Multiple vulnerabilities in Adobe Reader and Acrobat
| Risk | High |
| Patch available | YES |
| Number of vulnerabilities | 32 |
| CVE-ID | CVE-2017-2947 CVE-2017-2967 CVE-2017-2965 CVE-2017-2964 CVE-2017-2963 CVE-2017-2960 CVE-2017-2954 CVE-2017-2953 CVE-2017-2944 CVE-2017-2943 CVE-2017-2941 CVE-2017-2940 CVE-2017-2939 CVE-2017-2952 CVE-2017-2948 CVE-2017-2966 CVE-2017-2959 CVE-2017-2949 CVE-2017-2946 CVE-2017-2945 CVE-2017-2942 CVE-2017-2961 CVE-2017-2958 CVE-2017-2957 CVE-2017-2956 CVE-2017-2955 CVE-2017-2951 CVE-2017-2950 CVE-2017-2962 CVE-2017-2970 CVE-2017-2972 CVE-2017-2971 |
| CWE-ID | CWE-264 CWE-119 CWE-416 CWE-704 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software Subscribe |
Adobe Acrobat Client/Desktop applications / Office applications Adobe Reader Client/Desktop applications / Office applications |
| Vendor | Adobe |
Security Bulletin
This security bulletin contains information about 32 vulnerabilities.
1) Security bypass
EUVDB-ID: #VU4132
Risk: Low
CVSSv3.1: 4.1 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2017-2947
CWE-ID:
CWE-264 - Permissions, Privileges, and Access Controls
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to bypass certain security restrictions.
The vulnerability exists due to unspecified error when processing PDF files. A remote attacker can create a specially crafted PDF file, trick the victim into opening it and bypass certain security restrictions.
Successful exploitation of the vulnerability may lead to sensitive information disclosure.
MitigationInstall the latest version of Adobe Reader and Acrobat:
- Acrobat DC Continuous 15.023.20053
- Acrobat Reader DC Continuous 15.023.20053
- Acrobat DC Classic 15.006.30279
- Acrobat Reader DC Classic 15.006.30279
- Acrobat XI 11.0.19
- Reader XI 11.0.19
Adobe Acrobat: 11.0.0 - 15.020.20042
Adobe Reader: 11.0.0 - 15.020.20042
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb17-01.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Memory corruption
EUVDB-ID: #VU4131
Risk: High
CVSSv3.1: 8.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2017-2967
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to boundary error within XFA's template objects when processing PDF files. A remote attacker can create a specially crafted PDF file, trick the victim into opening it, cause memory corruption and execute arbitrary code on the target system with privileges of the current user.
Successful exploitation of the vulnerability will result in system compromise.
MitigationInstall the latest version of Adobe Reader and Acrobat:
- Acrobat DC Continuous 15.023.20053
- Acrobat Reader DC Continuous 15.023.20053
- Acrobat DC Classic 15.006.30279
- Acrobat Reader DC Classic 15.006.30279
- Acrobat XI 11.0.19
- Reader XI 11.0.19
Adobe Acrobat: 11.0.0 - 15.020.20042
Adobe Reader: 11.0.0 - 15.020.20042
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb17-01.html
http://www.zerodayinitiative.com/advisories/ZDI-17-031/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Memory corruption
EUVDB-ID: #VU4130
Risk: High
CVSSv3.1: 8.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2017-2965
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to boundary error within ImageConversion's TIFF parsing when processing PDF files. A remote attacker can create a specially crafted PDF file, trick the victim into opening it, cause memory corruption and execute arbitrary code on the target system with privileges of the current user.
Successful exploitation of the vulnerability will result in system compromise.
