CVE-2018-16042

Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008.20080 and earlier, 2019.008.20081 and earlier, 2017.011.30106 and earlier version, 2017.011.30105 and earlier version, 2015.006.30457 and earlier, and 2015.006.30456 and earlier have a security bypass vulnerability. Successful exploitation could lead to information disclosure.

Published: Jan 18, 2019
Updated: Nov 9, 2025
CVE: CVE-2018-16042
Severity: Medium
Exploit:

CVSS v3:

Severity: Medium
Score: 6.5
AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

CVSS v2:

Severity: Medium
Score: 6.4
AV:N/AC:L/Au:N/C:P/I:P/A:N

CWEs:

CWE-347

Affected Software
References

Software	From	Fixed in
adobe / acrobat_dc	15.006.30060	15.006.30457.x
adobe / acrobat_dc	15.008.20082	19.008.20081.x
adobe / acrobat_dc	17.011.30056	17.011.30106.x
adobe / acrobat_reader_dc	15.006.30060	15.006.30457.x
adobe / acrobat_reader_dc	15.008.20082	19.008.20081.x
adobe / acrobat_reader_dc	17.011.30059	17.011.30106.x
adobe / reader	11.0.10	11.0.10.x
adobe / reader	11.0.23	11.0.23.x
iskysoft / pdf_editor_6	6.4.2.3521	6.4.2.3521.x
iskysoft / pdfelement6	6.8.0.3523	6.8.0.3523.x
iskysoft / pdfelement6	6.8.4.3921	6.8.4.3921.x
adobe / acrobat_dc	15.006.30060	15.006.30456.x
adobe / acrobat_dc	15.008.20082	19.008.20080.x
adobe / acrobat_dc	17.011.30056	17.011.30105.x
adobe / acrobat_reader_dc	15.006.30060	15.006.30456.x
adobe / acrobat_reader_dc	15.008.20082	19.008.20080.x
adobe / acrobat_reader_dc	17.011.30059	17.011.30105.x
iskysoft / pdf_editor_6	6.6.2.3315	6.6.2.3315.x
iskysoft / pdf_editor_6	6.7.6.3399	6.7.6.3399.x
iskysoft / pdfelement6	6.7.1.3355	6.7.1.3355.x
iskysoft / pdfelement6	6.7.6.3399	6.7.6.3399.x

Vulnerability Database

300,214

CVE-2018-16042

Deep Security Visibility Without the Complexity