CVE-2016-6939

Heap-based buffer overflow in Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-6994.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
9.8 CRITICAL
NETWORK
LOW
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
adobeCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 90%
VendorProductVersion
adobeacrobat
𝑥
≤ 11.0.17
adobeacrobat_dc
𝑥
≤ 15.006.30201
adobeacrobat_dc
𝑥
≤ 15.017.20053
adobeacrobat_reader_dc
𝑥
≤ 15.006.30201
adobeacrobat_reader_dc
𝑥
≤ 15.017.20053
adobereader
𝑥
≤ 11.0.17
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://www.securityfocus.com/bid/93487
http://www.securitytracker.com/id/1036986
https://helpx.adobe.com/security/products/acrobat/apsb16-33.html
http://www.securityfocus.com/bid/93487
http://www.securitytracker.com/id/1036986
https://helpx.adobe.com/security/products/acrobat/apsb16-33.html