What is the severity of CVE-2018-16009?

CVE-2018-16009 has a critical severity rating due to its potential to allow arbitrary code execution.

How do I fix CVE-2018-16009?

To fix CVE-2018-16009, update Adobe Acrobat and Reader to the latest version provided by Adobe.

Which versions are affected by CVE-2018-16009?

CVE-2018-16009 affects Adobe Acrobat and Reader versions prior to 2019.008.20082 and 2017.011.30107.

What types of vulnerabilities does CVE-2018-16009 involve?

CVE-2018-16009 involves an integer overflow vulnerability that may lead to memory corruption.

Are Adobe Acrobat Reader DC versions vulnerable to CVE-2018-16009?

Yes, Adobe Acrobat Reader DC versions noted in the vulnerability details are vulnerable to CVE-2018-16009.

Vulnerability/
CVE-2018-16009

medium

6.5

CWE

190

18/1/2019

5/8/2024

CVE-2018-16009: Integer Overflow

First published: Fri Jan 18 2019(Updated: )

Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008.20080 and earlier, 2019.008.20081 and earlier, 2017.011.30106 and earlier version, 2017.011.30105 and earlier version, 2015.006.30457 and earlier, and 2015.006.30456 and earlier have an integer overflow vulnerability. Successful exploitation could lead to information disclosure.

Credit: psirt@adobe.com

Affected Software	Affected Version	How to fix
Adobe Acrobat	>=15.006.30060<=15.006.30457
Adobe Acrobat	>=15.008.20082<=19.008.20081
Adobe Acrobat	>=17.011.30056<=17.011.30106
Adobe Acrobat Reader	>=15.006.30060<=15.006.30457
Adobe Acrobat Reader	>=15.008.20082<=19.008.20081
Adobe Acrobat Reader	>=17.011.30059<=17.011.30106
Microsoft Windows
Adobe Acrobat	>=15.006.30060<=15.006.30456
Adobe Acrobat	>=15.008.20082<=19.008.20080
Adobe Acrobat	>=17.011.30056<=17.011.30105
Adobe Acrobat Reader	>=15.006.30060<=15.006.30456
Adobe Acrobat Reader	>=15.008.20082<=19.008.20080
Adobe Acrobat Reader	>=17.011.30059<=17.011.30105
Apple iOS and macOS

Remedy

https://helpx.adobe.com/security/products/acrobat/apsb18-41.html

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2018-16009?
CVE-2018-16009 has a critical severity rating due to its potential to allow arbitrary code execution.
How do I fix CVE-2018-16009?
To fix CVE-2018-16009, update Adobe Acrobat and Reader to the latest version provided by Adobe.
Which versions are affected by CVE-2018-16009?
CVE-2018-16009 affects Adobe Acrobat and Reader versions prior to 2019.008.20082 and 2017.011.30107.
What types of vulnerabilities does CVE-2018-16009 involve?
CVE-2018-16009 involves an integer overflow vulnerability that may lead to memory corruption.
Are Adobe Acrobat Reader DC versions vulnerable to CVE-2018-16009?
Yes, Adobe Acrobat Reader DC versions noted in the vulnerability details are vulnerable to CVE-2018-16009.

agent/references
agent/type
collector/mitre-cve
source/MITRE
agent/severity
agent/last-modified-date
agent/description
agent/first-publish-date
agent/event
agent/remedy
agent/author
agent/source
agent/weakness
agent/softwarecombine
agent/tags
collector/nvd-index
agent/software-canonical-lookup-request
vendor/adobe
canonical/adobe acrobat
version/adobe acrobat/15.006.30060
version/adobe acrobat/15.006.30457
version/adobe acrobat/15.008.20082
version/adobe acrobat/19.008.20081
version/adobe acrobat/17.011.30056
version/adobe acrobat/17.011.30106
canonical/adobe acrobat reader
version/adobe acrobat reader/15.006.30060
version/adobe acrobat reader/15.006.30457
version/adobe acrobat reader/15.008.20082
version/adobe acrobat reader/19.008.20081
version/adobe acrobat reader/17.011.30059
version/adobe acrobat reader/17.011.30106
vendor/microsoft
canonical/microsoft windows
version/adobe acrobat/15.006.30456
version/adobe acrobat/19.008.20080
version/adobe acrobat/17.011.30105
version/adobe acrobat reader/15.006.30456
version/adobe acrobat reader/19.008.20080
version/adobe acrobat reader/17.011.30105
vendor/apple
canonical/apple ios and macos