MitigationInstall the latest version of Adobe Reader and Acrobat:
- Acrobat DC Continuous 15.023.20053
- Acrobat Reader DC Continuous 15.023.20053
- Acrobat DC Classic 15.006.30279
- Acrobat Reader DC Classic 15.006.30279
- Acrobat XI 11.0.19
- Reader XI 11.0.19
Adobe Acrobat: 11.0.0 - 15.020.20042
Adobe Reader: 11.0.0 - 15.020.20042
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb17-01.html
http://www.zerodayinitiative.com/advisories/ZDI-17-010/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Memory corruption
EUVDB-ID: #VU4129
Risk: High
CVSSv3.1: 8.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2017-2964
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to boundary error within ImageConversion's JPEG parsing when processing PDF files. A remote attacker can create a specially crafted PDF file, trick the victim into opening it, cause memory corruption and execute arbitrary code on the target system with privileges of the current user.
Successful exploitation of the vulnerability will result in system compromise.
MitigationInstall the latest version of Adobe Reader and Acrobat:
- Acrobat DC Continuous 15.023.20053
- Acrobat Reader DC Continuous 15.023.20053
- Acrobat DC Classic 15.006.30279
- Acrobat Reader DC Classic 15.006.30279
- Acrobat XI 11.0.19
- Reader XI 11.0.19
Adobe Acrobat: 11.0.0 - 15.020.20042
Adobe Reader: 11.0.0 - 15.020.20042
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb17-01.html
http://www.zerodayinitiative.com/advisories/ZDI-17-014/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
5) Memory corruption
EUVDB-ID: #VU4128
Risk: High
CVSSv3.1: 8.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2017-2963
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to boundary error within ImageConversion's TIFF parsing when processing PDF files. A remote attacker can create a specially crafted PDF file, trick the victim into opening it, cause memory corruption and execute arbitrary code on the target system with privileges of the current user.
Successful exploitation of the vulnerability will result in system compromise.
MitigationInstall the latest version of Adobe Reader and Acrobat:
- Acrobat DC Continuous 15.023.20053
- Acrobat Reader DC Continuous 15.023.20053
- Acrobat DC Classic 15.006.30279
- Acrobat Reader DC Classic 15.006.30279
- Acrobat XI 11.0.19
- Reader XI 11.0.19
Adobe Acrobat: 11.0.0 - 15.020.20042
Adobe Reader: 11.0.0 - 15.020.20042
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb17-01.html
http://www.zerodayinitiative.com/advisories/ZDI-17-027/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
6) Memory corruption
EUVDB-ID: #VU4127
Risk: High
CVSSv3.1: 8.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2017-2960
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to boundary error within ImageConversion's JPEG parsing when processing PDF files. A remote attacker can create a specially crafted PDF file, trick the victim into opening it, cause memory corruption and execute arbitrary code on the target system with privileges of the current user.
Successful exploitation of the vulnerability will result in system compromise.
MitigationInstall the latest version of Adobe Reader and Acrobat:
- Acrobat DC Continuous 15.023.20053
- Acrobat Reader DC Continuous 15.023.20053
- Acrobat DC Classic 15.006.30279
- Acrobat Reader DC Classic 15.006.30279
- Acrobat XI 11.0.19
- Reader XI 11.0.19
Adobe Acrobat: 11.0.0 - 15.020.20042
Adobe Reader: 11.0.0 - 15.020.20042
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb17-01.html
http://www.zerodayinitiative.com/advisories/ZDI-17-024/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
7) Memory corruption
EUVDB-ID: #VU4126
Risk: High
CVSSv3.1: 8.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2017-2954
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to boundary error when processing PDF files. A remote attacker can create a specially crafted PDF file, trick the victim into opening it, cause memory corruption and execute arbitrary code on the target system with privileges of the current user.
Successful exploitation of the vulnerability will result in system compromise.
MitigationInstall the latest version of Adobe Reader and Acrobat:
- Acrobat DC Continuous 15.023.20053
- Acrobat Reader DC Continuous 15.023.20053
- Acrobat DC Classic 15.006.30279
- Acrobat Reader DC Classic 15.006.30279
- Acrobat XI 11.0.19
- Reader XI 11.0.19
Adobe Acrobat: 11.0.0 - 15.020.20042
Adobe Reader: 11.0.0 - 15.020.20042
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb17-01.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
8) Memory corruption
EUVDB-ID: #VU4125
Risk: High
CVSSv3.1: 8.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2017-2953
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to boundary error when processing PDF files. A remote attacker can create a specially crafted PDF file, trick the victim into opening it, cause memory corruption and execute arbitrary code on the target system with privileges of the current user.
