CVE-2017-16391
published 2017-12-09CVE-2017-16391: An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier…
high8.8CVSS 3.0
AVNACLPRNUIRSUCHIHAH
An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. The vulnerability is a result of untrusted input that is used to calculate an array index; the calculation occurs in the printing functionality. The vulnerability leads to an operation that can write to a memory location that is outside of the memory addresses allocated for the data structure. The specific scenario leads to a write access to a memory location that does not belong to the relevant process address space.
Affected
8 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| adobe | acrobat | <= 11.0.22 | — |
| adobe | acrobat | 17.0 – 17.011.30066 | — |
| adobe | acrobat_dc | - – 17.012.20098 | — |
| adobe | acrobat_dc | 15.0 – 15.006.30355 | — |
| adobe | acrobat_reader | <= 11.0.22 | — |
| adobe | acrobat_reader | 17.0 – 17.011.30066 | — |
| adobe | acrobat_reader_dc | - – 17.012.20098 | — |
| adobe | acrobat_reader_dc | 15.0 – 15.006.30355 | — |
CVSS provenance
nvdv3.08.8HIGHCVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
vulncheck8.8HIGH
GHSA
GHSA-p9jj-jrc5-wm74: An issue was discovered in Adobe Acrobat and Reader: 2017
ghsa_unreviewed·2022-05-17
CVE-2017-16391 [HIGH] CWE-129 GHSA-p9jj-jrc5-wm74: An issue was discovered in Adobe Acrobat and Reader: 2017
An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. The vulnerability is a result of untrusted input that is used to calculate an array index; the calculation occurs in the printing functionality. The vulnerability leads to an operation that can write to a memory location that is outside of the memory addresses allocated for the data structure. The specific scenario leads to a write access to a memory location that does not belong to the relevant process address space.
VulnCheck
Adobe Acrobat and Reader Improper Validation of Array Index
vulncheck·2017·CVSS 8.8
CVE-2017-16391 [HIGH] Adobe Acrobat and Reader Improper Validation of Array Index
Adobe Acrobat and Reader Improper Validation of Array Index
An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. The vulnerability is a result of untrusted input that is used to calculate an array index; the calculation occurs in the printing functionality. The vulnerability leads to an operation that can write to a memory location that is outside of the memory addresses allocated for the data structure. The specific scenario leads to a write access to a memory location that does not belong to the relevant process address space.
Affected: Adobe Acrobat and Reader
Required Action: Apply remediations or mitigations per vendor instructions or disc
No detection rules found.
No public exploits indexed.
2017-12-09
Published