CVE-2018-16011

HIGH

Adobe Acrobat and Reader DC < 15.006.30461, 15.008.20082-19.010.20064 - Use-After-Free

Title source: llm
STIX 2.1

Description

Adobe Acrobat and Reader versions 2019.010.20064 and earlier, 2019.010.20064 and earlier, 2017.011.30110 and earlier version, and 2015.006.30461 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution.

References (3)

Core 3
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/106164
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/106447
Patch, Vendor Advisory x_refsource_confirm
https://helpx.adobe.com/security/products/acrobat/apsb19-02.html

Scores

CVSS v3 8.8
EPSS 0.0841
EPSS Percentile 94.3%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Details

CWE
CWE-416
Status published
Products (4)
adobe/acrobat_dc 15.006.30060 - 15.006.30461
adobe/acrobat_dc 15.008.20082 - 19.010.20064
adobe/acrobat_reader_dc 15.006.30060 - 15.006.30461
adobe/acrobat_reader_dc 15.008.20082 - 19.010.20064
Published Jan 18, 2019
Tracked Since Feb 18, 2026