Lucene search
AbdulAziz Hariri and Jasiel Spelman of HPE's Zero Day InitiativeZDI-16-327HistoryMay 10, 2016 - 12:00 a.m.
Adobe Acrobat Pro DC ImageConversion TIFF TAGTYPE Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
2016-05-1000:00:00
AbdulAziz Hariri and Jasiel Spelman of HPE's Zero Day Initiative
www.zerodayinitiative.com
16
0.059 Low
EPSS
Percentile
93.5%
This vulnerability allows an attacker to leak sensitive information on vulnerable installations of Adobe Acrobat Pro DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the ImageConversion plugin. A specially crafted TIFF image with a specific TAGTYPE value can force Adobe Acrobat Pro DC to read memory past the end of an allocated object. An attacker can use this information in conjunction with other vulnerabilities to execute code in the context of the process.
Related
checkpoint_advisories
checkpoint_advisories
Adobe Reader and Acrobat Information Disclosure (APSB16-14: CVE-2016-1080)
2016-06-28 00:00:00
cve
cve
prion
prion
Memory corruption
2016-05-11 10:59:00
Memory corruption
2016-05-11 10:59:00
Memory corruption
2016-05-11 11:00:00
cvelist
cvelist
nvd
nvd
nessus
nessus
adobe
adobe
APSB16-14 Security Updates Available for Adobe Acrobat and Reader
2016-05-05 00:00:00
openvas
openvas
Adobe Acrobat Security Updates (APSB16-14) - Mac OS X
2016-05-12 00:00:00
Adobe Acrobat Security Updates (APSB16-14) - Windows
2016-05-12 00:00:00
Adobe Reader Security Updates (APSB16-14) - Mac OS X
2016-05-12 00:00:00
kaspersky
kaspersky
KLA10807 Multiple vulnerabilities in Adobe Acrobat
2016-05-10 00:00:00