CVE-2016-4205

CRITICAL

Adobe Reader and Acrobat <11.0.17 <15.006.30198 - Memory Corruption

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2016-4205. PoCs published by COSIG.

AI-analyzed exploit summary This is a vulnerability advisory for CVE-2016-4205, detailing a remote code execution flaw in Adobe Acrobat Reader DC due to improper handling of invalid font data in PDF files. The advisory includes a proof-of-concept link but no direct exploit code.

Description

Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4191, CVE-2016-4192, CVE-2016-4193, CVE-2016-4194, CVE-2016-4195, CVE-2016-4196, CVE-2016-4197, CVE-2016-4198, CVE-2016-4199, CVE-2016-4200, CVE-2016-4201, CVE-2016-4202, CVE-2016-4203, CVE-2016-4204, CVE-2016-4206, CVE-2016-4207, CVE-2016-4208, CVE-2016-4211, CVE-2016-4212, CVE-2016-4213, CVE-2016-4214, CVE-2016-4250, CVE-2016-4251, CVE-2016-4252, and CVE-2016-4254.

Exploits (1)

exploitdb WRITEUP VERIFIED
by COSIG · textdosmultiple
https://www.exploit-db.com/exploits/40095

This is a vulnerability advisory for CVE-2016-4205, detailing a remote code execution flaw in Adobe Acrobat Reader DC due to improper handling of invalid font data in PDF files. The advisory includes a proof-of-concept link but no direct exploit code.

Classification
Writeup 100%
Attack Type
Rce
Complexity
Moderate
Reliability
Theoretical
Target: Adobe Acrobat Reader DC 15.016.20045 and earlier
No auth needed
Prerequisites: User interaction to open a malicious PDF file
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (4)

Core 4
Core References
Exploit, Third Party Advisory exploit x_refsource_exploit-db
https://www.exploit-db.com/exploits/40095/
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/91716
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id/1036281
Patch, Vendor Advisory x_refsource_confirm
https://helpx.adobe.com/security/products/acrobat/apsb16-26.html

Scores

CVSS v3 9.8
EPSS 0.1781
EPSS Percentile 96.8%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-119
Status published
Products (6)
adobe/acrobat < 11.0.16
adobe/acrobat_dc < 15.006.30174
adobe/acrobat_dc < 15.016.20045
adobe/acrobat_reader_dc < 15.006.30174
adobe/acrobat_reader_dc < 15.016.20045
adobe/reader < 11.0.16
Published Jul 13, 2016
Tracked Since Feb 18, 2026