Adobe Acrobat Reader vulnerabilities
1,107 known vulnerabilities affecting adobe/acrobat_reader.
Total CVEs
1,107
CISA KEV
21
actively exploited
Public exploits
43
Exploited in wild
25
Severity breakdown
CRITICAL352HIGH412MEDIUM316LOW27
Vulnerabilities
Page 30 of 56
CVE-2017-11255MEDIUMCVSS 6.5≥ 17.011.00000, ≤ 17.011.300662017-08-11
CVE-2017-11255 [MEDIUM] CWE-119 CVE-2017-11255: Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earl
Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conversion engine when processing TIFF color map data. Successful exploitation could lead to arbitrary code execution.
nvd
CVE-2017-11236MEDIUMCVSS 6.5≥ 17.011.00000, ≤ 17.011.300662017-08-11
CVE-2017-11236 [MEDIUM] CWE-119 CVE-2017-11236: Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earl
Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the internal handling of UTF-16 literal strings. Successful exploitation could lead to arbitrary code execution.
nvd
CVE-2017-11217MEDIUMCVSS 6.5≥ 17.011.00000, ≤ 17.011.300662017-08-11
CVE-2017-11217 [MEDIUM] CWE-119 CVE-2017-11217: Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earl
Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conversion engine when processing Enhanced Metafile Format (EMF) data related to drawing of Unicode text strings. Successful exploitation could lead to arbitr
nvd
CVE-2017-11258MEDIUMCVSS 6.5≥ 17.011.00000, ≤ 17.011.300662017-08-11
CVE-2017-11258 [MEDIUM] CWE-119 CVE-2017-11258: Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earl
Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conversion engine when processing Enhanced Metafile Format (EMF) private data and the embedded GIF image. Successful exploitation could lead to arbitrary code
nvd
CVE-2017-11244MEDIUMCVSS 6.5≥ 17.011.00000, ≤ 17.011.300662017-08-11
CVE-2017-11244 [MEDIUM] CWE-119 CVE-2017-11244: Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earl
Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conversion engine when processing Enhanced Metafile Format (EMF) data related to transformation of blocks of pixels. Successful exploitation could lead to arb
nvd
CVE-2017-11249MEDIUMCVSS 6.5≥ 17.011.00000, ≤ 17.011.300662017-08-11
CVE-2017-11249 [MEDIUM] CWE-119 CVE-2017-11249: Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earl
Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conversion engine when parsing an invalid Enhanced Metafile Format (EMF) record. Successful exploitation could lead to arbitrary code execution.
nvd
CVE-2017-11232MEDIUMCVSS 6.5≥ 17.011.00000, ≤ 17.011.300662017-08-11
CVE-2017-11232 [MEDIUM] CWE-200 CVE-2017-11232: Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earl
Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable use after free vulnerability when processing Enhanced Metafile Format (EMF) data related to brush manipulation. Successful exploitation could lead to arbitrary code execution.
nvd
CVE-2017-11239MEDIUMCVSS 6.5≥ 17.011.00000, ≤ 17.011.300662017-08-11
CVE-2017-11239 [MEDIUM] CWE-119 CVE-2017-11239: Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earl
Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conversion engine when processing Enhanced Metafile Format (EMF) data related to text strings. Successful exploitation could lead to arbitrary code execution.
nvd
CVE-2017-11265MEDIUMCVSS 6.5≥ 17.011.00000, ≤ 17.011.300662017-08-11
CVE-2017-11265 [MEDIUM] CWE-119 CVE-2017-11265: Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earl
Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the Adobe Graphics Manager module. Successful exploitation could lead to arbitrary code execution.
nvd
CVE-2017-11238MEDIUMCVSS 6.5≥ 17.011.00000, ≤ 17.011.300662017-08-11
CVE-2017-11238 [MEDIUM] CWE-119 CVE-2017-11238: Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earl
Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conversion engine when processing Enhanced Metafile Format (EMF) data related to curve drawing. Successful exploitation could lead to arbitrary code execution
nvd
CVE-2017-11210MEDIUMCVSS 6.5≥ 17.011.00000, ≤ 17.011.300662017-08-11
CVE-2017-11210 [MEDIUM] CWE-119 CVE-2017-11210: Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earl
Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the font parsing, where the font is embedded in the XML Paper Specification (XPS) file. Successful exploitation could lead to arbitrary code execution.
