CVE-2016-4216

CVE Database · CVE-2016-4216

CVE-2016-4216

· N/AModified

CVSS v3.1

N/A

EPSS

3.63%

Published

Jul 12, 2016

Modified

May 6, 2026

Public PoC / Exploit (1)

All weaponized →

TrickestTrickest PoC index

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

XMPCore in Adobe XMP Toolkit for Java before 5.1.3 allows remote attackers to read arbitrary files via XML data containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.

Affected Products (1)

adobe · xmp_toolkitvulnerable

References (4)

http://www.securityfocus.com/bid/91717

https://helpx.adobe.com/security/products/xmpcore/apsb16-24.html

PatchVendor Advisory

http://www.securityfocus.com/bid/91717

https://helpx.adobe.com/security/products/xmpcore/apsb16-24.html

PatchVendor Advisory

KEV Catalog EPSS Scores Vendors All CVEs