Successful exploitation of the vulnerability will result in system compromise.
MitigationInstall the latest version of Adobe Reader and Acrobat:
- Acrobat DC Continuous 15.023.20053
- Acrobat Reader DC Continuous 15.023.20053
- Acrobat DC Classic 15.006.30279
- Acrobat Reader DC Classic 15.006.30279
- Acrobat XI 11.0.19
- Reader XI 11.0.19
Adobe Acrobat: 11.0.0 - 15.020.20042
Adobe Reader: 11.0.0 - 15.020.20042
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb17-01.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
9) Memory corruption
EUVDB-ID: #VU4124
Risk: High
CVSSv3.1: 8.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2017-2944
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to boundary error when processing PDF files. A remote attacker can create a specially crafted PDF file, trick the victim into opening it, cause memory corruption and execute arbitrary code on the target system with privileges of the current user.
Successful exploitation of the vulnerability will result in system compromise.
MitigationInstall the latest version of Adobe Reader and Acrobat:
- Acrobat DC Continuous 15.023.20053
- Acrobat Reader DC Continuous 15.023.20053
- Acrobat DC Classic 15.006.30279
- Acrobat Reader DC Classic 15.006.30279
- Acrobat XI 11.0.19
- Reader XI 11.0.19
Adobe Acrobat: 11.0.0 - 15.020.20042
Adobe Reader: 11.0.0 - 15.020.20042
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb17-01.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
10) Memory corruption
EUVDB-ID: #VU4123
Risk: High
CVSSv3.1: 8.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2017-2943
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to boundary error when processing PDF files. A remote attacker can create a specially crafted PDF file, trick the victim into opening it, cause memory corruption and execute arbitrary code on the target system with privileges of the current user.
Successful exploitation of the vulnerability will result in system compromise.
MitigationInstall the latest version of Adobe Reader and Acrobat:
- Acrobat DC Continuous 15.023.20053
- Acrobat Reader DC Continuous 15.023.20053
- Acrobat DC Classic 15.006.30279
- Acrobat Reader DC Classic 15.006.30279
- Acrobat XI 11.0.19
- Reader XI 11.0.19
Adobe Acrobat: 11.0.0 - 15.020.20042
Adobe Reader: 11.0.0 - 15.020.20042
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb17-01.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
11) Memory corruption
EUVDB-ID: #VU4122
Risk: High
CVSSv3.1: 8.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2017-2941
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to boundary error when processing fonts embedded into PDF files. A remote attacker can create a specially crafted PDF file, trick the victim into opening it, cause memory corruption and execute arbitrary code on the target system with privileges of the current user.
Successful exploitation of the vulnerability will result in system compromise.
MitigationInstall the latest version of Adobe Reader and Acrobat:
- Acrobat DC Continuous 15.023.20053
- Acrobat Reader DC Continuous 15.023.20053
- Acrobat DC Classic 15.006.30279
- Acrobat Reader DC Classic 15.006.30279
- Acrobat XI 11.0.19
- Reader XI 11.0.19
Adobe Acrobat: 11.0.0 - 15.020.20042
Adobe Reader: 11.0.0 - 15.020.20042
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb17-01.html
http://www.zerodayinitiative.com/advisories/ZDI-17-002/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
12) Memory corruption
EUVDB-ID: #VU4121
Risk: High
CVSSv3.1: 8.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2017-2940
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to boundary error when processing PDF files. A remote attacker can create a specially crafted PDF file, trick the victim into opening it, cause memory corruption and execute arbitrary code on the target system with privileges of the current user.
Successful exploitation of the vulnerability will result in system compromise.
