CVE-2016-0940

Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC Classic before 15.006.30119, and Acrobat and Acrobat Reader DC Continuous before 15.010.20056 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0932, CVE-2016-0934, CVE-2016-0937, and CVE-2016-0941.

Published: Jan 14, 2016
Updated: Apr 13, 2023
CVE: CVE-2016-0940
Severity: Critical
Exploit:

CVSS v3:

Severity: Critical
Score: 9.8
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CVSS v2:

Severity: High
Score: 10
AV:N/AC:L/Au:N/C:C/I:C/A:C

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
adobe / acrobat	-	11.0.13.x
adobe / acrobat	11.0.0	11.0.0.x
adobe / acrobat	11.0.1	11.0.1.x
adobe / acrobat	11.0.2	11.0.2.x
adobe / acrobat	11.0.3	11.0.3.x
adobe / acrobat	11.0.4	11.0.4.x
adobe / acrobat	11.0.5	11.0.5.x
adobe / acrobat	11.0.6	11.0.6.x
adobe / acrobat	11.0.7	11.0.7.x
adobe / acrobat	11.0.8	11.0.8.x
adobe / acrobat	11.0.9	11.0.9.x
adobe / acrobat	11.0.10	11.0.10.x
adobe / acrobat	11.0.11	11.0.11.x
adobe / acrobat	11.0.12	11.0.12.x
adobe / acrobat_dc	-	15.006.30097.x
adobe / acrobat_dc	-	15.009.20077.x
adobe / acrobat_reader_dc	-	15.006.30097.x
adobe / acrobat_reader_dc	-	15.009.20077.x
adobe / acrobat_reader	-	11.0.13.x
adobe / acrobat_reader	11.0.0	11.0.0.x
adobe / acrobat_reader	11.0.1	11.0.1.x
adobe / acrobat_reader	11.0.2	11.0.2.x
adobe / acrobat_reader	11.0.3	11.0.3.x
adobe / acrobat_reader	11.0.4	11.0.4.x
adobe / acrobat_reader	11.0.5	11.0.5.x
adobe / acrobat_reader	11.0.6	11.0.6.x
adobe / acrobat_reader	11.0.7	11.0.7.x
adobe / acrobat_reader	11.0.8	11.0.8.x
adobe / acrobat_reader	11.0.9	11.0.9.x
adobe / acrobat_reader	11.0.10	11.0.10.x
adobe / acrobat_reader	11.0.11	11.0.11.x
adobe / acrobat_reader	11.0.12	11.0.12.x

Vulnerability Database

289,697

CVE-2016-0940