High severity8.4NVD Advisory· Published Mar 9, 2016· Updated May 6, 2026

CVE-2016-1008

Description

Untrusted search path vulnerability in Adobe Reader and Acrobat before 11.0.15, Acrobat and Acrobat Reader DC Classic before 15.006.30121, and Acrobat and Acrobat Reader DC Continuous before 15.010.20060 on Windows and OS X allows local users to gain privileges via a Trojan horse DLL in an unspecified directory.

Affected products

Adobe Inc./Acrobat
cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*
Range: <=11.0.14
Adobe Inc./Acrobat Dc2 versions
cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*+ 1 more
- cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*range: <=15.006.30119
- cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*range: <=15.010.20059
Adobe Inc./Acrobat Reader
cpe:2.3:a:adobe:acrobat_reader:*:*:*:*:*:*:*:*
Range: <=11.0.14
Adobe Inc./Acrobat Reader Dc2 versions
cpe:2.3:a:adobe:acrobat_reader_dc:15.006.30119:*:*:*:classic:*:*:*+ 1 more
- cpe:2.3:a:adobe:acrobat_reader_dc:15.006.30119:*:*:*:classic:*:*:*
- cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*range: <=15.010.20059

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

helpx.adobe.com/security/products/acrobat/apsb16-09.htmlnvdPatchVendor Advisory
www.securityfocus.com/bid/84216nvd
www.securitytracker.com/id/1035199nvd
www.zerodayinitiative.com/advisories/ZDI-16-190nvd

News mentions

No linked articles in our index yet.

cvss	0.546
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000