First published: Wed May 11 2016(Updated: )
Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1045, CVE-2016-1046, CVE-2016-1047, CVE-2016-1048, CVE-2016-1049, CVE-2016-1050, CVE-2016-1051, CVE-2016-1052, CVE-2016-1054, CVE-2016-1055, CVE-2016-1056, CVE-2016-1057, CVE-2016-1058, CVE-2016-1059, CVE-2016-1060, CVE-2016-1061, CVE-2016-1065, CVE-2016-1066, CVE-2016-1067, CVE-2016-1068, CVE-2016-1069, CVE-2016-1070, CVE-2016-1075, CVE-2016-1094, CVE-2016-1121, CVE-2016-1122, CVE-2016-4102, and CVE-2016-4107.
Credit: psirt@adobe.com
Affected Software | Affected Version | How to fix |
---|---|---|
Apple iOS and macOS | ||
Microsoft Windows | ||
Adobe Acrobat Reader | <=11.0.15 | |
Adobe Acrobat Reader | <=15.006.30121 | |
Adobe Acrobat Reader | <=15.010.20060 | |
Adobe Acrobat Reader Notification Manager | <=15.006.30121 | |
Adobe Acrobat Reader Notification Manager | <=15.010.20060 | |
Adobe Acrobat Reader | <=11.0.15 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2016-1053 is classified as a critical vulnerability due to its potential for arbitrary code execution.
To fix CVE-2016-1053, update Adobe Reader and Acrobat to the latest version as specified by Adobe.
CVE-2016-1053 affects Adobe Reader and Acrobat on Windows and macOS systems before specific versions.
Adobe Reader, Acrobat, and Acrobat DC Classic and Continuous versions below their respective thresholds are vulnerable to CVE-2016-1053.
Yes, CVE-2016-1053 can potentially be exploited remotely if a user opens a malicious PDF file.