Sign-up

ID

VAR-201605-0298


CVE

CVE-2016-1112


TITLE

Windows and Mac OS X Run on Adobe Reader and Acrobat Vulnerability in which important information is obtained

Trust: 0.8

sources: JVNDB: JVNDB-2016-002658

DESCRIPTION

Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to obtain sensitive information via unspecified vectors. An attacker can exploit this issue to gain access to sensitive information that may aid in further attacks. are all products of Adobe (Adobe) in the United States. An information disclosure vulnerability exists in several Adobe products

Trust: 2.07

sources: NVD: CVE-2016-1112 // JVNDB: JVNDB-2016-002658 // BID: 90510 // VULHUB: VHN-89931 // VULMON: CVE-2016-1112

AFFECTED PRODUCTS

vendor:adobemodel:acrobat dcscope:lteversion:15.006.30121

Trust: 1.0

vendor:adobemodel:acrobat dcscope:lteversion:15.010.20060

Trust: 1.0

vendor:adobemodel:acrobat reader dcscope:lteversion:15.006.30121

Trust: 1.0

vendor:adobemodel:readerscope:lteversion:11.0.15

Trust: 1.0

vendor:adobemodel:acrobat reader dcscope:lteversion:15.010.20060

Trust: 1.0

vendor:adobemodel:acrobatscope:lteversion:11.0.15

Trust: 1.0

vendor:adobemodel:acrobatscope:ltversion:xi desktop 11.0.16 (windows/macintosh)

Trust: 0.8

vendor:adobemodel:acrobat dcscope:ltversion:classic 15.006.30172 (windows/macintosh)

Trust: 0.8

vendor:adobemodel:acrobat dcscope:ltversion:continuous track 15.016.20039 (windows/macintosh)

Trust: 0.8

vendor:adobemodel:acrobat reader dcscope:ltversion:classic 15.006.30172 (windows/macintosh)

Trust: 0.8

vendor:adobemodel:acrobat reader dcscope:ltversion:continuous track 15.016.20039 (windows/macintosh)

Trust: 0.8

vendor:adobemodel:readerscope:ltversion:xi desktop 11.0.16 (windows/macintosh)

Trust: 0.8

vendor:microsoftmodel:windowsscope: - version: -

Trust: 0.6

sources: JVNDB: JVNDB-2016-002658 // CNNVD: CNNVD-201605-293 // NVD: CVE-2016-1112

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2016-1112
value: CRITICAL

Trust: 1.0

NVD: CVE-2016-1112
value: CRITICAL

Trust: 0.8

CNNVD: CNNVD-201605-293
value: CRITICAL

Trust: 0.6

VULHUB: VHN-89931
value: HIGH

Trust: 0.1

VULMON: CVE-2016-1112
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2016-1112
severity: HIGH
baseScore: 10.0
vectorString: AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.9

VULHUB: VHN-89931
severity: HIGH
baseScore: 10.0
vectorString: AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2016-1112
baseSeverity: CRITICAL
baseScore: 9.8
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 5.9
version: 3.0

Trust: 1.8

sources: VULHUB: VHN-89931 // VULMON: CVE-2016-1112 // JVNDB: JVNDB-2016-002658 // CNNVD: CNNVD-201605-293 // NVD: CVE-2016-1112

PROBLEMTYPE DATA

problemtype:CWE-200

Trust: 1.9

sources: VULHUB: VHN-89931 // JVNDB: JVNDB-2016-002658 // NVD: CVE-2016-1112

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201605-293

TYPE

information disclosure

Trust: 0.6

sources: CNNVD: CNNVD-201605-293

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2016-002658

PATCH
title:APSB16-14url:https://helpx.adobe.com/security/products/acrobat/apsb16-14.html
Trust: 0.8
title:APSB16-14url:https://helpx.adobe.com/jp/security/products/reader/apsb16-14.html
Trust: 0.8
title:アドビ システムズ社 Adobe Reader の脆弱性に関するお知らせurl:http://www.fmworld.net/biz/common/adobe/20160512.html
Trust: 0.8
title:Multiple Adobe Product information disclosure vulnerability repair measuresurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=61611
Trust: 0.6
sources:
            
