Details of VAR-201601-0596

ID

VAR-201601-0596

CVE

CVE-2016-0935

TITLE

Windows and Mac OS X Run on Adobe Reader and Acrobat Memory double free vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2016-001037

DESCRIPTION

Double free vulnerability in Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC Classic before 15.006.30119, and Acrobat and Acrobat Reader DC Continuous before 15.010.20056 on Windows and OS X allows attackers to execute arbitrary code via a crafted ExtGState dictionary. Supplementary information : CWE Vulnerability type by CWE-415: Double Free ( Double release ) Has been identified. http://cwe.mitre.org/data/definitions/415.htmlCrafted by attackers ExtGState Arbitrary code may be executed through the dictionary. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the handling of the ExtGState dictionary within PDFs. The issue lies in the processing of malformed dictionaries leading to a double free. Failed exploit attempts will likely cause denial-of-service conditions. Adobe Acrobat DC, etc. are all products of Adobe (Adobe) in the United States. Acrobat DC is a desktop PDF solution; Acrobat Reader DC is a set of tools for viewing, printing and annotating PDF

Trust: 2.61

sources: NVD: CVE-2016-0935 // JVNDB: JVNDB-2016-001037 // ZDI: ZDI-16-017 // BID: 80363 // VULHUB: VHN-88445

AFFECTED PRODUCTS

vendor:	adobe	model:	acrobat reader	scope:	eq	version:	11.0.8	Trust: 1.6
vendor:	adobe	model:	acrobat reader	scope:	eq	version:	11.0.10	Trust: 1.6
vendor:	adobe	model:	acrobat reader	scope:	eq	version:	11.0.6	Trust: 1.6
vendor:	adobe	model:	acrobat reader	scope:	eq	version:	11.0.5	Trust: 1.6
vendor:	adobe	model:	acrobat reader	scope:	eq	version:	11.0.7	Trust: 1.6
vendor:	adobe	model:	acrobat	scope:	eq	version:	11.0.3	Trust: 1.6
vendor:	adobe	model:	acrobat	scope:	eq	version:	11.0.6	Trust: 1.6
vendor:	adobe	model:	acrobat	scope:	eq	version:	11.0.5	Trust: 1.6
vendor:	adobe	model:	acrobat reader	scope:	eq	version:	11.0.9	Trust: 1.6
vendor:	adobe	model:	acrobat	scope:	eq	version:	11.0.4	Trust: 1.6
vendor:	adobe	model:	acrobat	scope:	eq	version:	11.0.2	Trust: 1.0
vendor:	adobe	model:	acrobat reader	scope:	eq	version:	11.0.11	Trust: 1.0
vendor:	adobe	model:	acrobat	scope:	eq	version:	11.0.9	Trust: 1.0
vendor:	adobe	model:	acrobat dc	scope:	lte	version:	15.006.30097	Trust: 1.0
vendor:	adobe	model:	acrobat	scope:	eq	version:	11.0.10	Trust: 1.0
vendor:	adobe	model:	acrobat	scope:	lte	version:	11.0.13	Trust: 1.0
vendor:	adobe	model:	acrobat	scope:	eq	version:	11.0.11	Trust: 1.0
vendor:	adobe	model:	acrobat reader	scope:	eq	version:	11.0.3	Trust: 1.0
vendor:	adobe	model:	acrobat reader dc	scope:	lte	version:	15.006.30097	Trust: 1.0
vendor:	adobe	model:	acrobat	scope:	eq	version:	11.0.7	Trust: 1.0
vendor:	adobe	model:	acrobat dc	scope:	lte	version:	15.009.20077	Trust: 1.0
vendor:	adobe	model:	acrobat reader	scope:	eq	version:	11.0.0	Trust: 1.0
vendor:	adobe	model:	acrobat reader	scope:	eq	version:	11.0.12	Trust: 1.0
vendor:	adobe	model:	acrobat reader dc	scope:	lte	version:	15.009.20077	Trust: 1.0
vendor:	adobe	model:	acrobat reader	scope:	eq	version:	11.0.1	Trust: 1.0
vendor:	adobe	model:	acrobat	scope:	eq	version:	11.0.0	Trust: 1.0
vendor:	adobe	model:	acrobat	scope:	eq	version:	11.0.12	Trust: 1.0
vendor:	adobe	model:	acrobat reader	scope:	lte	version:	11.0.13	Trust: 1.0
vendor:	adobe	model:	acrobat	scope:	eq	version:	11.0.1	Trust: 1.0
vendor:	adobe	model:	acrobat reader	scope:	eq	version:	11.0.4	Trust: 1.0
vendor:	adobe	model:	acrobat	scope:	eq	version:	11.0.8	Trust: 1.0
vendor:	adobe	model:	acrobat reader	scope:	eq	version:	11.0.2	Trust: 1.0
vendor:	adobe	model:	acrobat	scope:	lt	version:	xi desktop 11.0.14 (windows/macintosh)	Trust: 0.8
vendor:	adobe	model:	acrobat dc	scope:	lt	version:	classic 15.006.30119 (windows/macintosh)	Trust: 0.8
vendor:	adobe	model:	acrobat dc	scope:	lt	version:	continuous track 15.010.20056 (windows/macintosh)	Trust: 0.8
vendor:	adobe	model:	acrobat reader dc	scope:	lt	version:	classic 15.006.30119 (windows/macintosh)	Trust: 0.8
vendor:	adobe	model:	acrobat reader dc	scope:	lt	version:	continuous track 15.010.20056 (windows/macintosh)	Trust: 0.8
vendor:	adobe	model:	reader	scope:	lt	version:	xi desktop 11.0.14 (windows/macintosh)	Trust: 0.8
vendor:	adobe	model:	reader	scope:	-	version:	-	Trust: 0.7

