CVE-2016-1008

Published: Mar 9, 2016Modified: May 6, 2026

8.4

Vector

CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Exploitability: 2.5 / Impact: 5.9

Source: NVD

Description

Untrusted search path vulnerability in Adobe Reader and Acrobat before 11.0.15, Acrobat and Acrobat Reader DC Classic before 15.006.30121, and Acrobat and Acrobat Reader DC Continuous before 15.010.20060 on Windows and OS X allows local users to gain privileges via a Trojan horse DLL in an unspecified directory.

Affected (6)

Products: Adobe: Acrobat, Acrobat Dc, Acrobat Reader, Acrobat Reader Dc

4 products

Acrobat Reader Dc

Configuration A

6 vulnerable · 2 platform

Vulnerable Software	Affected Versions
Adobe Acrobat	Up to 11.0.14
Adobe Acrobat Dc	Up to 15.006.30119
Adobe Acrobat Dc	Up to 15.010.20059
Adobe Acrobat Reader	Up to 11.0.14
Adobe Acrobat Reader Dc	Up to 15.010.20059
Adobe Acrobat Reader Dc	Version 15.006.30119

Running on/with	Platform Versions
Apple Mac Os X	All versions
Microsoft Windows	All versions

Related CWEs

Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

References (8)

http://www.securityfocus.com/bid/84216

Source: psirt@adobe.com

http://www.securitytracker.com/id/1035199

Source: psirt@adobe.com

http://www.zerodayinitiative.com/advisories/ZDI-16-190

Source: psirt@adobe.com

https://helpx.adobe.com/security/products/acrobat/apsb16-09.html

Source: psirt@adobe.com

PatchVendor Advisory

http://www.securityfocus.com/bid/84216

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securitytracker.com/id/1035199

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.zerodayinitiative.com/advisories/ZDI-16-190

Source: af854a3a-2127-422b-91ae-364da2661108

https://helpx.adobe.com/security/products/acrobat/apsb16-09.html

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

Timeline

No history available yet.