CVE-2017-11229 — Adobe Acrobat vulnerability

3 documents3 sources

Severity

8.8HIGHNVD

EPSS

5.8%

top 9.44%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Adobe Acrobat Adobe Acrobat DC Adobe Acrobat Reader +3 more

Timeline

PublishedAug 11

Latest updateMay 13

Description

Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has a security bypass vulnerability when manipulating Forms Data Format (FDF).

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 2.8 | Impact: 5.9

Affected Packages6 packages

▶NVDadobe/acrobat_reader17.011.00000 — 17.011.30066

▶NVDadobe/acrobat_reader_dc15.006.30060 — 15.006.30306+1

▶CVEListV5adobe_systems_incorporated/acrobat_reader4 versions+3

▶NVDadobe/reader11.0.0 — 11.0.20

▶NVDadobe/acrobat11.0.0 — 11.0.20+1

Patches

Patch: helpx.adobe.com ↗Patch: helpx.adobe.com ↗

🔴Vulnerability Details

GHSA

GHSA-2f54-q22v-4g5r: Adobe Acrobat Reader 2017↗2022-05-13

▶

CVEList

CVE-2017-11229: Adobe Acrobat Reader 2017↗2017-08-11

▶