MitigationInstall the latest version of Adobe Reader and Acrobat:
- Acrobat DC Continuous 15.023.20053
- Acrobat Reader DC Continuous 15.023.20053
- Acrobat DC Classic 15.006.30279
- Acrobat Reader DC Classic 15.006.30279
- Acrobat XI 11.0.19
- Reader XI 11.0.19
Adobe Acrobat: 11.0.0 - 15.020.20042
Adobe Reader: 11.0.0 - 15.020.20042
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb17-01.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
13) Memory corruption
EUVDB-ID: #VU4120
Risk: High
CVSSv3.1: 8.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2017-2939
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to boundary error when processing PDF files. A remote attacker can create a specially crafted PDF file, trick the victim into opening it, cause memory corruption and execute arbitrary code on the target system with privileges of the current user.
Successful exploitation of the vulnerability will result in system compromise.
MitigationInstall the latest version of Adobe Reader and Acrobat:
- Acrobat DC Continuous 15.023.20053
- Acrobat Reader DC Continuous 15.023.20053
- Acrobat DC Classic 15.006.30279
- Acrobat Reader DC Classic 15.006.30279
- Acrobat XI 11.0.19
- Reader XI 11.0.19
Adobe Acrobat: 11.0.0 - 15.020.20042
Adobe Reader: 11.0.0 - 15.020.20042
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb17-01.html
http://www.zerodayinitiative.com/advisories/ZDI-17-111/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
14) Buffer overflow
EUVDB-ID: #VU4119
Risk: High
CVSSv3.1: 8.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2017-2952
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to boundary error when processing PDF files. A remote attacker can create a specially crafted PDF file, trick the victim into opening it, cause buffer overflow and execute arbitrary code on the target system with privileges of the current user.
Successful exploitation of the vulnerability will result in system compromise.
MitigationInstall the latest version of Adobe Reader and Acrobat:
- Acrobat DC Continuous 15.023.20053
- Acrobat Reader DC Continuous 15.023.20053
- Acrobat DC Classic 15.006.30279
- Acrobat Reader DC Classic 15.006.30279
- Acrobat XI 11.0.19
- Reader XI 11.0.19
Adobe Acrobat: 11.0.0 - 15.020.20042
Adobe Reader: 11.0.0 - 15.020.20042
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb17-01.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
15) Buffer overflow
EUVDB-ID: #VU4118
Risk: High
CVSSv3.1: 8.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2017-2948
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to boundary error when processing PDF files. A remote attacker can create a specially crafted PDF file, trick the victim into opening it, cause buffer overflow and execute arbitrary code on the target system with privileges of the current user.
Successful exploitation of the vulnerability will result in system compromise.
MitigationInstall the latest version of Adobe Reader and Acrobat:
- Acrobat DC Continuous 15.023.20053
- Acrobat Reader DC Continuous 15.023.20053
- Acrobat DC Classic 15.006.30279
- Acrobat Reader DC Classic 15.006.30279
- Acrobat XI 11.0.19
- Reader XI 11.0.19
Adobe Acrobat: 11.0.0 - 15.020.20042
Adobe Reader: 11.0.0 - 15.020.20042
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb17-01.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
16) Heap-based buffer overflow
EUVDB-ID: #VU4117
Risk: High
CVSSv3.1: 8.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2017-2966
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to boundary error within ImageConversion's TIFF parsing when processing PDF files. A remote attacker can create a specially crafted PDF file, trick the victim into opening it, cause heap-based buffer overflow and execute arbitrary code on the target system with privileges of the current user.
Successful exploitation of the vulnerability will result in system compromise.
MitigationInstall the latest version of Adobe Reader and Acrobat:
- Acrobat DC Continuous 15.023.20053
- Acrobat Reader DC Continuous 15.023.20053
- Acrobat DC Classic 15.006.30279
- Acrobat Reader DC Classic 15.006.30279
- Acrobat XI 11.0.19
- Reader XI 11.0.19
Adobe Acrobat: 11.0.0 - 15.020.20042
Adobe Reader: 11.0.0 - 15.020.20042
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb17-01.html
http://www.zerodayinitiative.com/advisories/ZDI-17-030/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
17) Heap-based buffer overflow
EUVDB-ID: #VU4116
Risk: High
CVSSv3.1: 8.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2017-2959
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to boundary error within ImageConversion's JPEG parsing when processing PDF files. A remote attacker can create a specially crafted PDF file, trick the victim into opening it, cause heap-based buffer overflow and execute arbitrary code on the target system with privileges of the current user.
