search path vulnerability in Adobe Download Manager, as used in Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC Classic before 15.006.30119, and Acrobat and Acrobat Reader DC Continuous before 15.010.20056 on Windows and OS X, allows local users to gain privileges via a crafted resource in an unspecified directory.

Affected (32)

Products: Adobe: Acrobat, Acrobat Dc, Acrobat Reader Dc, Acrobat Reader

4 products

Configuration A

14 vulnerable

Vulnerable Software	Affected Versions
Adobe Acrobat	Up to 11.0.13
Adobe Acrobat	Version 11.0.0
Adobe Acrobat	Version 11.0.10
Adobe Acrobat	Version 11.0.11
Adobe Acrobat	Version 11.0.12
Adobe Acrobat	Version 11.0.1
Adobe Acrobat	Version 11.0.2
Adobe Acrobat	Version 11.0.3
Adobe Acrobat	Version 11.0.4
Adobe Acrobat	Version 11.0.5
Adobe Acrobat	Version 11.0.6
Adobe Acrobat	Version 11.0.7
Adobe Acrobat	Version 11.0.8
Adobe Acrobat	Version 11.0.9

Configuration B

4 vulnerable

Vulnerable Software	Affected Versions
Adobe Acrobat Dc	Up to 15.006.30097
Adobe Acrobat Dc	Up to 15.009.20077
Adobe Acrobat Reader Dc	Up to 15.006.30097
Adobe Acrobat Reader Dc	Up to 15.009.20077

Configuration C

14 vulnerable · 2 platform

Vulnerable Software	Affected Versions
Adobe Acrobat Reader	Up to 11.0.13
Adobe Acrobat Reader	Version 11.0.0
Adobe Acrobat Reader	Version 11.0.10
Adobe Acrobat Reader	Version 11.0.11
Adobe Acrobat Reader	Version 11.0.12
Adobe Acrobat Reader	Version 11.0.1
Adobe Acrobat Reader	Version 11.0.2
Adobe Acrobat Reader	Version 11.0.3
Adobe Acrobat Reader	Version 11.0.4
Adobe Acrobat Reader	Version 11.0.5
Adobe Acrobat Reader	Version 11.0.6
Adobe Acrobat Reader	Version 11.0.7
Adobe Acrobat Reader	Version 11.0.8
Adobe Acrobat Reader	Version 11.0.9

Running on/with	Platform Versions
Apple Mac Os X	All versions
Microsoft Windows	All versions

References (4)

http://www.securitytracker.com/id/1034646

Source: psirt@adobe.com

Third Party AdvisoryVDB Entry

https://helpx.adobe.com/security/products/acrobat/apsb16-02.html

Source: psirt@adobe.com

PatchVendor Advisory

http://www.securitytracker.com/id/1034646

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryVDB Entry

https://helpx.adobe.com/security/products/acrobat/apsb16-02.html

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

Timeline

No history available yet.