            
            JVNDB: JVNDB-2016-002658 // 
            
            
            
            CNNVD: CNNVD-201605-293

EXTERNAL IDS
db:NVDid:CVE-2016-1112
Trust: 2.9
db:BIDid:90510
Trust: 1.5
db:SECTRACKid:1035828
Trust: 1.2
db:JVNDBid:JVNDB-2016-002658
Trust: 0.8
db:CNNVDid:CNNVD-201605-293
Trust: 0.7
db:AUSCERTid:ESB-2016.1146
Trust: 0.6
db:VULHUBid:VHN-89931
Trust: 0.1
db:VULMONid:CVE-2016-1112
Trust: 0.1
sources:
            
            
            VULHUB: VHN-89931 // 
            
            
            
            VULMON: CVE-2016-1112 // 
            
            
            
            BID: 90510 // 
            
            
            
            JVNDB: JVNDB-2016-002658 // 
            
            
            
            CNNVD: CNNVD-201605-293 // 
            
            
            
            NVD: CVE-2016-1112

REFERENCES
url:https://helpx.adobe.com/security/products/acrobat/apsb16-14.html
Trust: 1.8
url:http://www.securityfocus.com/bid/90510
Trust: 1.3
url:http://www.securitytracker.com/id/1035828
Trust: 1.2
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-1112
Trust: 0.8
url:https://www.ipa.go.jp/security/ciadr/vul/20160511-adobereader.html
Trust: 0.8
url:https://www.jpcert.or.jp/at/2016/at160023.html
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-1112
Trust: 0.8
url:http://www.npa.go.jp/cyberpolice/topics/?seq=18377
Trust: 0.8
url:https://www.auscert.org.au/render.html?it=34330
Trust: 0.6
url:http://www.adobe.com/products/acrobat/
Trust: 0.3
url:http://www.adobe.com/products/reader/
Trust: 0.3
url:https://cwe.mitre.org/data/definitions/200.html
Trust: 0.1
url:https://nvd.nist.gov
Trust: 0.1
sources:
            
            
            VULHUB: VHN-89931 // 
            
            
            
            VULMON: CVE-2016-1112 // 
            
            
            
            BID: 90510 // 
            
            
            
            JVNDB: JVNDB-2016-002658 // 
            
            
            
            CNNVD: CNNVD-201605-293 // 
            
            
            
            NVD: CVE-2016-1112

CREDITS
The vendor reported this issue.
Trust: 0.3
sources:
            
            
            BID: 90510

SOURCES
db:VULHUBid:VHN-89931
db:VULMONid:CVE-2016-1112
db:BIDid:90510
db:JVNDBid:JVNDB-2016-002658
db:CNNVDid:CNNVD-201605-293
db:NVDid:CVE-2016-1112

LAST UPDATE DATE
2025-04-13T23:02:58.018000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-89931date:2016-12-01T00:00:00
db:VULMONid:CVE-2016-1112date:2016-12-01T00:00:00
db:BIDid:90510date:2016-05-10T00:00:00
db:JVNDBid:JVNDB-2016-002658date:2016-05-17T00:00:00
db:CNNVDid:CNNVD-201605-293date:2016-05-11T00:00:00
db:NVDid:CVE-2016-1112date:2025-04-12T10:46:40.837

SOURCES RELEASE DATE
db:VULHUBid:VHN-89931date:2016-05-11T00:00:00
db:VULMONid:CVE-2016-1112date:2016-05-11T00:00:00
db:BIDid:90510date:2016-05-10T00:00:00
db:JVNDBid:JVNDB-2016-002658date:2016-05-17T00:00:00
db:CNNVDid:CNNVD-201605-293date:2016-05-11T00:00:00
db:NVDid:CVE-2016-1112date:2016-05-11T11:00:23.343