Published: 16/09/2016 Updated: 13/08/2017
CVSS v2 Base Score: 10 | Impact Score: 10 | Exploitability Score: 10
CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9
VMScore: 890
Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Summary

Adobe Digital Editions prior to 4.5.2 allows malicious users to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4256, CVE-2016-4257, CVE-2016-4258, CVE-2016-4259, CVE-2016-4260, and CVE-2016-4261.

Affected Products

Vendor Product Versions
AdobeDigital Editions4.5.1

Recent Articles

Adobe releases updates that resolve 35 Security Vulnerabilities
BleepingComputer • Lawrence Abrams • 14 Sep 2016

Yesterday, Adobe released updates for Adobe Flash, Adobe Digital Editions, and Adobe AIR SDK & Compiler.  When you combine the vulnerabilities patched for the three products, there are 35 exploits fixed, with many of them allowing code execution.
Code execution is when the vulnerability can be exploited to execute commands on the affected computer.  This allows attackers to create specially crafted code that can be inserted onto web sites, which cause a vulnerable visitor to downl...