Multiple vulnerabilities in Adobe Reader and Acrobat



| Updated: 2017-08-14
Risk High
Patch available YES
Number of vulnerabilities 67
CVE-ID CVE-2017-3016
CVE-2017-3038
CVE-2017-3113
CVE-2017-3115
CVE-2017-3116
CVE-2017-3117
CVE-2017-3118
CVE-2017-3119
CVE-2017-3120
CVE-2017-3121
CVE-2017-3122
CVE-2017-3123
CVE-2017-3124
CVE-2017-11209
CVE-2017-11210
CVE-2017-11211
CVE-2017-11212
CVE-2017-11214
CVE-2017-11216
CVE-2017-11217
CVE-2017-11218
CVE-2017-11219
CVE-2017-11220
CVE-2017-11221
CVE-2017-11222
CVE-2017-11223
CVE-2017-11224
CVE-2017-11226
CVE-2017-11227
CVE-2017-11228
CVE-2017-11229
CVE-2017-11230
CVE-2017-11231
CVE-2017-11232
CVE-2017-11233
CVE-2017-11234
CVE-2017-11235
CVE-2017-11236
CVE-2017-11237
CVE-2017-11238
CVE-2017-11239
CVE-2017-11241
CVE-2017-11242
CVE-2017-11243
CVE-2017-11244
CVE-2017-11245
CVE-2017-11246
CVE-2017-11248
CVE-2017-11249
CVE-2017-11251
CVE-2017-11252
CVE-2017-11254
CVE-2017-11255
CVE-2017-11256
CVE-2017-11257
CVE-2017-11258
CVE-2017-11259
CVE-2017-11260
CVE-2017-11261
CVE-2017-11262
CVE-2017-11263
CVE-2017-11265
CVE-2017-11267
CVE-2017-11268
CVE-2017-11269
CVE-2017-11270
CVE-2017-11271
CWE-ID CWE-119
CWE-416
CWE-20
CWE-122
CWE-843
CWE-264
Exploitation vector Network
Public exploit N/A
Vulnerable software
Adobe Reader
Client/Desktop applications / Office applications

Adobe Acrobat
Client/Desktop applications / Office applications


Other

Vendor Adobe

Security Bulletin

This security bulletin contains information about 67 vulnerabilities.

1) Memory corruption

EUVDB-ID: #VU7711

Risk: High

CVSSv4.0: 5.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2017-3016

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to boundary error when handling malicious content. A remote attacker can send a specially crafted .pdf file, trick the victim into opening it, trigger memory corruption and execute arbitrary code with system privileges.

Successful exploitation of the vulnerability may result in system compromise.

Mitigation

Update Acrobat DC and Acrobat Reader DC to version 2015.006.30352 or 2017.012.20093.
Update Acrobat 2017 and Acrobat Reader 2017 to version 2017.011.30059.
Update Acrobat XI and Reader XI to version 11.21.

Vulnerable software versions

Adobe Reader: 11.0.0 - 17.009.20058

Adobe Acrobat: 11.0.0 - 17.009.20058

CPE2.3 External links

https://helpx.adobe.com/security/products/acrobat/apsb17-24.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Memory corruption

EUVDB-ID: #VU6227

Risk: High

CVSSv4.0: 5.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2017-3038

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to boundary error when handling malicious content. A remote unauthenticated attacker can create a specially crafted PDF file, trick the victim into opening it, trigger memory corruption and execute arbitrary code on the target system with privileges of the current user.

Successful exploitation of this vulnerability may result in remote code execution.

The vulnerability was patched in https://helpx.adobe.com/security/products/acrobat/apsb17-24.html

Mitigation

Update Adobe Reader DC and Acrobat DC to version 2015.006.30352 or 2017.011.30059.
Update Adobe Reader and Acrobat to version 11.0.21.

Vulnerable software versions

Adobe Reader: 11.0.19 - 17.009.20044

Adobe Acrobat: 11.0.19 - 17.009.20044

CPE2.3 External links

https://helpx.adobe.com/security/products/acrobat/apsb17-11.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

3) Use-after-free error

EUVDB-ID: #VU7762

Risk: High

CVSSv4.0: 5.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2017-3113

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to use-after-free error when handling malicious content. A remote attacker can send a specially crafted .pdf file, trick the victim into opening it, trigger memory corruption and execute arbitrary code with system privileges.

Successful exploitation of the vulnerability may result in system compromise.

Mitigation

Update Acrobat DC and Acrobat Reader DC to version 2015.006.30352 or 2017.012.20093.
Update Acrobat 2017 and Acrobat Reader 2017 to version 2017.011.30059.
Update Acrobat XI and Reader XI to version 11.21.

Vulnerable software versions

Adobe Reader: 11.0.0 - 17.009.20058

Adobe Acrobat: 11.0.0 - 17.009.20058

CPE2.3 External links

https://helpx.adobe.com/security/products/acrobat/apsb17-24.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

4) Information disclosure

EUVDB-ID: #VU7826

Risk: Low

CVSSv4.0: 1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2017-3115

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a remote attacker to obtain potentially sensitive information.

The weakness exists due to insufficient validation of user-supplied input. A remote attacker can send a specially crafted .pdf file, trick the victim into opening it and read arbitrary files on the system.

Successful exploitation of the vulnerability results in information disclosure.

Mitigation

Update Acrobat DC and Acrobat Reader DC to version 2015.006.30352 or 2017.012.20093.
Update Acrobat 2017 and Acrobat Reader 2017 to version 2017.011.30059.
Update Acrobat XI and Reader XI to version 11.21.

