CVE-2018-16007: Integer Overflow
First published: Fri Jan 18 2019(Updated: )
Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008.20080 and earlier, 2019.008.20081 and earlier, 2017.011.30106 and earlier version, 2017.011.30105 and earlier version, 2015.006.30457 and earlier, and 2015.006.30456 and earlier have an integer overflow vulnerability. Successful exploitation could lead to information disclosure.
Credit: psirt@adobe.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Adobe Acrobat | >=15.006.30060<=15.006.30457 | |
| Adobe Acrobat | >=15.008.20082<=19.008.20081 | |
| Adobe Acrobat | >=17.011.30056<=17.011.30106 | |
| Adobe Acrobat Reader | >=15.006.30060<=15.006.30457 | |
| Adobe Acrobat Reader | >=15.008.20082<=19.008.20081 | |
| Adobe Acrobat Reader | >=17.011.30059<=17.011.30106 | |
| Microsoft Windows | ||
| Adobe Acrobat | >=15.006.30060<=15.006.30456 | |
| Adobe Acrobat | >=15.008.20082<=19.008.20080 | |
| Adobe Acrobat | >=17.011.30056<=17.011.30105 | |
| Adobe Acrobat Reader | >=15.006.30060<=15.006.30456 | |
| Adobe Acrobat Reader | >=15.008.20082<=19.008.20080 | |
| Adobe Acrobat Reader | >=17.011.30059<=17.011.30105 | |
| Apple iOS and macOS |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2018-16007?
CVE-2018-16007 is rated as a critical vulnerability allowing integer overflow that could potentially lead to arbitrary code execution.
How do I fix CVE-2018-16007?
To fix CVE-2018-16007, update your Adobe Acrobat and Reader to the latest version to mitigate the vulnerability.
Which versions are affected by CVE-2018-16007?
CVE-2018-16007 affects Adobe Acrobat and Reader 2019.008.20081 and earlier, among other versions listed in the Adobe security bulletin.
What impact does CVE-2018-16007 have on users?
CVE-2018-16007 can allow attackers to execute arbitrary code on the affected system, posing a significant security risk.
Is there a patch available for CVE-2018-16007?
Yes, Adobe has released security updates that address CVE-2018-16007, and users should ensure they are on the latest software version.
- agent/references
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/last-modified-date
- agent/description
- agent/first-publish-date
- agent/event
- agent/remedy
- agent/author
- agent/source
- agent/weakness
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/adobe
- canonical/adobe acrobat
- version/adobe acrobat/15.006.30060
- version/adobe acrobat/15.006.30457
- version/adobe acrobat/15.008.20082
- version/adobe acrobat/19.008.20081
- version/adobe acrobat/17.011.30056
- version/adobe acrobat/17.011.30106
- canonical/adobe acrobat reader
- version/adobe acrobat reader/15.006.30060
- version/adobe acrobat reader/15.006.30457
- version/adobe acrobat reader/15.008.20082
- version/adobe acrobat reader/19.008.20081
- version/adobe acrobat reader/17.011.30059
- version/adobe acrobat reader/17.011.30106
- vendor/microsoft
- canonical/microsoft windows
- version/adobe acrobat/15.006.30456
- version/adobe acrobat/19.008.20080
- version/adobe acrobat/17.011.30105
- version/adobe acrobat reader/15.006.30456
- version/adobe acrobat reader/19.008.20080
- version/adobe acrobat reader/17.011.30105
- vendor/apple
- canonical/apple ios and macos