Sign-up

ID

VAR-201605-0380


CVE

CVE-2016-1043


TITLE

Windows and Mac OS X Run on Adobe Reader and Acrobat Integer overflow vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2016-002602

DESCRIPTION

Integer overflow in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the handling of XFA FormCalc. A specially crafted replace call can trigger an integer overflow condition. An attacker can leverage this vulnerability to execute code under the context of the current process. Adobe Reader and Acrobat are prone to an integer-overflow vulnerability. Failed exploit attempts will likely result in denial-of-service conditions. Note: This issue was previously titled 'Adobe Reader and Acrobat CVE-2016-1043 Unspecified Integer Overflow Vulnerability'. The title has been changed to better reflect the vulnerability information. Adobe Acrobat DC, etc. are all products of Adobe (Adobe) in the United States. Acrobat DC is a desktop PDF solution; Acrobat Reader DC is a set of tools for viewing, printing and annotating PDF

Trust: 2.7

sources: NVD: CVE-2016-1043 // JVNDB: JVNDB-2016-002602 // ZDI: ZDI-16-286 // BID: 90516 // VULHUB: VHN-89205 // VULMON: CVE-2016-1043

AFFECTED PRODUCTS

vendor:adobemodel:acrobat dcscope:lteversion:15.006.30121

Trust: 1.0

vendor:adobemodel:acrobat dcscope:lteversion:15.010.20060

Trust: 1.0

vendor:adobemodel:acrobat reader dcscope:lteversion:15.006.30121

Trust: 1.0

vendor:adobemodel:readerscope:lteversion:11.0.15

Trust: 1.0

vendor:adobemodel:acrobat reader dcscope:lteversion:15.010.20060

Trust: 1.0

vendor:adobemodel:acrobatscope:lteversion:11.0.15

Trust: 1.0

vendor:adobemodel:acrobatscope:ltversion:xi desktop 11.0.16 (windows/macintosh)

Trust: 0.8

vendor:adobemodel:acrobat dcscope:ltversion:classic 15.006.30172 (windows/macintosh)

Trust: 0.8

vendor:adobemodel:acrobat dcscope:ltversion:continuous track 15.016.20039 (windows/macintosh)

Trust: 0.8

vendor:adobemodel:acrobat reader dcscope:ltversion:classic 15.006.30172 (windows/macintosh)

Trust: 0.8

vendor:adobemodel:acrobat reader dcscope:ltversion:continuous track 15.016.20039 (windows/macintosh)

Trust: 0.8

vendor:adobemodel:readerscope:ltversion:xi desktop 11.0.16 (windows/macintosh)

Trust: 0.8

vendor:adobemodel:acrobat reader dcscope: - version: -

Trust: 0.7

vendor:microsoftmodel:windowsscope: - version: -

Trust: 0.6

sources: ZDI: ZDI-16-286 // JVNDB: JVNDB-2016-002602 // CNNVD: CNNVD-201605-242 // NVD: CVE-2016-1043

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2016-1043
value: CRITICAL

Trust: 1.0

NVD: CVE-2016-1043
value: CRITICAL

Trust: 0.8

ZDI: CVE-2016-1043
value: MEDIUM

Trust: 0.7

CNNVD: CNNVD-201605-242
value: CRITICAL

Trust: 0.6

VULHUB: VHN-89205
value: HIGH

Trust: 0.1

VULMON: CVE-2016-1043
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2016-1043
severity: HIGH
baseScore: 10.0
vectorString: AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.9

ZDI: CVE-2016-1043
severity: MEDIUM
baseScore: 6.8
vectorString: AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 8.6
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.7

VULHUB: VHN-89205
severity: HIGH
baseScore: 10.0
vectorString: AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2016-1043
baseSeverity: CRITICAL
baseScore: 9.8
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 5.9
version: 3.0

Trust: 1.8

sources: ZDI: ZDI-16-286 // VULHUB: VHN-89205 // VULMON: CVE-2016-1043 // JVNDB: JVNDB-2016-002602 // CNNVD: CNNVD-201605-242 // NVD: CVE-2016-1043

PROBLEMTYPE DATA

problemtype:CWE-119

Trust: 1.9

sources: VULHUB: VHN-89205 // JVNDB: JVNDB-2016-002602 // NVD: CVE-2016-1043

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201605-242

TYPE

buffer overflow

Trust: 0.6

sources: CNNVD: CNNVD-201605-242

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2016-002602

PATCH
title:APSB16-14url:https://helpx.adobe.com/security/products/acrobat/apsb16-14.html
Trust: 1.5
title:APSB16-14url:https://helpx.adobe.com/jp/security/products/reader/apsb16-14.html
Trust: 0.8
title:アドビ システムズ社 Adobe Reader の脆弱性に関するお知らせurl:http://www.fmworld.net/biz/common/adobe/20160512.html
Trust: 0.8
title:Multiple Adobe Product Integer Overflow Vulnerability Fixurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=61560
Trust: 0.6
sources:
            
