CVE-2018-16005
First published: Fri Jan 18 2019(Updated: )
Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008.20080 and earlier, 2019.008.20081 and earlier, 2017.011.30106 and earlier version, 2017.011.30105 and earlier version, 2015.006.30457 and earlier, and 2015.006.30456 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.
Credit: psirt@adobe.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Adobe Acrobat | >=15.006.30060<=15.006.30457 | |
| Adobe Acrobat | >=15.008.20082<=19.008.20081 | |
| Adobe Acrobat | >=17.011.30056<=17.011.30106 | |
| Adobe Acrobat Reader | >=15.006.30060<=15.006.30457 | |
| Adobe Acrobat Reader | >=15.008.20082<=19.008.20081 | |
| Adobe Acrobat Reader | >=17.011.30059<=17.011.30106 | |
| Microsoft Windows | ||
| Adobe Acrobat | >=15.006.30060<=15.006.30456 | |
| Adobe Acrobat | >=15.008.20082<=19.008.20080 | |
| Adobe Acrobat | >=17.011.30056<=17.011.30105 | |
| Adobe Acrobat Reader | >=15.006.30060<=15.006.30456 | |
| Adobe Acrobat Reader | >=15.008.20082<=19.008.20080 | |
| Adobe Acrobat Reader | >=17.011.30059<=17.011.30105 | |
| Apple iOS and macOS |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2018-16005?
CVE-2018-16005 has a severity rating that indicates it could lead to out-of-bounds read vulnerabilities in specific Adobe Acrobat and Reader versions.
How do I fix CVE-2018-16005?
To fix CVE-2018-16005, update your Adobe Acrobat and Reader software to the latest version available from Adobe.
Which versions of Adobe Acrobat are affected by CVE-2018-16005?
CVE-2018-16005 affects Adobe Acrobat versions up to 2019.008.20081 and earlier, as well as various earlier versions of Acrobat Reader.
What are the potential impacts of CVE-2018-16005?
The potential impacts of CVE-2018-16005 include the possibility of unauthorized access to sensitive information or system crashes.
Is there a workaround for CVE-2018-16005?
Currently, the best workaround for CVE-2018-16005 is to use unaffected versions of Adobe Acrobat or Reader until you can apply the security update.
- agent/type
- agent/references
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/weakness
- agent/last-modified-date
- agent/description
- agent/first-publish-date
- agent/event
- agent/remedy
- agent/author
- agent/source
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/adobe
- canonical/adobe acrobat
- version/adobe acrobat/15.006.30060
- version/adobe acrobat/15.006.30457
- version/adobe acrobat/15.008.20082
- version/adobe acrobat/19.008.20081
- version/adobe acrobat/17.011.30056
- version/adobe acrobat/17.011.30106
- canonical/adobe acrobat reader
- version/adobe acrobat reader/15.006.30060
- version/adobe acrobat reader/15.006.30457
- version/adobe acrobat reader/15.008.20082
- version/adobe acrobat reader/19.008.20081
- version/adobe acrobat reader/17.011.30059
- version/adobe acrobat reader/17.011.30106
- vendor/microsoft
- canonical/microsoft windows
- version/adobe acrobat/15.006.30456
- version/adobe acrobat/19.008.20080
- version/adobe acrobat/17.011.30105
- version/adobe acrobat reader/15.006.30456
- version/adobe acrobat reader/19.008.20080
- version/adobe acrobat reader/17.011.30105
- vendor/apple
- canonical/apple ios and macos