Vulnerability Name: CVE-2016-0946 (CCN-109577) Assigned: 2015-12-22 Published: 2016-01-12 Updated: 2016-12-07 Summary: Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC Classic before 15.006.30119, and Acrobat and Acrobat Reader DC Continuous before 15.010.20056 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0931 , CVE-2016-0933 , CVE-2016-0936 , CVE-2016-0938 , CVE-2016-0939 , CVE-2016-0942 , CVE-2016-0944 , and CVE-2016-0945 . CVSS v3 Severity: 9.8 Critical (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H )8.5 High (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C )Exploitability Metrics: Attack Vector (AV): NetworkAttack Complexity (AC): LowPrivileges Required (PR): NoneUser Interaction (UI): NoneScope: Scope (S): UnchangedImpact Metrics: Confidentiality (C): HighIntegrity (I): HighAvailibility (A): High
7.8 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H )6.8 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C )Exploitability Metrics: Attack Vector (AV): LocalAttack Complexity (AC): LowPrivileges Required (PR): NoneUser Interaction (UI): RequiredScope: Scope (S): UnchangedImpact Metrics: Confidentiality (C): HighIntegrity (I): HighAvailibility (A): High
CVSS v2 Severity: 10.0 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C )Exploitability Metrics: Access Vector (AV): NetworkAccess Complexity (AC): LowAuthentication (Au): NoneImpact Metrics: Confidentiality (C): CompleteIntegrity (I): CompleteAvailibility (A): Complete
6.8 Medium (CCN CVSS v2 Vector: AV:L/AC:L/Au:S/C:C/I:C/A:C )Exploitability Metrics: Access Vector (AV): LocalAccess Complexity (AC): LowAthentication (Au): Single_InstanceImpact Metrics: Confidentiality (C): CompleteIntegrity (I): CompleteAvailibility (A): Complete
Vulnerability Type: CWE-119 Vulnerability Consequences: Gain Access References: Source: MITRE Type: CNACVE-2016-0946 Source: SECTRACK Type: Third Party Advisory, VDB Entry1034646 Source: XF Type: UNKNOWNadobe-cve20160946-code-exec(109577) Source: CCN Type: Adobe Security Bulletin APSB16-02Security Updates Available for Adobe Acrobat and Reader Source: CONFIRM Type: Patch, Vendor Advisoryhttps://helpx.adobe.com/security/products/acrobat/apsb16-02.html Vulnerable Configuration: Configuration 1 :cpe:/a:adobe:acrobat_reader:11.0.0:*:*:*:*:*:*:* OR cpe:/a:adobe:acrobat_reader:11.0.1:*:*:*:*:*:*:* OR cpe:/a:adobe:acrobat_reader:11.0.2:*:*:*:*:*:*:* OR cpe:/a:adobe:acrobat_reader:11.0.3:*:*:*:*:*:*:* OR cpe:/a:adobe:acrobat_reader:11.0.4:*:*:*:*:*:*:* OR cpe:/a:adobe:acrobat_reader:11.0.5:*:*:*:*:*:*:* OR cpe:/a:adobe:acrobat_reader:11.0.6:*:*:*:*:*:*:* OR cpe:/a:adobe:acrobat_reader:11.0.7:*:*:*:*:*:*:* OR cpe:/a:adobe:acrobat_reader:11.0.8:*:*:*:*:*:*:* OR cpe:/a:adobe:acrobat_reader:11.0.9:*:*:*:*:*:*:* OR