Successful exploitation of the vulnerability will result in system compromise.
MitigationInstall the latest version of Adobe Reader and Acrobat:
- Acrobat DC Continuous 15.023.20053
- Acrobat Reader DC Continuous 15.023.20053
- Acrobat DC Classic 15.006.30279
- Acrobat Reader DC Classic 15.006.30279
- Acrobat XI 11.0.19
- Reader XI 11.0.19
Adobe Acrobat: 11.0.0 - 15.020.20042
Adobe Reader: 11.0.0 - 15.020.20042
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb17-01.html
http://www.zerodayinitiative.com/advisories/ZDI-17-023/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
18) Heap-based buffer overflow
EUVDB-ID: #VU4115
Risk: High
CVSSv3.1: 8.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2017-2949
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to boundary error within XSLT element-available method when processing PDF files. A remote attacker can create a specially crafted PDF file, trick the victim into opening it, cause heap-based buffer overflow and execute arbitrary code on the target system with privileges of the current user.
Successful exploitation of the vulnerability will result in system compromise.
MitigationInstall the latest version of Adobe Reader and Acrobat:
- Acrobat DC Continuous 15.023.20053
- Acrobat Reader DC Continuous 15.023.20053
- Acrobat DC Classic 15.006.30279
- Acrobat Reader DC Classic 15.006.30279
- Acrobat XI 11.0.19
- Reader XI 11.0.19
Adobe Acrobat: 11.0.0 - 15.020.20042
Adobe Reader: 11.0.0 - 15.020.20042
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb17-01.html
http://www.zerodayinitiative.com/advisories/ZDI-17-005/
http://www.zerodayinitiative.com/advisories/ZDI-17-006/
http://www.zerodayinitiative.com/advisories/ZDI-17-007/
http://www.zerodayinitiative.com/advisories/ZDI-17-008/
http://www.zerodayinitiative.com/advisories/ZDI-17-009/
http://www.zerodayinitiative.com/advisories/ZDI-17-011/
http://www.zerodayinitiative.com/advisories/ZDI-17-012/
http://www.zerodayinitiative.com/advisories/ZDI-17-013/
http://www.zerodayinitiative.com/advisories/ZDI-17-015/
http://www.zerodayinitiative.com/advisories/ZDI-17-016/
http://www.zerodayinitiative.com/advisories/ZDI-17-017/
http://www.zerodayinitiative.com/advisories/ZDI-17-018/
http://www.zerodayinitiative.com/advisories/ZDI-17-019/
http://www.zerodayinitiative.com/advisories/ZDI-17-020/
http://www.zerodayinitiative.com/advisories/ZDI-17-028/
http://www.zerodayinitiative.com/advisories/ZDI-17-029/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
19) Heap-based buffer overflow
EUVDB-ID: #VU4114
Risk: High
CVSSv3.1: 8.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2017-2946
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to boundary error when processing JPEG2000 images within PDF files. A remote attacker can create a specially crafted PDF file, trick the victim into opening it, cause heap-based buffer overflow and execute arbitrary code on the target system with privileges of the current user.
Successful exploitation of the vulnerability will result in system compromise.
MitigationInstall the latest version of Adobe Reader and Acrobat:
- Acrobat DC Continuous 15.023.20053
- Acrobat Reader DC Continuous 15.023.20053
- Acrobat DC Classic 15.006.30279
- Acrobat Reader DC Classic 15.006.30279
- Acrobat XI 11.0.19
- Reader XI 11.0.19
Adobe Acrobat: 11.0.0 - 15.020.20042
Adobe Reader: 11.0.0 - 15.020.20042
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb17-01.html
http://www.zerodayinitiative.com/advisories/ZDI-17-003/
http://www.zerodayinitiative.com/advisories/ZDI-17-004/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
20) Heap-based buffer overflow
EUVDB-ID: #VU4113
Risk: High
CVSSv3.1: 8.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2017-2945
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to boundary error when processing PDF files. A remote attacker can create a specially crafted PDF file, trick the victim into opening it, cause heap-based buffer overflow and execute arbitrary code on the target system with privileges of the current user.
