CVE-2016-0932

Use-after-free vulnerability in the Doc object implementation in Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC Classic before 15.006.30119, and Acrobat and Acrobat Reader DC Continuous before 15.010.20056 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0934, CVE-2016-0937, CVE-2016-0940, and CVE-2016-0941.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
8.8 HIGH
NETWORK
LOW
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
adobeCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 77%
VendorProductVersion
adobeacrobat_reader
𝑥
≤ 11.0.13
adobeacrobat_reader
11.0.0
adobeacrobat_reader
11.0.1
adobeacrobat_reader
11.0.2
adobeacrobat_reader
11.0.3
adobeacrobat_reader
11.0.4
adobeacrobat_reader
11.0.5
adobeacrobat_reader
11.0.6
adobeacrobat_reader
11.0.7
adobeacrobat_reader
11.0.8
adobeacrobat_reader
11.0.9
adobeacrobat_reader
11.0.10
adobeacrobat_reader
11.0.11
adobeacrobat_reader
11.0.12
adobeacrobat
𝑥
≤ 11.0.13
adobeacrobat
11.0.0
adobeacrobat
11.0.1
adobeacrobat
11.0.2
adobeacrobat
11.0.3
adobeacrobat
11.0.4
adobeacrobat
11.0.5
adobeacrobat
11.0.6
adobeacrobat
11.0.7
adobeacrobat
11.0.8
adobeacrobat
11.0.9
adobeacrobat
11.0.10
adobeacrobat
11.0.11
adobeacrobat
11.0.12
adobeacrobat_dc
𝑥
≤ 15.006.30097
adobeacrobat_dc
𝑥
≤ 15.009.20077
adobeacrobat_reader_dc
𝑥
≤ 15.006.30097
adobeacrobat_reader_dc
𝑥
≤ 15.009.20077
𝑥
= Vulnerable software versions
References
http://www.securitytracker.com/id/1034646
http://zerodayinitiative.com/advisories/ZDI-16-008
https://helpx.adobe.com/security/products/acrobat/apsb16-02.html
http://www.securitytracker.com/id/1034646
http://zerodayinitiative.com/advisories/ZDI-16-008
https://helpx.adobe.com/security/products/acrobat/apsb16-02.html