Vulnerabilities > CVE-2016-6980 - Use After Free vulnerability in Adobe Digital Editions

CVSS 9.8 - CRITICAL

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

network

low complexity

adobe

CWE-416

critical

NVD

Published: 2016-09-26

Updated: 2017-08-13

Summary

Use-after-free vulnerability in Adobe Digital Editions before 4.5.2 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4263.

Vulnerable Configurations

Part	Description	Count
Application	Adobe Adobe Digital Editions - Adobe Digital Editions 2.0.0 Adobe Digital Editions 2.0.1 Adobe Digital Editions 4.0.0 Adobe Digital Editions 4.0.1 Adobe Digital Editions 4.0.2 Adobe Digital Editions 4.0.3 Adobe Digital Editions 4.5.0 Adobe Digital Editions 4.5.1	9

Common Weakness Enumeration (CWE)

CWE-416 - Use After Free

References

https://helpx.adobe.com/security/products/Digital-Editions/apsb16-28.html
http://www.securityfocus.com/bid/93179
http://www.securitytracker.com/id/1036793