CVE-2017-11293Improper Restriction of Operations within the Bounds of a Memory Buffer in Adobe Acrobat

CWE-119Improper Restriction of Operations within the Bounds of a Memory Buffer3 documents3 sources
Severity
9.8CRITICALNVD
EPSS
10.8%
top 6.63%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
4
Adobe AcrobatAdobe Acrobat DCAdobe Acrobat Reader+1 more
Timeline
PublishedDec 9
Latest updateMay 14

Description

An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. An exploitable memory corruption vulnerability exists. Successful exploitation could lead to arbitrary code execution.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages4 packages

NVDadobe/acrobat_reader17.017.011.30066+1
NVDadobe/acrobat_reader_dc-17.012.20098+1
NVDadobe/acrobat17.017.011.30066+1
NVDadobe/acrobat_dc-17.012.20098+1

🔴Vulnerability Details

2
GHSA
GHSA-55hf-8j8j-hw2w: An issue was discovered in Adobe Acrobat and Reader: 20172022-05-14
CVEList
CVE-2017-11293: An issue was discovered in Adobe Acrobat and Reader: 20172017-12-09
CVE-2017-11293 — Adobe Acrobat vulnerability | cvebase