Adobe Acrobat Reader vulnerabilities

CVE-2017-16362 [HIGH] CWE-125 CVE-2017-16362: An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.3 An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. This vulnerability is an instance of an out of bounds read vulnerability in the MakeAccesible plugin, when handling font data. It causes an out of bounds m

CVE-2017-16380 [HIGH] CVE-2017-16380: An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.3 An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. This vulnerability is an instance of a security bypass vulnerability for a certain file-type extension. Acrobat maintains both a blacklist and whitelist (the user

CVE-2017-16364 [HIGH] CWE-119 CVE-2017-16364: An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.3 An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. This issue is due to an untrusted pointer dereference when handling number format dictionary entries. In this scenario, the input is crafted in way that th

CVE-2017-16388 [HIGH] CWE-416 CVE-2017-16388: An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.3 An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. This vulnerability is an instance of a use after free vulnerability in the JavaScript API engine. The mismatch between an old and a new object can provide

CVE-2017-16401 [HIGH] CWE-125 CVE-2017-16401: An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.3 An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. This vulnerability occurs as a result of a computation that reads data that is past the end of the target buffer; the computation is part of an image conve

CVE-2017-16411 [HIGH] CWE-119 CVE-2017-16411: An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.3 An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. This vulnerability occurs as a result of a computation that reads data that is past the end of the target buffer; the computation is part of the WebCapture

CVE-2017-16373 [HIGH] CWE-119 CVE-2017-16373: An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.3 An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. This issue is due to an untrusted pointer dereference. In this scenario, the input is crafted in way that the computation results in pointers to memory loc

CVE-2017-16420 [HIGH] CWE-125 CVE-2017-16420: An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.3 An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. This vulnerability occurs as a result of a computation that reads data that is past the end of the target buffer; the computation is in the part of the Jav

CVE-2017-16391 [HIGH] CWE-129 CVE-2017-16391: An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.3 An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. The vulnerability is a result of untrusted input that is used to calculate an array index; the calculation occurs in the printing functionality. The vulner

CVE-2017-16394 [HIGH] CWE-125 CVE-2017-16394: An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.3 An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. This vulnerability occurs as a result of a computation that reads data that is past the end of the target buffer; the computation is a part of the WebCaptu

CVE-2017-16418 [HIGH] CWE-125 CVE-2017-16418: An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.3 An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. This vulnerability occurs as a result of a computation that reads data that is past the end of the target buffer; the computation is a part of the image co

CVE-2017-16412 [HIGH] CWE-125 CVE-2017-16412: An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.3 An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. This vulnerability occurs because of a computation that reads data that is past the end of the target buffer; the computation is part of the XPS conversion

CVE-2017-16363 [HIGH] CWE-125 CVE-2017-16363: An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.3 An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. The vulnerability is caused by a buffer over-read in the module that handles character codes for certain textual representations. Invalid input leads to a

CVE-2017-16392 [HIGH] CWE-119 CVE-2017-16392: An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.3 An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. The vulnerability is caused by a buffer access with an incorrect length value in the JPEG processing module. Crafted input with an unexpected JPEG file seg

CVE-2017-16419 [MEDIUM] CWE-674 CVE-2017-16419: An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.3 An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. The issue is a stack exhaustion problem within the JavaScript API, where the computation does not correctly control the amount of recursion that can happ

CVE-2017-16361 [MEDIUM] CVE-2017-16361: An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.3 An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. This vulnerability is an instance of a security bypass vulnerability when handling XFDF files.

CVE-2017-16369 [MEDIUM] CWE-200 CVE-2017-16369: An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.3 An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. This vulnerability is an instance of a Same Origin Policy security bypass vulnerability, affecting files on the local system, etc.

CVE-2017-11260 [HIGH] CWE-119 CVE-2017-11260: Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earl Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conversion engine when processing Enhanced Metafile Format (EMF) private data interpreted as a GIF image. Successful exploitation could lead to arbitrary code e

CVE-2017-11224 [HIGH] CWE-416 CVE-2017-11224: Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earl Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable use after free vulnerability in the XFA layout engine. Successful exploitation could lead to arbitrary code execution.

CVE-2017-11228 [HIGH] CWE-119 CVE-2017-11228: Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earl Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conversion engine when processing JPEG 2000 (JP2) code stream data. Successful exploitation could lead to arbitrary code execution.