sources: ZDI: ZDI-16-017 // JVNDB: JVNDB-2016-001037 // CNNVD: CNNVD-201601-235 // NVD: CVE-2016-0935

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2016-0935
value:	HIGH
Trust: 1.0
NVD:	CVE-2016-0935
value:	MEDIUM
Trust: 0.8
ZDI:	CVE-2016-0935
value:	MEDIUM
Trust: 0.7
CNNVD:	CNNVD-201601-235
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-88445
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2016-0935
severity:	MEDIUM
baseScore:	6.8
vectorString:	AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	8.6
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 2.5
VULHUB:	VHN-88445
severity:	MEDIUM
baseScore:	6.8
vectorString:	AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	8.6
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2016-0935
baseSeverity:	HIGH
baseScore:	8.8
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	REQUIRED
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	2.8
impactScore:	5.9
version:	3.0
Trust: 1.0

sources: ZDI: ZDI-16-017 // VULHUB: VHN-88445 // JVNDB: JVNDB-2016-001037 // CNNVD: CNNVD-201601-235 // NVD: CVE-2016-0935

PROBLEMTYPE DATA

problemtype:	NVD-CWE-Other	Trust: 1.0
problemtype:	CWE-Other	Trust: 0.8

sources: JVNDB: JVNDB-2016-001037 // NVD: CVE-2016-0935

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201601-235

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-201601-235

CONFIGURATIONS

sources: JVNDB: JVNDB-2016-001037

PATCH

title:	APSB16-02	url:	https://helpx.adobe.com/security/products/acrobat/apsb16-02.html	Trust: 1.5
title:	APSB16-02	url:	https://helpx.adobe.com/jp/security/products/reader/apsb16-02.html	Trust: 0.8
title:	アドビシステムズ社 Adobe Reader の脆弱性に関するお知らせ	url:	http://www.fmworld.net/biz/common/adobe/20160114.html	Trust: 0.8
title:	Multiple Adobe Product double release vulnerability repair measures	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=59582	Trust: 0.6