Successful exploitation of the vulnerability will result in system compromise.
MitigationInstall the latest version of Adobe Reader and Acrobat:
- Acrobat DC Continuous 15.023.20053
- Acrobat Reader DC Continuous 15.023.20053
- Acrobat DC Classic 15.006.30279
- Acrobat Reader DC Classic 15.006.30279
- Acrobat XI 11.0.19
- Reader XI 11.0.19
Adobe Acrobat: 11.0.0 - 15.020.20042
Adobe Reader: 11.0.0 - 15.020.20042
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb17-01.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
21) Heap-based buffer overflow
EUVDB-ID: #VU4112
Risk: High
CVSSv3.1: 8.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2017-2942
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to boundary error when processing PDF files. A remote attacker can create a specially crafted PDF file, trick the victim into opening it, cause heap-based buffer overflow and execute arbitrary code on the target system with privileges of the current user.
Successful exploitation of the vulnerability will result in system compromise.
MitigationInstall the latest version of Adobe Reader and Acrobat:
- Acrobat DC Continuous 15.023.20053
- Acrobat Reader DC Continuous 15.023.20053
- Acrobat DC Classic 15.006.30279
- Acrobat Reader DC Classic 15.006.30279
- Acrobat XI 11.0.19
- Reader XI 11.0.19
Adobe Acrobat: 11.0.0 - 15.020.20042
Adobe Reader: 11.0.0 - 15.020.20042
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb17-01.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
22) Use-after-free
EUVDB-ID: #VU4111
Risk: High
CVSSv3.1: 8.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2017-2961
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to use-after-free error within XFA field font size parsing when processing PDF files. A remote attacker can create a specially crafted PDF file, trick the victim into opening it, cause memory corruption and execute arbitrary code on the target system with privileges of the current user.
Successful exploitation of the vulnerability will result in system compromise.
MitigationInstall the latest version of Adobe Reader and Acrobat:
- Acrobat DC Continuous 15.023.20053
- Acrobat Reader DC Continuous 15.023.20053
- Acrobat DC Classic 15.006.30279
- Acrobat Reader DC Classic 15.006.30279
- Acrobat XI 11.0.19
- Reader XI 11.0.19
Adobe Acrobat: 11.0.0 - 15.020.20042
Adobe Reader: 11.0.0 - 15.020.20042
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb17-01.html
http://www.zerodayinitiative.com/advisories/ZDI-17-025/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
23) Use-after-free
EUVDB-ID: #VU4110
Risk: High
CVSSv3.1: 8.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2017-2958
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to use-after-free error when processing PDF files. A remote attacker can create a specially crafted PDF file, trick the victim into opening it, cause memory corruption and execute arbitrary code on the target system with privileges of the current user.
Successful exploitation of the vulnerability will result in system compromise.
MitigationInstall the latest version of Adobe Reader and Acrobat:
- Acrobat DC Continuous 15.023.20053
- Acrobat Reader DC Continuous 15.023.20053
- Acrobat DC Classic 15.006.30279
- Acrobat Reader DC Classic 15.006.30279
- Acrobat XI 11.0.19
- Reader XI 11.0.19
Adobe Acrobat: 11.0.0 - 15.020.20042
Adobe Reader: 11.0.0 - 15.020.20042
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb17-01.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
24) Use-after-free
EUVDB-ID: #VU4109
Risk: High
CVSSv3.1: 8.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2017-2957
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to use-after-free error when processing PDF files. A remote attacker can create a specially crafted PDF file, trick the victim into opening it, cause memory corruption and execute arbitrary code on the target system with privileges of the current user.
Successful exploitation of the vulnerability will result in system compromise.
