CVE-2018-16042 — MEDIUM (6.5)

Q: How severe is CVE-2018-16042?

CVE-2018-16042 has been rated MEDIUM with a CVSS base score of 6.5/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2018-16042?

Check the references section above for vendor advisories and patch information. Affected products include: Adobe Acrobat Dc, Adobe Acrobat Reader Dc, Adobe Reader, Iskysoft Pdf Editor 6, Iskysoft Pdfelement6.

Vulnerability Description

Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008.20080 and earlier, 2019.008.20081 and earlier, 2017.011.30106 and earlier version, 2017.011.30105 and earlier version, 2015.006.30457 and earlier, and 2015.006.30456 and earlier have a security bypass vulnerability. Successful exploitation could lead to information disclosure.

CVSS Score

6.5

MEDIUM

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

LOW

Integrity

LOW

Availability

NONE

Affected Products

Vendor	Product	Versions
Adobe	Acrobat Dc	>= 15.006.30060, <= 15.006.30457
Adobe	Acrobat Reader Dc	>= 15.006.30060, <= 15.006.30457
Adobe	Reader	11.0.10
Iskysoft	Pdf Editor 6	6.4.2.3521
Iskysoft	Pdfelement6	6.8.0.3523
Microsoft	Windows	-
Apple	Mac Os X	-
Linux	Linux Kernel	-

Related Weaknesses (CWE)

CWE-347

References

http://www.securityfocus.com/bid/106159Third Party AdvisoryVDB Entry
https://helpx.adobe.com/security/products/acrobat/apsb18-41.htmlPatchVendor Advisory
https://pdf-insecurity.org/signature/evaluation_2018.htmlThird Party Advisory
https://pdf-insecurity.org/signature/signature.htmlThird Party Advisory
https://www.pdfa.org/recently-identified-pdf-digital-signature-vulnerabilities/Third Party Advisory
http://www.securityfocus.com/bid/106159Third Party AdvisoryVDB Entry
https://helpx.adobe.com/security/products/acrobat/apsb18-41.htmlPatchVendor Advisory
https://pdf-insecurity.org/signature/evaluation_2018.htmlThird Party Advisory
https://pdf-insecurity.org/signature/signature.htmlThird Party Advisory
https://www.pdfa.org/recently-identified-pdf-digital-signature-vulnerabilities/Third Party Advisory

FAQ

What is CVE-2018-16042?

CVE-2018-16042 is a vulnerability with a CVSS score of 6.5 (MEDIUM). Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008.20080 and earlier, 2019.008.20081 and earlier, 2017.011.30106 and earlier version, 2017.011.30105 and earlier version, 2015.006.3...

How severe is CVE-2018-16042?

CVE-2018-16042 has been rated MEDIUM with a CVSS base score of 6.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2018-16042?

Check the references section above for vendor advisories and patch information. Affected products include: Adobe Acrobat Dc, Adobe Acrobat Reader Dc, Adobe Reader, Iskysoft Pdf Editor 6, Iskysoft Pdfelement6.