10
CVSSv2

CVE-2016-6957

Published: 13/10/2016 Updated: 30/07/2017
CVSS v2 Base Score: 10 | Impact Score: 10 | Exploitability Score: 10
CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9
VMScore: 890
Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Summary

Adobe Reader and Acrobat prior to 11.0.18, Acrobat and Acrobat Reader DC Classic prior to 15.006.30243, and Acrobat and Acrobat Reader DC Continuous prior to 15.020.20039 on Windows and OS X allow malicious users to bypass JavaScript API execution restrictions via unspecified vectors.

Vulnerability Trend

Affected Products

Vendor Product Versions
AdobeAcrobat11.0.17
AdobeAcrobat Dc15.006.30201, 15.017.20053
AdobeAcrobat Reader Dc15.006.30201, 15.017.20053
AdobeReader11.0.17

Recent Articles

Adobe releases updates that resolve 84 Security Vulnerabilities
BleepingComputer • Lawrence Abrams • 11 Oct 2016

Today, Adobe released security updates for Adobe Flash Player, Adobe Acrobat and Reader, and Creative Cloud Desktop. When you combine the vulnerabilities patched for the three products, there are 84 exploits fixed, with many of them being labeled as Critical, because they allow code execution.
Code execution is when the vulnerability can be exploited to execute commands on the affected computer.  This allows attackers to create specially crafted code that can be inserted onto web si...