cpe:/a:adobe:acrobat_reader:11.0.10:*:*:*:*:*:*:* OR cpe:/a:adobe:acrobat_reader:11.0.11:*:*:*:*:*:*:* OR cpe:/a:adobe:acrobat_reader:11.0.12:*:*:*:*:*:*:* OR cpe:/a:adobe:acrobat_reader:*:*:*:*:*:*:*:* (Version <= 11.0.13) AND cpe:/o:apple:mac_os_x:*:*:*:*:*:*:*:* OR cpe:/o:microsoft:windows:*:*:*:*:*:*:*:* Configuration 2 :cpe:/a:adobe:acrobat:11.0.0:*:*:*:*:*:*:* OR cpe:/a:adobe:acrobat:11.0.1:*:*:*:*:*:*:* OR cpe:/a:adobe:acrobat:11.0.2:*:*:*:*:*:*:* OR cpe:/a:adobe:acrobat:11.0.3:*:*:*:*:*:*:* OR cpe:/a:adobe:acrobat:11.0.4:*:*:*:*:*:*:* OR cpe:/a:adobe:acrobat:11.0.5:*:*:*:*:*:*:* OR cpe:/a:adobe:acrobat:11.0.6:*:*:*:*:*:*:* OR cpe:/a:adobe:acrobat:11.0.7:*:*:*:*:*:*:* OR cpe:/a:adobe:acrobat:11.0.8:*:*:*:*:*:*:* OR cpe:/a:adobe:acrobat:11.0.9:*:*:*:*:*:*:* OR cpe:/a:adobe:acrobat:11.0.10:*:*:*:*:*:*:* OR cpe:/a:adobe:acrobat:11.0.11:*:*:*:*:*:*:* OR cpe:/a:adobe:acrobat:11.0.12:*:*:*:*:*:*:* OR cpe:/a:adobe:acrobat:*:*:*:*:*:*:*:* (Version <= 11.0.13) AND cpe:/o:apple:mac_os_x:*:*:*:*:*:*:*:* OR cpe:/o:microsoft:windows:*:*:*:*:*:*:*:* Configuration 3 :cpe:/a:adobe:acrobat_dc:*:*:*:*:classic:*:*:* (Version <= 15.006.30097)OR cpe:/a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:* (Version <= 15.009.20077) OR cpe:/a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:* (Version <= 15.006.30097) OR cpe:/a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:* (Version <= 15.009.20077) AND cpe:/o:apple:mac_os_x:*:*:*:*:*:*:*:* OR cpe:/o:microsoft:windows:*:*:*:*:*:*:*:* Configuration CCN 1 :cpe:/a:adobe:acrobat_dc:15.009.20077:*:*:*:*:*:*:* OR cpe:/a:adobe:acrobat_dc:15.006.30097:*:*:*:*:*:*:* OR cpe:/a:adobe:acrobat_reader_dc:15.009.20077:*:*:*:*:*:*:* OR cpe:/a:adobe:acrobat_reader_dc:15.006.30097:*:*:*:*:*:*:* Denotes that component is vulnerable BACK
adobe acrobat reader 11.0.0
adobe acrobat reader 11.0.1
adobe acrobat reader 11.0.2
adobe acrobat reader 11.0.3
adobe acrobat reader 11.0.4
adobe acrobat reader 11.0.5
adobe acrobat reader 11.0.6
adobe acrobat reader 11.0.7
adobe acrobat reader 11.0.8
adobe acrobat reader 11.0.9
adobe acrobat reader 11.0.10
adobe acrobat reader 11.0.11
adobe acrobat reader 11.0.12
adobe acrobat reader *
apple mac os x *
microsoft windows *
adobe acrobat 11.0.0
adobe acrobat 11.0.1
adobe acrobat 11.0.2
adobe acrobat 11.0.3
adobe acrobat 11.0.4
adobe acrobat 11.0.5
adobe acrobat 11.0.6
adobe acrobat 11.0.7
adobe acrobat 11.0.8
adobe acrobat 11.0.9
adobe acrobat 11.0.10
adobe acrobat 11.0.11
adobe acrobat 11.0.12
adobe acrobat *
apple mac os x *
microsoft windows *
adobe acrobat dc *
adobe acrobat dc *
adobe acrobat reader dc *
adobe acrobat reader dc *
apple mac os x *
microsoft windows *
adobe acrobat dc 15.009.20077
adobe acrobat dc 15.006.30097
adobe acrobat reader dc 15.009.20077
adobe acrobat reader dc 15.006.30097