What is the severity of CVE-2016-1094?

CVE-2016-1094 has a critical severity rating as it allows attackers to execute arbitrary code on affected systems.

How do I fix CVE-2016-1094?

To fix CVE-2016-1094, update Adobe Reader or Acrobat to the latest version that is not affected by this vulnerability.

Which versions of Adobe Reader and Acrobat are affected by CVE-2016-1094?

Adobe Reader and Acrobat versions before 11.0.16 and versions of Acrobat DC before 15.006.30172 are affected by CVE-2016-1094.

Can CVE-2016-1094 be exploited remotely?

Yes, CVE-2016-1094 can potentially be exploited remotely through malicious PDF files.

Is macOS vulnerable to CVE-2016-1094?

No, macOS itself is not vulnerable to CVE-2016-1094; it is specifically an issue with Adobe products running on supported operating systems.

Vulnerability/
CVE-2016-1094

critical

CWE

416

11/5/2016

5/8/2024

CVE-2016-1094: Use After Free

First published: Wed May 11 2016(Updated: )

Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1045, CVE-2016-1046, CVE-2016-1047, CVE-2016-1048, CVE-2016-1049, CVE-2016-1050, CVE-2016-1051, CVE-2016-1052, CVE-2016-1053, CVE-2016-1054, CVE-2016-1055, CVE-2016-1056, CVE-2016-1057, CVE-2016-1058, CVE-2016-1059, CVE-2016-1060, CVE-2016-1061, CVE-2016-1065, CVE-2016-1066, CVE-2016-1067, CVE-2016-1068, CVE-2016-1069, CVE-2016-1070, CVE-2016-1075, CVE-2016-1121, CVE-2016-1122, CVE-2016-4102, and CVE-2016-4107.

Credit: psirt@adobe.com

Affected Software	Affected Version	How to fix
Apple iOS and macOS
Microsoft Windows
Adobe Acrobat Reader	<=15.006.30121
Adobe Acrobat Reader	<=15.010.20060
Adobe Acrobat Reader Notification Manager	<=15.006.30121
Adobe Acrobat Reader Notification Manager	<=15.010.20060
Adobe Acrobat	<=11.0.15
Adobe Acrobat Reader	<=11.0.15

Remedy

https://helpx.adobe.com/security/products/acrobat/apsb16-14.html

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2016-1094?
CVE-2016-1094 has a critical severity rating as it allows attackers to execute arbitrary code on affected systems.
How do I fix CVE-2016-1094?
To fix CVE-2016-1094, update Adobe Reader or Acrobat to the latest version that is not affected by this vulnerability.
Which versions of Adobe Reader and Acrobat are affected by CVE-2016-1094?
Adobe Reader and Acrobat versions before 11.0.16 and versions of Acrobat DC before 15.006.30172 are affected by CVE-2016-1094.
Can CVE-2016-1094 be exploited remotely?
Yes, CVE-2016-1094 can potentially be exploited remotely through malicious PDF files.
Is macOS vulnerable to CVE-2016-1094?
No, macOS itself is not vulnerable to CVE-2016-1094; it is specifically an issue with Adobe products running on supported operating systems.

agent/type
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/author
agent/remedy
agent/severity
agent/references
agent/weakness
agent/description
agent/first-publish-date
agent/event
agent/source
agent/tags
collector/nvd-index
agent/software-canonical-lookup-request
agent/softwarecombine
vendor/apple
canonical/apple ios and macos
vendor/microsoft
canonical/microsoft windows
vendor/adobe
canonical/adobe acrobat reader
version/adobe acrobat reader/15.006.30121
version/adobe acrobat reader/15.010.20060
canonical/adobe acrobat reader notification manager
version/adobe acrobat reader notification manager/15.006.30121
version/adobe acrobat reader notification manager/15.010.20060
canonical/adobe acrobat
version/adobe acrobat/11.0.15
version/adobe acrobat reader/11.0.15