CVE-2018-16001
First published: Fri Jan 18 2019(Updated: )
Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008.20080 and earlier, 2019.008.20081 and earlier, 2017.011.30106 and earlier version, 2017.011.30105 and earlier version, 2015.006.30457 and earlier, and 2015.006.30456 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.
Credit: psirt@adobe.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Adobe Acrobat Reader DC | >=15.006.30060<=15.006.30457 | |
| Adobe Acrobat Reader DC | >=15.008.20082<=19.008.20081 | |
| Adobe Acrobat Reader DC | >=17.011.30056<=17.011.30106 | |
| Adobe Acrobat Reader | >=15.006.30060<=15.006.30457 | |
| Adobe Acrobat Reader | >=15.008.20082<=19.008.20081 | |
| Adobe Acrobat Reader | >=17.011.30059<=17.011.30106 | |
| Microsoft Windows Operating System | ||
| Adobe Acrobat Reader DC | >=15.006.30060<=15.006.30456 | |
| Adobe Acrobat Reader DC | >=15.008.20082<=19.008.20080 | |
| Adobe Acrobat Reader DC | >=17.011.30056<=17.011.30105 | |
| Adobe Acrobat Reader | >=15.006.30060<=15.006.30456 | |
| Adobe Acrobat Reader | >=15.008.20082<=19.008.20080 | |
| Adobe Acrobat Reader | >=17.011.30059<=17.011.30105 | |
| Apple iOS and macOS |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2018-16001?
CVE-2018-16001 has been rated as critical due to potential exploitation leading to information disclosure.
How do I fix CVE-2018-16001?
To mitigate CVE-2018-16001, update Adobe Acrobat and Reader to the latest version provided by Adobe.
What are the affected versions for CVE-2018-16001?
CVE-2018-16001 affects Adobe Acrobat and Reader versions 2019.008.20081 and earlier, along with several other versions listed in the vulnerability details.
What types of vulnerabilities does CVE-2018-16001 encompass?
CVE-2018-16001 encompasses an out-of-bounds read vulnerability that could allow an attacker to read sensitive data.
Can CVE-2018-16001 affect my system if I use a non-Adobe PDF viewer?
CVE-2018-16001 specifically affects Adobe Acrobat and Reader, so other non-Adobe PDF viewers are not impacted by this vulnerability.
- agent/references
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/weakness
- agent/last-modified-date
- agent/description
- agent/first-publish-date
- agent/event
- agent/remedy
- agent/author
- agent/source
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/adobe
- canonical/adobe acrobat reader dc
- version/adobe acrobat reader dc/15.006.30060
- version/adobe acrobat reader dc/15.006.30457
- version/adobe acrobat reader dc/15.008.20082
- version/adobe acrobat reader dc/19.008.20081
- version/adobe acrobat reader dc/17.011.30056
- version/adobe acrobat reader dc/17.011.30106
- canonical/adobe acrobat reader
- version/adobe acrobat reader/15.006.30060
- version/adobe acrobat reader/15.006.30457
- version/adobe acrobat reader/15.008.20082
- version/adobe acrobat reader/19.008.20081
- version/adobe acrobat reader/17.011.30059
- version/adobe acrobat reader/17.011.30106
- vendor/microsoft
- canonical/microsoft windows operating system
- version/adobe acrobat reader dc/15.006.30456
- version/adobe acrobat reader dc/19.008.20080
- version/adobe acrobat reader dc/17.011.30105
- version/adobe acrobat reader/15.006.30456
- version/adobe acrobat reader/19.008.20080
- version/adobe acrobat reader/17.011.30105
- vendor/apple
- canonical/apple ios and macos