MitigationInstall the latest version of Adobe Reader and Acrobat:
- Acrobat DC Continuous 15.023.20053
- Acrobat Reader DC Continuous 15.023.20053
- Acrobat DC Classic 15.006.30279
- Acrobat Reader DC Classic 15.006.30279
- Acrobat XI 11.0.19
- Reader XI 11.0.19
Adobe Acrobat: 11.0.0 - 15.020.20042
Adobe Reader: 11.0.0 - 15.020.20042
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb17-01.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
25) Use-after-free
EUVDB-ID: #VU4108
Risk: High
CVSSv3.1: 8.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2017-2956
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to use-after-free error when processing PDF files. A remote attacker can create a specially crafted PDF file, trick the victim into opening it, cause memory corruption and execute arbitrary code on the target system with privileges of the current user.
Successful exploitation of the vulnerability will result in system compromise.
MitigationInstall the latest version of Adobe Reader and Acrobat:
- Acrobat DC Continuous 15.023.20053
- Acrobat Reader DC Continuous 15.023.20053
- Acrobat DC Classic 15.006.30279
- Acrobat Reader DC Classic 15.006.30279
- Acrobat XI 11.0.19
- Reader XI 11.0.19
Adobe Acrobat: 11.0.0 - 15.020.20042
Adobe Reader: 11.0.0 - 15.020.20042
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb17-01.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
26) Use-after-free
EUVDB-ID: #VU4107
Risk: High
CVSSv3.1: 8.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2017-2955
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to use-after-free error when processing PDF files. A remote attacker can create a specially crafted PDF file, trick the victim into opening it, cause memory corruption and execute arbitrary code on the target system with privileges of the current user.
Successful exploitation of the vulnerability will result in system compromise.
MitigationInstall the latest version of Adobe Reader and Acrobat:
- Acrobat DC Continuous 15.023.20053
- Acrobat Reader DC Continuous 15.023.20053
- Acrobat DC Classic 15.006.30279
- Acrobat Reader DC Classic 15.006.30279
- Acrobat XI 11.0.19
- Reader XI 11.0.19
Adobe Acrobat: 11.0.0 - 15.020.20042
Adobe Reader: 11.0.0 - 15.020.20042
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb17-01.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
27) Use-after-free
EUVDB-ID: #VU4106
Risk: High
CVSSv3.1: 8.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2017-2951
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to use-after-free error XFA's hyphenation objects when processing PDF files. A remote attacker can create a specially crafted PDF file, trick the victim into opening it, cause memory corruption and execute arbitrary code on the target system with privileges of the current user.
Successful exploitation of the vulnerability will result in system compromise.
MitigationInstall the latest version of Adobe Reader and Acrobat:
- Acrobat DC Continuous 15.023.20053
- Acrobat Reader DC Continuous 15.023.20053
- Acrobat DC Classic 15.006.30279
- Acrobat Reader DC Classic 15.006.30279
- Acrobat XI 11.0.19
- Reader XI 11.0.19
Adobe Acrobat: 11.0.0 - 15.020.20042
Adobe Reader: 11.0.0 - 15.020.20042
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb17-01.html
http://www.zerodayinitiative.com/advisories/ZDI-17-022/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
28) Use-after-free
EUVDB-ID: #VU4105
Risk: High
CVSSv3.1: 8.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2017-2950
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to use-after-free error XFA subform layout when processing PDF files. A remote attacker can create a specially crafted PDF file, trick the victim into opening it, cause memory corruption and execute arbitrary code on the target system with privileges of the current user.
Successful exploitation of the vulnerability will result in system compromise.