sources: ZDI: ZDI-16-017 // JVNDB: JVNDB-2016-001037 // CNNVD: CNNVD-201601-235

EXTERNAL IDS

db:	NVD	id:	CVE-2016-0935	Trust: 3.5
db:	ZDI	id:	ZDI-16-017	Trust: 2.7
db:	SECTRACK	id:	1034646	Trust: 1.1
db:	JVNDB	id:	JVNDB-2016-001037	Trust: 0.8
db:	ZDI_CAN	id:	ZDI-CAN-3273	Trust: 0.7
db:	CNNVD	id:	CNNVD-201601-235	Trust: 0.7
db:	BID	id:	80363	Trust: 0.4
db:	VULHUB	id:	VHN-88445	Trust: 0.1

sources: ZDI: ZDI-16-017 // VULHUB: VHN-88445 // BID: 80363 // JVNDB: JVNDB-2016-001037 // CNNVD: CNNVD-201601-235 // NVD: CVE-2016-0935

REFERENCES

url:	https://helpx.adobe.com/security/products/acrobat/apsb16-02.html	Trust: 2.7
url:	http://zerodayinitiative.com/advisories/zdi-16-017	Trust: 1.7
url:	http://www.securitytracker.com/id/1034646	Trust: 1.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-0935	Trust: 0.8
url:	https://www.ipa.go.jp/security/ciadr/vul/20160113-adobereader.html	Trust: 0.8
url:	http://www.jpcert.or.jp/at/2016/at160003.html	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-0935	Trust: 0.8
url:	http://www.npa.go.jp/cyberpolice/topics/?seq=17575	Trust: 0.8
url:	http://www.adobe.com/products/acrobat/	Trust: 0.3
url:	http://www.adobe.com	Trust: 0.3
url:	http://get.adobe.com/reader/	Trust: 0.3
url:	https://helpx.adobe.com/security/products/reader/apsb16-02.html	Trust: 0.3
url:	http://www.zerodayinitiative.com/advisories/zdi-16-017/	Trust: 0.3

sources: ZDI: ZDI-16-017 // VULHUB: VHN-88445 // BID: 80363 // JVNDB: JVNDB-2016-001037 // CNNVD: CNNVD-201601-235 // NVD: CVE-2016-0935

CREDITS

kdot

Trust: 0.7

sources: ZDI: ZDI-16-017

SOURCES

db:	ZDI	id:	ZDI-16-017
db:	VULHUB	id:	VHN-88445
db:	BID	id:	80363
db:	JVNDB	id:	JVNDB-2016-001037
db:	CNNVD	id:	CNNVD-201601-235
db:	NVD	id:	CVE-2016-0935

LAST UPDATE DATE

2024-11-23T21:43:24.782000+00:00

SOURCES UPDATE DATE

db:	ZDI	id:	ZDI-16-017	date:	2016-01-12T00:00:00
db:	VULHUB	id:	VHN-88445	date:	2016-12-07T00:00:00
db:	BID	id:	80363	date:	2016-02-02T20:26:00
db:	JVNDB	id:	JVNDB-2016-001037	date:	2016-01-15T00:00:00
db:	CNNVD	id:	CNNVD-201601-235	date:	2016-01-15T00:00:00
db:	NVD	id:	CVE-2016-0935	date:	2024-11-21T02:42:39.990

SOURCES RELEASE DATE

db:	ZDI	id:	ZDI-16-017	date:	2016-01-12T00:00:00
db:	VULHUB	id:	VHN-88445	date:	2016-01-14T00:00:00
db:	BID	id:	80363	date:	2016-01-12T00:00:00
db:	JVNDB	id:	JVNDB-2016-001037	date:	2016-01-15T00:00:00
db:	CNNVD	id:	CNNVD-201601-235	date:	2016-01-15T00:00:00
db:	NVD	id:	CVE-2016-0935	date:	2016-01-14T05:59:04.343