What is the severity of CVE-2018-16013?

CVE-2018-16013 has been categorized as a critical severity vulnerability affecting Adobe Acrobat and Reader.

How do I fix CVE-2018-16013?

To fix CVE-2018-16013, users should update Adobe Acrobat and Reader to the latest version available.

What versions of Adobe Acrobat and Reader are affected by CVE-2018-16013?

CVE-2018-16013 affects Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2017.011.30106 and earlier, and 2015.006.30457 and earlier.

What kind of attack vector does CVE-2018-16013 present?

CVE-2018-16013 presents an attack vector that allows for out-of-bounds read vulnerabilities which can be exploited.

Is CVE-2018-16013 exploitable remotely?

Yes, CVE-2018-16013 is exploitable remotely when a user opens a specially crafted PDF file.

Vulnerability/
CVE-2018-16013

medium

5.5

CWE

125

18/1/2019

5/8/2024

CVE-2018-16013

First published: Fri Jan 18 2019(Updated: )

Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008.20080 and earlier, 2019.008.20081 and earlier, 2017.011.30106 and earlier version, 2017.011.30105 and earlier version, 2015.006.30457 and earlier, and 2015.006.30456 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.

Credit: psirt@adobe.com

Affected Software	Affected Version	How to fix
Adobe Acrobat Reader	>=15.006.30060<=15.006.30457
Adobe Acrobat Reader	>=15.008.20082<=19.008.20081
Adobe Acrobat Reader	>=17.011.30056<=17.011.30106
Adobe Acrobat Reader Notification Manager	>=15.006.30060<=15.006.30457
Adobe Acrobat Reader Notification Manager	>=15.008.20082<=19.008.20081
Adobe Acrobat Reader Notification Manager	>=17.011.30059<=17.011.30106
Microsoft Windows
Adobe Acrobat Reader	>=15.006.30060<=15.006.30456
Adobe Acrobat Reader	>=15.008.20082<=19.008.20080
Adobe Acrobat Reader	>=17.011.30056<=17.011.30105
Adobe Acrobat Reader Notification Manager	>=15.006.30060<=15.006.30456
Adobe Acrobat Reader Notification Manager	>=15.008.20082<=19.008.20080
Adobe Acrobat Reader Notification Manager	>=17.011.30059<=17.011.30105
Apple iOS and macOS

Remedy

https://helpx.adobe.com/security/products/acrobat/apsb18-41.html

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2018-16013?
CVE-2018-16013 has been categorized as a critical severity vulnerability affecting Adobe Acrobat and Reader.
How do I fix CVE-2018-16013?
To fix CVE-2018-16013, users should update Adobe Acrobat and Reader to the latest version available.
What versions of Adobe Acrobat and Reader are affected by CVE-2018-16013?
CVE-2018-16013 affects Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2017.011.30106 and earlier, and 2015.006.30457 and earlier.
What kind of attack vector does CVE-2018-16013 present?
CVE-2018-16013 presents an attack vector that allows for out-of-bounds read vulnerabilities which can be exploited.
Is CVE-2018-16013 exploitable remotely?
Yes, CVE-2018-16013 is exploitable remotely when a user opens a specially crafted PDF file.

agent/references
agent/type
collector/mitre-cve
source/MITRE
agent/severity
agent/weakness
agent/last-modified-date
agent/description
agent/first-publish-date
agent/event
agent/remedy
agent/author
agent/source
agent/softwarecombine
agent/tags
collector/nvd-index
agent/software-canonical-lookup-request
vendor/adobe
canonical/adobe acrobat reader
version/adobe acrobat reader/15.006.30060
version/adobe acrobat reader/15.006.30457
version/adobe acrobat reader/15.008.20082
version/adobe acrobat reader/19.008.20081
version/adobe acrobat reader/17.011.30056
version/adobe acrobat reader/17.011.30106
canonical/adobe acrobat reader notification manager
version/adobe acrobat reader notification manager/15.006.30060
version/adobe acrobat reader notification manager/15.006.30457
version/adobe acrobat reader notification manager/15.008.20082
version/adobe acrobat reader notification manager/19.008.20081
version/adobe acrobat reader notification manager/17.011.30059
version/adobe acrobat reader notification manager/17.011.30106
vendor/microsoft
canonical/microsoft windows
version/adobe acrobat reader/15.006.30456
version/adobe acrobat reader/19.008.20080
version/adobe acrobat reader/17.011.30105
version/adobe acrobat reader notification manager/15.006.30456
version/adobe acrobat reader notification manager/19.008.20080
version/adobe acrobat reader notification manager/17.011.30105
vendor/apple
canonical/apple ios and macos

Frequently Asked Questions

What is the severity of CVE-2018-16013?
CVE-2018-16013 has been categorized as a critical severity vulnerability affecting Adobe Acrobat and Reader.
How do I fix CVE-2018-16013?
To fix CVE-2018-16013, users should update Adobe Acrobat and Reader to the latest version available.
What versions of Adobe Acrobat and Reader are affected by CVE-2018-16013?
CVE-2018-16013 affects Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2017.011.30106 and earlier, and 2015.006.30457 and earlier.
What kind of attack vector does CVE-2018-16013 present?
CVE-2018-16013 presents an attack vector that allows for out-of-bounds read vulnerabilities which can be exploited.
Is CVE-2018-16013 exploitable remotely?
Yes, CVE-2018-16013 is exploitable remotely when a user opens a specially crafted PDF file.

CVE-2018-16013

Remedy

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2018-16013?

How do I fix CVE-2018-16013?

What versions of Adobe Acrobat and Reader are affected by CVE-2018-16013?

What kind of attack vector does CVE-2018-16013 present?

Is CVE-2018-16013 exploitable remotely?

Company

Resources

Contact

Frequently Asked Questions

What is the severity of CVE-2018-16013?

How do I fix CVE-2018-16013?

What versions of Adobe Acrobat and Reader are affected by CVE-2018-16013?

What kind of attack vector does CVE-2018-16013 present?

Is CVE-2018-16013 exploitable remotely?