Critical severity9.1NVD Advisory· Published Apr 12, 2016· Updated May 6, 2026

CVE-2016-1034

Description

The Sync Process in the JavaScript API for Creative Cloud Libraries in Adobe Creative Cloud Desktop Application before 3.6.0.244 allows remote attackers to read or write to arbitrary files via unspecified vectors.

Affected products

Adobe Inc./Creative Cloud
cpe:2.3:a:adobe:creative_cloud:*:*:*:*:*:*:*:*
Range: <=3.5.1.209

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

helpx.adobe.com/security/products/creative-cloud/apsb16-11.htmlnvdVendor Advisory
www.zerodayinitiative.com/advisories/ZDI-16-235nvd

News mentions

No linked articles in our index yet.

cvss	0.591
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000