CVE-2017-16393
published 2017-12-09CVE-2017-16393: An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier…
high8.8CVSS 3.0
AVNACLPRNUIRSUCHIHAH
An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. This vulnerability is an instance of a use after free vulnerability in the JavaScript engine. The mismatch between an old and a new object can provide an attacker with unintended memory access -- potentially leading to code corruption, control-flow hijack, or an information leak attack. Successful exploitation could lead to arbitrary code execution.
Affected
8 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| adobe | acrobat | <= 11.0.22 | — |
| adobe | acrobat | 17.0 – 17.011.30066 | — |
| adobe | acrobat_dc | - – 17.012.20098 | — |
| adobe | acrobat_dc | 15.0 – 15.006.30355 | — |
| adobe | acrobat_reader | <= 11.0.22 | — |
| adobe | acrobat_reader | 17.0 – 17.011.30066 | — |
| adobe | acrobat_reader_dc | - – 17.012.20098 | — |
| adobe | acrobat_reader_dc | 15.0 – 15.006.30355 | — |
Suricata
ET WEB_CLIENT Adobe Acrobat PDF Reader use after free JavaScript engine (CVE-2017-16393)
suricata·2017-11-14·CVSS 8.8
CVE-2017-16393 [HIGH] ET WEB_CLIENT Adobe Acrobat PDF Reader use after free JavaScript engine (CVE-2017-16393)
ET WEB_CLIENT Adobe Acrobat PDF Reader use after free JavaScript engine (CVE-2017-16393)
Rule: alert http $EXTERNAL_NET any -> $HOME_NET any (msg:"ET WEB_CLIENT Adobe Acrobat PDF Reader use after free JavaScript engine (CVE-2017-16393)"; flow:established,to_client; flowbits:isset,ET.pdf.in.http; file.data; content:"this.addAnnot"; nocase; content:"this.addField"; nocase; content:".popupRect"; nocase; content:".setAction("; nocase; content:"OnFocus"; nocase; content:"setFocus"; nocase; pcre:"/\s+?(?P[^\s\x3d]+?)\s*?=\s*?this\.addAnnot.+?(?P=var1)\s*\x2epopupRect\s*?=\s*?0x4000/si"; pcre:"/\s+?(?P[^\s\x3d]+?)\s*?=\s*?this\.addField.+?(?P=var2)\s*\x2e\s*setAction\s*?\x28\s*?[\x22\x27]\s*?OnFocus[^\x29]+popupOpen\s*?=\s*?true/si"; reference:cve,2017-16393; classtype:attempted-user; sid:202509
No public exploits indexed.
Unit42
Palo Alto Networks Unit 42 Vulnerability Research November 2017 Disclosures - Adobe
blogs_unit42·2017-12-06·CVSS 8.8
CVE-2017-16388 [HIGH] Palo Alto Networks Unit 42 Vulnerability Research November 2017 Disclosures - Adobe
As part of Unit 42’s ongoing threat research, we can now disclose that Palo Alto Networks Unit 42 researchers have discovered seven vulnerabilities addressed by the Adobe Product Security Incident Response Team (PSIRT) as part of their November 2017 security update release.
CVE
Vulnerability Name
Affected Products
Maximum Severity Rating
Impact
Researcher(s)
CVE-2017-16388
Use after free
Adobe Acrobat
Critical
Remote Code Execution
Gal De Leon
CVE-2017-16389
Use after free
Adobe Acrobat
Critical
Remote Code Execution
Gal De Leon
CVE-2017-16390
Use after free
Adobe Acrobat
Critical
Remote Code Execution
Gal De Leon
CVE-2017-16393
Use after free
Adobe Acrobat
Critical
Remote Code Execution
Gal De Leon
CVE-2017-16398
Use after free
Adobe Acrobat
Critical
Remote Code Execution
Gal De Leo
Unit42
Palo Alto Networks Unit 42 Vulnerability Research November 2017 Disclosures - Adobe
blogs_unit42·2017-12-06·CVSS 8.8
[HIGH] Palo Alto Networks Unit 42 Vulnerability Research November 2017 Disclosures - Adobe
## Palo Alto Networks Unit 42 Vulnerability Research November 2017 Disclosures - Adobe
Unit 42
Published: December 6, 2017
Threat Research
Vulnerabilities
Acrobat
Adobe
As part of Unit 42’s ongoing threat research, we can now disclose that Palo Alto Networks Unit 42 researchers have discovered seven vulnerabilities addressed by the Adobe Product Security Incident Response Team (PSIRT) as part of their November 2017 security update release.
CVE
Vulnerability Name
Affected Products
Maximum Severity Rating
Impact
Researcher(s)
CVE-2017-16388
Use after free
Adobe Acrobat
Critical
Remote Code Execution
Gal De Leon
CVE-2017-16389
Use after free
Adobe Acrobat
Critical
Remote Code Execution
Gal De Leon
CVE-2017-16390
Use after free
Adobe Acrobat
Critical
Remote Code
Zscaler
Zscaler protects against 40 new vulnerabilities for Adobe Fl
blogs_zscaler
Zscaler protects against 40 new vulnerabilities for Adobe Fl
Provide users with seamless, secure, reliable access to applications and data.
Build and run secure cloud apps, enable zero trust cloud connectivity, and protect workloads from data center to cloud.
Provide zero trust connectivity for IoT and OT devices and secure remote access to OT systems.
Provide zero trust site-to-site connectivity and reliable access to B2B apps for partners.
Industry Report
Zscaler: A Leader in the 2025 Gartner® Magic Quadrant™ for Security Service Edge (SSE)
USE CASES
INDUSTRY & MARKET SOLUTIONS
PARTNERS
TECHNOLOGY PARTNERS
Resource Center
Events & Trainings
Security Research & Services
Tools
Community & Support
CXO REVOLUTIONARIES
Amplifying the voices of real-world digital and zero trust pioneers
Discover how it began and where it’s going
Meet o
2017-12-09
Published