Vulnerabilities > CVE-2016-6980 - Use After Free vulnerability in Adobe Digital Editions

CVSS 10.0 - CRITICAL

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

COMPLETE

Integrity impact

COMPLETE

Availability impact

COMPLETE

network

low complexity

adobe

CWE-416

critical

NVD

Published: 2016-09-26

Updated: 2017-08-13

Summary

Use-after-free vulnerability in Adobe Digital Editions before 4.5.2 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4263.

Vulnerable Configurations

Part	Description	Count
Application	Adobe Adobe Digital Editions - Adobe Digital Editions 2.0.0 Adobe Digital Editions 2.0.1 Adobe Digital Editions 4.0.0 Adobe Digital Editions 4.0.1 Adobe Digital Editions 4.0.2 Adobe Digital Editions 4.0.3 Adobe Digital Editions 4.5.0 Adobe Digital Editions 4.5.1	9

Common Weakness Enumeration (CWE)

CWE-416 - Use After Free

References

http://www.securityfocus.com/bid/93179
http://www.securitytracker.com/id/1036793
https://helpx.adobe.com/security/products/Digital-Editions/apsb16-28.html