nvd
CVE-2016-1111HIGHCVSS 8.8≤ 9.02016-04-30
CVE-2016-1111 [HIGH] CVE-2016-1111: Double free vulnerability in Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC
Double free vulnerability in Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC Classic before 15.006.30119, and Acrobat and Acrobat Reader DC Continuous before 15.010.20056 on Windows and OS X allows attackers to execute arbitrary code via a crafted Graphics State dictionary.
nvd
CVE-2016-1007CRITICALCVSS 9.8≤ 11.0.142016-03-09
CVE-2016-1007 [CRITICAL] CWE-119 CVE-2016-1007: Adobe Reader and Acrobat before 11.0.15, Acrobat and Acrobat Reader DC Classic before 15.006.30121,
Adobe Reader and Acrobat before 11.0.15, Acrobat and Acrobat Reader DC Classic before 15.006.30121, and Acrobat and Acrobat Reader DC Continuous before 15.010.20060 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1009.
nvd
CVE-2016-1009CRITICALCVSS 9.8≤ 11.0.142016-03-09
CVE-2016-1009 [CRITICAL] CVE-2016-1009: Adobe Reader and Acrobat before 11.0.15, Acrobat and Acrobat Reader DC Classic before 15.006.30121,
Adobe Reader and Acrobat before 11.0.15, Acrobat and Acrobat Reader DC Classic before 15.006.30121, and Acrobat and Acrobat Reader DC Continuous before 15.010.20060 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1007.
nvd
CVE-2016-1008HIGHCVSS 8.4≤ 11.0.142016-03-09
CVE-2016-1008 [HIGH] CWE-20 CVE-2016-1008: Untrusted search path vulnerability in Adobe Reader and Acrobat before 11.0.15, Acrobat and Acrobat
Untrusted search path vulnerability in Adobe Reader and Acrobat before 11.0.15, Acrobat and Acrobat Reader DC Classic before 15.006.30121, and Acrobat and Acrobat Reader DC Continuous before 15.010.20060 on Windows and OS X allows local users to gain privileges via a Trojan horse DLL in an unspecified directory.
nvd
CVE-2016-0945CRITICALCVSS 9.8≤ 11.0.13v11.0.0+12 more2016-01-14
CVE-2016-0945 [CRITICAL] CVE-2016-0945: Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC Classic before 15.006.30119,
Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC Classic before 15.006.30119, and Acrobat and Acrobat Reader DC Continuous before 15.010.20056 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0931, CVE-2016-0933
nvd
CVE-2016-0933CRITICALCVSS 9.8≤ 11.0.13v11.0.0+12 more2016-01-14
CVE-2016-0933 [CRITICAL] CVE-2016-0933: Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC Classic before 15.006.30119,
Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC Classic before 15.006.30119, and Acrobat and Acrobat Reader DC Continuous before 15.010.20056 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0931, CVE-2016-0936
nvd
CVE-2016-0946CRITICALCVSS 9.8≤ 11.0.13v11.0.0+12 more2016-01-14
CVE-2016-0946 [CRITICAL] CVE-2016-0946: Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC Classic before 15.006.30119,
Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC Classic before 15.006.30119, and Acrobat and Acrobat Reader DC Continuous before 15.010.20056 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0931, CVE-2016-0933
nvd
CVE-2016-0944CRITICALCVSS 9.8≤ 11.0.13v11.0.0+12 more2016-01-14
CVE-2016-0944 [CRITICAL] CVE-2016-0944: Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC Classic before 15.006.30119,
Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC Classic before 15.006.30119, and Acrobat and Acrobat Reader DC Continuous before 15.010.20056 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0931, CVE-2016-0933
nvd
CVE-2016-0940CRITICALCVSS 9.8≤ 11.0.13v11.0.0+12 more2016-01-14
CVE-2016-0940 [CRITICAL] CVE-2016-0940: Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader
Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC Classic before 15.006.30119, and Acrobat and Acrobat Reader DC Continuous before 15.010.20056 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0932, CVE-2016-0934, CVE-2016-0937,
nvd