Kaspersky LabKLA10734KLA10734 Multiple vulnerabilities in Adobe products
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.132 Low
EPSS
Percentile
95.5%
Detect date:
01/12/2016
Severity:
Critical
Description:
Multiple serious vulnerabilities have been found in Adobe products. Malicious users can exploit these vulnerabilities to cause denial of service, bypass security restrictions or execute arbitrary code.
Affected products:
Adobe Acrobat DC Continuous versions earlier than 15.010.20056
Adobe Acrobat Reader DC Continuous versions earlier than 15.010.20056
Adobe Acrobat DC Classic versions earlier than 15.006.30119
Adobe Acrobat Reader DC Classic versions earlier than 15.006.30119
Adobe Acrobat XI versions earlier than 11.0.14
Adobe Reader XI versions earlier than 11.0.14
Solution:
Update to the latest version
Get Adobe Reader
Original advisories:
Impacts:
ACE
Related products:
CVE-IDS:
CVE-2016-09316.8High
CVE-2016-09326.8High
CVE-2016-09346.8High
CVE-2016-09356.8High
CVE-2016-09369.3Critical
CVE-2016-09379.3Critical
CVE-2016-09389.3Critical
CVE-2016-09396.8High
CVE-2016-09416.8High
CVE-2016-09436.8High
CVE-2016-09477.2High
References
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0931
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0932
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0934
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0935
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0936
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0937
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0938
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0939
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0941
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0943
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0947
get.adobe.com/reader/
helpx.adobe.com/security/products/reader/apsb16-02.html
statistics.securelist.com/vulnerability-scan/month
threats.kaspersky.com/en/product/Adobe-Acrobat-DC-Classic/
threats.kaspersky.com/en/product/Adobe-Acrobat-DC-Continuous/
threats.kaspersky.com/en/product/Adobe-Acrobat-Reader-DC-Classic/
threats.kaspersky.com/en/product/Adobe-Acrobat-Reader-DC-Continuous/
threats.kaspersky.com/en/product/Adobe-Acrobat-X/
threats.kaspersky.com/en/product/Adobe-Acrobat-XI/
threats.kaspersky.com/en/product/Adobe-Reader-X/
threats.kaspersky.com/en/product/Adobe-Reader-XI/
Related
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.132 Low
EPSS
Percentile
95.5%