            
            ZDI: ZDI-16-286 // 
            
            
            
            JVNDB: JVNDB-2016-002602 // 
            
            
            
            CNNVD: CNNVD-201605-242

EXTERNAL IDS
db:NVDid:CVE-2016-1043
Trust: 3.6
db:ZDIid:ZDI-16-286
Trust: 2.2
db:BIDid:90516
Trust: 1.5
db:SECTRACKid:1035828
Trust: 1.2
db:JVNDBid:JVNDB-2016-002602
Trust: 0.8
db:ZDI_CANid:ZDI-CAN-3414
Trust: 0.7
db:CNNVDid:CNNVD-201605-242
Trust: 0.7
db:AUSCERTid:ESB-2016.1146
Trust: 0.6
db:VULHUBid:VHN-89205
Trust: 0.1
db:VULMONid:CVE-2016-1043
Trust: 0.1
sources:
            
            
            ZDI: ZDI-16-286 // 
            
            
            
            VULHUB: VHN-89205 // 
            
            
            
            VULMON: CVE-2016-1043 // 
            
            
            
            BID: 90516 // 
            
            
            
            JVNDB: JVNDB-2016-002602 // 
            
            
            
            CNNVD: CNNVD-201605-242 // 
            
            
            
            NVD: CVE-2016-1043

REFERENCES
url:https://helpx.adobe.com/security/products/acrobat/apsb16-14.html
Trust: 2.8
url:http://www.zerodayinitiative.com/advisories/zdi-16-286
Trust: 1.5
url:http://www.securityfocus.com/bid/90516
Trust: 1.2
url:http://www.securitytracker.com/id/1035828
Trust: 1.2
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-1043
Trust: 0.8
url:https://www.ipa.go.jp/security/ciadr/vul/20160511-adobereader.html
Trust: 0.8
url:https://www.jpcert.or.jp/at/2016/at160023.html
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-1043
Trust: 0.8
url:http://www.npa.go.jp/cyberpolice/topics/?seq=18377
Trust: 0.8
url:https://www.auscert.org.au/render.html?it=34330
Trust: 0.6
url:http://www.adobe.com/products/acrobat.html
Trust: 0.3
url:http://www.adobe.com
Trust: 0.3
url:http://get.adobe.com/reader/
Trust: 0.3
url:https://cwe.mitre.org/data/definitions/119.html
Trust: 0.1
url:http://tools.cisco.com/security/center/viewalert.x?alertid=46348
Trust: 0.1
url:https://nvd.nist.gov
Trust: 0.1
sources:
            
            
            ZDI: ZDI-16-286 // 
            
            
            
            VULHUB: VHN-89205 // 
            
            
            
            VULMON: CVE-2016-1043 // 
            
            
            
            BID: 90516 // 
            
            
            
            JVNDB: JVNDB-2016-002602 // 
            
            
            
            CNNVD: CNNVD-201605-242 // 
            
            
            
            NVD: CVE-2016-1043

CREDITS
Anonymous working with Trend Micro's Zero Day Initiative
Trust: 0.9
sources:
            
            
            BID: 90516 // 
            
            
            
            CNNVD: CNNVD-201605-242

SOURCES
db:ZDIid:ZDI-16-286
db:VULHUBid:VHN-89205
db:VULMONid:CVE-2016-1043
db:BIDid:90516
db:JVNDBid:JVNDB-2016-002602
db:CNNVDid:CNNVD-201605-242
db:NVDid:CVE-2016-1043

LAST UPDATE DATE
2025-04-13T23:03:04.469000+00:00

SOURCES UPDATE DATE
db:ZDIid:ZDI-16-286date:2016-05-10T00:00:00
db:VULHUBid:VHN-89205date:2016-12-01T00:00:00
db:VULMONid:CVE-2016-1043date:2016-12-01T00:00:00
db:BIDid:90516date:2016-07-06T14:39:00
db:JVNDBid:JVNDB-2016-002602date:2016-05-16T00:00:00
db:CNNVDid:CNNVD-201605-242date:2016-05-11T00:00:00
db:NVDid:CVE-2016-1043date:2025-04-12T10:46:40.837

SOURCES RELEASE DATE
db:ZDIid:ZDI-16-286date:2016-05-10T00:00:00
db:VULHUBid:VHN-89205date:2016-05-11T00:00:00
db:VULMONid:CVE-2016-1043date:2016-05-11T00:00:00
db:BIDid:90516date:2016-05-10T00:00:00
db:JVNDBid:JVNDB-2016-002602date:2016-05-16T00:00:00
db:CNNVDid:CNNVD-201605-242date:2016-05-11T00:00:00
db:NVDid:CVE-2016-1043date:2016-05-11T10:59:07.537