CVE-2017-3095

CWE-119Buffer Overflow3 documents3 sources
Severity
9.8CRITICAL
EPSS
2.8%
top 13.94%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Adobe Digital Editions
Timeline
PublishedJun 20
Latest updateMay 17

Description

Adobe Digital Editions versions 4.5.4 and earlier have an exploitable memory corruption vulnerability in the PDF parsing engine. Successful exploitation could lead to arbitrary code execution.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages2 packages

CVEListV5adobe_digital_editions_4.5.4_and_earlier.Adobe Digital Editions 4.5.4 and earlier.

🔴Vulnerability Details

2
GHSA
GHSA-cxw6-rf59-r25r: Adobe Digital Editions versions 42022-05-17
CVEList
CVE-2017-3095: Adobe Digital Editions versions 42017-06-20
CVE-2017-3095 (CRITICAL CVSS 9.8) | Adobe Digital Editions versions 4.5 | cvebase.io