Upstream information

CVE-2016-1008 at MITRE

Description

Untrusted search path vulnerability in Adobe Reader and Acrobat before 11.0.15, Acrobat and Acrobat Reader DC Classic before 15.006.30121, and Acrobat and Acrobat Reader DC Continuous before 15.010.20060 on Windows and OS X allows local users to gain privileges via a Trojan horse DLL in an unspecified directory.

SUSE information

CVSS v2 Scores
  National Vulnerability Database
Base Score 7.15
Vector AV:L/AC:L/Au:N/C:C/I:C/A:C
Access Vector Local
Access Complexity Low
Authentication None
Confidentiality Impact Complete
Integrity Impact Complete
Availability Impact Complete
CVSS v3 Scores
  National Vulnerability Database
Base Score 8.4
Vector AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Access Vector Local
Access Complexity Low
Privileges Required None
User Interaction None
Scope Unchanged
Confidentiality Impact High
Integrity Impact High
Availability Impact High

This issue is currently rated as having important severity.

SUSE Bugzilla entries: 1013604 [RESOLVED / FIXED], 1014271 [RESOLVED / FIXED]

No SUSE Security Announcements cross referenced.


List of planned updates

The following information is the current evaluation information for this security issue. It might neither be accurate nor complete, Use at own risk.
Product(s) Source package
  • SUSE Linux Enterprise Server for SAP 11 SP3
kernel-source