MitigationInstall the latest version of Adobe Reader and Acrobat:
- Acrobat DC Continuous 15.023.20053
- Acrobat Reader DC Continuous 15.023.20053
- Acrobat DC Classic 15.006.30279
- Acrobat Reader DC Classic 15.006.30279
- Acrobat XI 11.0.19
- Reader XI 11.0.19
Adobe Acrobat: 11.0.0 - 15.020.20042
Adobe Reader: 11.0.0 - 15.020.20042
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb17-01.html
http://www.zerodayinitiative.com/advisories/ZDI-17-021/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
29) Type confusion vulnerability
EUVDB-ID: #VU4104
Risk: High
CVSSv3.1: 8.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2017-2962
CWE-ID:
CWE-704 - Type conversion
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to type confusion error in within XSLT's lang method when processing PDF files. A remote attacker can create a specially crafted PDF file, trick the victim into opening it and execute arbitrary code on the target system with privileges of the current user.
Successful exploitation of the vulnerability will result in system compromise.
MitigationInstall the latest version of Adobe Reader and Acrobat:
- Acrobat DC Continuous 15.023.20053
- Acrobat Reader DC Continuous 15.023.20053
- Acrobat DC Classic 15.006.30279
- Acrobat Reader DC Classic 15.006.30279
- Acrobat XI 11.0.19
- Reader XI 11.0.19
Adobe Acrobat: 11.0.0 - 15.020.20042
Adobe Reader: 11.0.0 - 15.020.20042
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb17-01.html
http://www.zerodayinitiative.com/advisories/ZDI-17-026/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
30) Heap-based buffer overflow
EUVDB-ID: #VU5363
Risk: High
CVSSv3.1: 8.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2017-2970
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to boundary error within XSLT apply-templates when processing PDF files. A remote attacker can create a specially crafted PDF file, trick the victim into opening it, cause heap-based buffer overflow and execute arbitrary code on the target system with privileges of the current user.
Successful exploitation of the vulnerability will result in system compromise.
MitigationInstall the latest version of Adobe Reader and Acrobat:
- Acrobat DC Continuous 15.023.20053
- Acrobat Reader DC Continuous 15.023.20053
- Acrobat DC Classic 15.006.30279
- Acrobat Reader DC Classic 15.006.30279
- Acrobat XI 11.0.19
- Reader XI 11.0.19
Adobe Acrobat: 11.0.0 - 15.020.20042
Adobe Reader: 11.0.0 - 15.020.20042
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb17-01.html
http://www.zerodayinitiative.com/advisories/ZDI-17-045/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
31) Memory corruption
EUVDB-ID: #VU5364
Risk: High
CVSSv3.1: 8.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2017-2972
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to boundary error within JPEG image conversion module when processing PDF files. A remote attacker can create a specially crafted PDF file, trick the victim into opening it, cause memory corruption and execute arbitrary code on the target system with privileges of the current user.
Successful exploitation of the vulnerability will result in system compromise.
MitigationInstall the latest version of Adobe Reader and Acrobat:
- Acrobat DC Continuous 15.023.20053
- Acrobat Reader DC Continuous 15.023.20053
- Acrobat DC Classic 15.006.30279
- Acrobat Reader DC Classic 15.006.30279
- Acrobat XI 11.0.19
- Reader XI 11.0.19
Adobe Acrobat: 11.0.0 - 15.020.20042
Adobe Reader: 11.0.0 - 15.020.20042
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb17-01.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
32) Heap-based buffer overflow
EUVDB-ID: #VU5365
Risk: High
CVSSv3.1: 8.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2017-2971
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to boundary error within JPEG decoder routine when processing PDF files. A remote attacker can create a specially crafted PDF file, trick the victim into opening it, cause heap-based buffer overflow and execute arbitrary code on the target system with privileges of the current user.
Successful exploitation of the vulnerability will result in system compromise.
MitigationInstall the latest version of Adobe Reader and Acrobat:
- Acrobat DC Continuous 15.023.20053
- Acrobat Reader DC Continuous 15.023.20053
- Acrobat DC Classic 15.006.30279
- Acrobat Reader DC Classic 15.006.30279
- Acrobat XI 11.0.19
- Reader XI 11.0.19
Adobe Acrobat: 11.0.0 - 15.020.20042
Adobe Reader: 11.0.0 - 15.020.20042
External linkshttp://helpx.adobe.com/security/products/acrobat/apsb17-01.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
