CVE-2017-16400
published 2017-12-09CVE-2017-16400: An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier…
high8.8CVSS 3.0
AVNACLPRNUIRSUCHIHAH
An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. This vulnerability occurs as a result of a computation that reads data that is past the end of the target buffer; the computation is part of the JPEG 2000 parser. The use of an invalid (out-of-range) pointer offset during access of internal data structure fields causes the vulnerability. A successful attack can lead to sensitive data exposure.
Affected
8 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| adobe | acrobat | <= 11.0.22 | — |
| adobe | acrobat | 17.0 – 17.011.30066 | — |
| adobe | acrobat_dc | - – 17.012.20098 | — |
| adobe | acrobat_dc | 15.0 – 15.006.30355 | — |
| adobe | acrobat_reader | <= 11.0.22 | — |
| adobe | acrobat_reader | 17.0 – 17.011.30066 | — |
| adobe | acrobat_reader_dc | - – 17.012.20098 | — |
| adobe | acrobat_reader_dc | 15.0 – 15.006.30355 | — |
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2017-12-09
Published