CVE-2017-3089Improper Restriction of Operations within the Bounds of a Memory Buffer in Adobe Digital Editions

CWE-119Improper Restriction of Operations within the Bounds of a Memory Buffer4 documents4 sources
Severity
9.8CRITICALNVD
EPSS
2.6%
top 14.34%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Adobe Digital Editions
Timeline
PublishedJun 20
Latest updateMay 17

Description

Adobe Digital Editions versions 4.5.4 and earlier have an exploitable memory corruption vulnerability in the PDF imaging model. Successful exploitation could lead to arbitrary code execution.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages1 packages

🔴Vulnerability Details

2
GHSA
GHSA-5749-xwq9-5f2j: Adobe Digital Editions versions 42022-05-17
CVEList
CVE-2017-3089: Adobe Digital Editions versions 42017-06-20

💬Community

1
Bugzilla
CVE-2017-11568 fontforge: Heap-buffer over-read in PSCharStringToSplines function2017-07-26
CVE-2017-3089 — Adobe Digital Editions vulnerability | cvebase