CVE-2018-16033
First published: Fri Jan 18 2019(Updated: )
Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008.20080 and earlier, 2019.008.20081 and earlier, 2017.011.30106 and earlier version, 2017.011.30105 and earlier version, 2015.006.30457 and earlier, and 2015.006.30456 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.
Credit: psirt@adobe.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Adobe Acrobat Reader DC | >=15.006.30060<=15.006.30457 | |
| Adobe Acrobat Reader DC | >=15.008.20082<=19.008.20081 | |
| Adobe Acrobat Reader DC | >=17.011.30056<=17.011.30106 | |
| Adobe Acrobat Reader | >=15.006.30060<=15.006.30457 | |
| Adobe Acrobat Reader | >=15.008.20082<=19.008.20081 | |
| Adobe Acrobat Reader | >=17.011.30059<=17.011.30106 | |
| Microsoft Windows Operating System | ||
| Adobe Acrobat Reader DC | >=15.006.30060<=15.006.30456 | |
| Adobe Acrobat Reader DC | >=15.008.20082<=19.008.20080 | |
| Adobe Acrobat Reader DC | >=17.011.30056<=17.011.30105 | |
| Adobe Acrobat Reader | >=15.006.30060<=15.006.30456 | |
| Adobe Acrobat Reader | >=15.008.20082<=19.008.20080 | |
| Adobe Acrobat Reader | >=17.011.30059<=17.011.30105 | |
| Apple iOS and macOS |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2018-16033?
CVE-2018-16033 has been classified as high severity due to its potential impact on user data integrity.
How do I fix CVE-2018-16033?
To fix CVE-2018-16033, update Adobe Acrobat and Reader to the latest versions released after the vulnerability was identified.
Which versions of Adobe Acrobat and Reader are affected by CVE-2018-16033?
Affected versions include Adobe Acrobat and Reader prior to 2019.008.20081, 2019.008.20080, 2017.011.30106, and 2015.006.30457.
What type of vulnerability is CVE-2018-16033?
CVE-2018-16033 is an out-of-bounds read vulnerability that can be exploited to access unauthorized memory.
Can CVE-2018-16033 affect users on macOS?
CVE-2018-16033 can affect users running vulnerable versions of Adobe Acrobat and Reader on macOS as well.
- agent/references
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/weakness
- agent/last-modified-date
- agent/first-publish-date
- agent/description
- agent/remedy
- agent/author
- agent/event
- agent/source
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/adobe
- canonical/adobe acrobat reader dc
- version/adobe acrobat reader dc/15.006.30060
- version/adobe acrobat reader dc/15.006.30457
- version/adobe acrobat reader dc/15.008.20082
- version/adobe acrobat reader dc/19.008.20081
- version/adobe acrobat reader dc/17.011.30056
- version/adobe acrobat reader dc/17.011.30106
- canonical/adobe acrobat reader
- version/adobe acrobat reader/15.006.30060
- version/adobe acrobat reader/15.006.30457
- version/adobe acrobat reader/15.008.20082
- version/adobe acrobat reader/19.008.20081
- version/adobe acrobat reader/17.011.30059
- version/adobe acrobat reader/17.011.30106
- vendor/microsoft
- canonical/microsoft windows operating system
- version/adobe acrobat reader dc/15.006.30456
- version/adobe acrobat reader dc/19.008.20080
- version/adobe acrobat reader dc/17.011.30105
- version/adobe acrobat reader/15.006.30456
- version/adobe acrobat reader/19.008.20080
- version/adobe acrobat reader/17.011.30105
- vendor/apple
- canonical/apple ios and macos