CVE-2018-16040
CRITICALAdobe Acrobat and Reader DC < 15.006.30457 and 15.008.20082-19.008.20081 - Use-After-Free
Title source: llmDescription
Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008.20080 and earlier, 2019.008.20081 and earlier, 2017.011.30106 and earlier version, 2017.011.30105 and earlier version, 2015.006.30457 and earlier, and 2015.006.30456 and earlier have a use after free vulnerability. Successful exploitation could lead to arbitrary code execution.
References (2)
Core 2
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/106164
Patch, Vendor Advisory x_refsource_confirm
https://helpx.adobe.com/security/products/acrobat/apsb18-41.html
Scores
CVSS v3
9.8
EPSS
0.0568
EPSS Percentile
92.1%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-416
Status
published
Products (4)
adobe/acrobat_dc
15.006.30060 - 15.006.30457
adobe/acrobat_dc
15.008.20082 - 19.008.20081
adobe/acrobat_reader_dc
15.006.30060 - 15.006.30457
adobe/acrobat_reader_dc
15.008.20082 - 19.008.20081
Published
Jan 18, 2019
Tracked Since
Feb 18, 2026