What is the severity of CVE-2016-4250?

CVE-2016-4250 is classified as a critical vulnerability allowing attackers to execute arbitrary code.

How do I fix CVE-2016-4250?

To fix CVE-2016-4250, update Adobe Reader and Acrobat to the latest version available.

Which versions are affected by CVE-2016-4250?

CVE-2016-4250 affects Adobe Reader and Acrobat versions prior to 11.0.17 and for specific Classic and Continuous builds of Acrobat DC.

What types of attacks can CVE-2016-4250 facilitate?

CVE-2016-4250 can facilitate arbitrary code execution and denial of service attacks through memory corruption.

Can CVE-2016-4250 be exploited remotely?

Yes, CVE-2016-4250 can be exploited remotely without any user interaction through specially crafted PDFs.

Vulnerability/
CVE-2016-4250

critical

CWE

119

13/7/2016

6/8/2024

CVE-2016-4250: Buffer Overflow

First published: Wed Jul 13 2016(Updated: )

Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4191, CVE-2016-4192, CVE-2016-4193, CVE-2016-4194, CVE-2016-4195, CVE-2016-4196, CVE-2016-4197, CVE-2016-4198, CVE-2016-4199, CVE-2016-4200, CVE-2016-4201, CVE-2016-4202, CVE-2016-4203, CVE-2016-4204, CVE-2016-4205, CVE-2016-4206, CVE-2016-4207, CVE-2016-4208, CVE-2016-4211, CVE-2016-4212, CVE-2016-4213, CVE-2016-4214, CVE-2016-4251, CVE-2016-4252, and CVE-2016-4254.

Credit: psirt@adobe.com

Affected Software	Affected Version	How to fix
Apple iOS and macOS
Microsoft Windows Operating System
Adobe Acrobat Reader	<=11.0.16
Adobe Acrobat Reader DC	<=15.006.30174
Adobe Acrobat Reader DC	<=15.016.20045
Adobe Acrobat Reader	<=15.006.30174
Adobe Acrobat Reader	<=15.016.20045
Adobe Acrobat Reader	<=11.0.16

Remedy

https://helpx.adobe.com/security/products/acrobat/apsb16-26.html

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2016-4250?
CVE-2016-4250 is classified as a critical vulnerability allowing attackers to execute arbitrary code.
How do I fix CVE-2016-4250?
To fix CVE-2016-4250, update Adobe Reader and Acrobat to the latest version available.
Which versions are affected by CVE-2016-4250?
CVE-2016-4250 affects Adobe Reader and Acrobat versions prior to 11.0.17 and for specific Classic and Continuous builds of Acrobat DC.
What types of attacks can CVE-2016-4250 facilitate?
CVE-2016-4250 can facilitate arbitrary code execution and denial of service attacks through memory corruption.
Can CVE-2016-4250 be exploited remotely?
Yes, CVE-2016-4250 can be exploited remotely without any user interaction through specially crafted PDFs.

agent/type
agent/severity
agent/references
agent/remedy
agent/weakness
agent/author
agent/description
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/first-publish-date
agent/event
agent/source
agent/softwarecombine
agent/tags
collector/nvd-index
agent/software-canonical-lookup-request
vendor/apple
canonical/apple ios and macos
vendor/microsoft
canonical/microsoft windows operating system
vendor/adobe
canonical/adobe acrobat reader
version/adobe acrobat reader/11.0.16
canonical/adobe acrobat reader dc
version/adobe acrobat reader dc/15.006.30174
version/adobe acrobat reader dc/15.016.20045
version/adobe acrobat reader/15.006.30174
version/adobe acrobat reader/15.016.20045