CVE-2016-1008
Description
Untrusted search path vulnerability in Adobe Reader and Acrobat before 11.0.15, Acrobat and Acrobat Reader DC Classic before 15.006.30121, and Acrobat and Acrobat Reader DC Continuous before 15.010.20060 on Windows and OS X allows local users to gain privileges via a Trojan horse DLL in an unspecified directory.
Risk Information
Base Score
8.4
MODERATE
Vector
CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
0.586
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Vulnerabilities CVE-2016-1007,CVE-2016-1008,CVE-2016-1009 are fixed in Adobe Reader 11.0.15 security update - All languages (APSB16-09) | Windows |
| Vulnerabilities CVE-2016-1007,CVE-2016-1008,CVE-2016-1009 are fixed in Adobe Acrobat 11.0.15 Pro and Standard security update - All languages (APSB16-09) | Windows |
| Vulnerabilities CVE-2016-1007,CVE-2016-1008,CVE-2016-1009 are fixed in Adobe Acrobat DC 15.010.20060 | Windows |
| Vulnerabilities CVE-2016-1007,CVE-2016-1008,CVE-2016-1009 are fixed in Adobe Acrobat DC 15.006.30121 | Windows |
| Vulnerabilities CVE-2016-1007,CVE-2016-1008,CVE-2016-1009 are affected in Acrobat DC 15.010.20059 | Windows |
| Vulnerabilities CVE-2016-1007,CVE-2016-1008,CVE-2016-1009 are affected in Acrobat Reader 11.0.14 | Windows |
| Vulnerabilities CVE-2016-1007,CVE-2016-1008,CVE-2016-1009 are affected in Adobe Acrobat DC for MAC 15.006.30119 | Mac |
| Vulnerabilities CVE-2016-1007,CVE-2016-1008,CVE-2016-1009 are affected in Adobe Acrobat Reader DC for MAC 15.010.20059 | Mac |
Patch Details
Click to see the patches provided by ManageEngine for this CVE
| Patch ID | Patch Description |
|---|---|
| PATCH-303268 | Adobe Reader 11.0.15 security update - All languages (APSB16-09) |
| PATCH-303267 | Adobe Acrobat 11.0.15 Pro and Standard security update - All languages (APSB16-09) |
| PATCH-343120 | Adobe Acrobat Reader DC (24.004.20272) |
| PATCH-315460 | Adobe Acrobat DC Pro and Standard (Classic Track) update - All languages (15.006.30527) (APSB20-48) |
| PATCH-343119 | Adobe Acrobat DC Pro and Standard (Continuous Track) update - All languages (24.004.20272) |
| PATCH-315465 | Adobe Acrobat Reader MUI DC (Classic Track) update - All languages (15.006.30527) (APSB20-48) |
| PATCH-611991 | Adobe Acrobat DC for MAC (25.001.20693)(Deployment-Only) |
| PATCH-611989 | Adobe Acrobat Reader DC for MAC (25.001.20693)(Deployment-Only) |
References
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234