CVE-2017-3091

CWE-119Buffer Overflow4 documents4 sources
Severity
7.5HIGH
EPSS
5.3%
top 9.93%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Adobe Digital EditionsAdobe Systems Incorporated Digital Editions
Timeline
PublishedAug 11
Latest updateMay 17

Description

Adobe Digital Editions 4.5.4 and earlier versions 4.5.4 and earlier have an exploitable memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:NExploitability: 3.9 | Impact: 3.6

Affected Packages2 packages

CVEListV5adobe_systems_incorporated/digital_editions4.5.4 and earlier.

Patches

Patch: helpx.adobe.comPatch: helpx.adobe.com

🔴Vulnerability Details

2
GHSA
GHSA-jp78-47wf-579v: Adobe Digital Editions 42022-05-17
CVEList
CVE-2017-3091: Adobe Digital Editions 42017-08-11

💬Community

1
Bugzilla
CVE-2017-11576 fontforge: Does not ensure a positive size in a weight vector memcpy call in readcfftopdict function2017-07-26
CVE-2017-3091 (HIGH CVSS 7.5) | Adobe Digital Editions 4.5.4 and ea | cvebase.io