Vulnerable software versions

Adobe Reader: 11.0.0 - 17.009.20058

Adobe Acrobat: 11.0.0 - 17.009.20058

CPE2.3 External links

https://helpx.adobe.com/security/products/acrobat/apsb17-24.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

5) Memory corruption

EUVDB-ID: #VU7763

Risk: High

CVSSv4.0: 5.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2017-3116

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to boundary error when handling malicious content. A remote attacker can send a specially crafted .pdf file, trick the victim into opening it, trigger memory corruption and execute arbitrary code with system privileges.

Successful exploitation of the vulnerability may result in system compromise.

Mitigation

Update Acrobat DC and Acrobat Reader DC to version 2015.006.30352 or 2017.012.20093.
Update Acrobat 2017 and Acrobat Reader 2017 to version 2017.011.30059.
Update Acrobat XI and Reader XI to version 11.21.

Vulnerable software versions

Adobe Reader: 11.0.0 - 17.009.20058

Adobe Acrobat: 11.0.0 - 17.009.20058

CPE2.3 External links

https://helpx.adobe.com/security/products/acrobat/apsb17-24.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

6) Heap-based buffer overflow

EUVDB-ID: #VU7764

Risk: High

CVSSv4.0: 5.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2017-3117

CWE-ID: CWE-122 - Heap-based Buffer Overflow

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to heap-based buffer overflow when handling malicious content. A remote attacker can send a specially crafted .pdf file, trick the victim into opening it, trigger memory corruption and execute arbitrary code with system privileges.

Successful exploitation of the vulnerability may result in system compromise.

Mitigation

Update Acrobat DC and Acrobat Reader DC to version 2015.006.30352 or 2017.012.20093.
Update Acrobat 2017 and Acrobat Reader 2017 to version 2017.011.30059.
Update Acrobat XI and Reader XI to version 11.21.

Vulnerable software versions

Adobe Reader: 11.0.0 - 17.009.20058

Adobe Acrobat: 11.0.0 - 17.009.20058

CPE2.3 External links

https://helpx.adobe.com/security/products/acrobat/apsb17-24.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

7) Security restrictions bypass

EUVDB-ID: #VU7825

Risk: Low

CVSSv4.0: 1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2017-3118

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a remote attacker to bypass security restrictions.

The weakness exists due to improper access controls. A remote attacker can send a specially crafted file, trick the victim into opening it, execute malicious attachments and gain access to arbitrary data.

Successful exploitation of the vulnerability results in information disclosure.

Mitigation

Update Acrobat DC and Acrobat Reader DC to version 2015.006.30352 or 2017.012.20093.
Update Acrobat 2017 and Acrobat Reader 2017 to version 2017.011.30059.
Update Acrobat XI and Reader XI to version 11.21.

Vulnerable software versions

Adobe Reader: 11.0.0 - 17.009.20058

Adobe Acrobat: 11.0.0 - 17.009.20058

CPE2.3 External links

https://helpx.adobe.com/security/products/acrobat/apsb17-24.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

8) Memory corruption

EUVDB-ID: #VU7765

Risk: High

CVSSv4.0: 5.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2017-3119

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to boundary error when handling malicious content. A remote attacker can send a specially crafted .pdf file, trick the victim into opening it, trigger memory corruption and execute arbitrary code with system privileges.

Successful exploitation of the vulnerability may result in system compromise.

Mitigation

Update Acrobat DC and Acrobat Reader DC to version 2015.006.30352 or 2017.012.20093.
Update Acrobat 2017 and Acrobat Reader 2017 to version 2017.011.30059.
Update Acrobat XI and Reader XI to version 11.21.

Vulnerable software versions

Adobe Reader: 11.0.0 - 17.009.20058

Adobe Acrobat: 11.0.0 - 17.009.20058

CPE2.3 External links

https://helpx.adobe.com/security/products/acrobat/apsb17-24.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

9) Use-after-free error

EUVDB-ID: #VU7766

Risk: High

CVSSv4.0: 5.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2017-3120

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to use-after-free error in the XFA parsing engine when handling certain types of internal instructions. A remote attacker can send a specially crafted content, trick the victim into opening it, trigger memory corruption and execute arbitrary code with system privileges.

Successful exploitation of the vulnerability may result in system compromise.

Mitigation

Update Acrobat DC and Acrobat Reader DC to version 2015.006.30352 or 2017.012.20093.
Update Acrobat 2017 and Acrobat Reader 2017 to version 2017.011.30059.
Update Acrobat XI and Reader XI to version 11.21.

Vulnerable software versions

Adobe Reader: 11.0.0 - 17.009.20058

Adobe Acrobat: 11.0.0 - 17.009.20058

CPE2.3 External links

https://helpx.adobe.com/security/products/acrobat/apsb17-24.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

10) Heap-based buffer overflow

EUVDB-ID: #VU7767

Risk: High

CVSSv4.0: 5.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2017-3121

CWE-ID: CWE-122 - Heap-based Buffer Overflow

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to heap-based buffer overflow when handling malicious content. A remote attacker can send a specially crafted .pdf file, trick the victim into opening it, trigger memory corruption and execute arbitrary code with system privileges.

Successful exploitation of the vulnerability may result in system compromise.

Mitigation

Update Acrobat DC and Acrobat Reader DC to version 2015.006.30352 or 2017.012.20093.
Update Acrobat 2017 and Acrobat Reader 2017 to version 2017.011.30059.
Update Acrobat XI and Reader XI to version 11.21.

Vulnerable software versions

Adobe Reader: 11.0.0 - 17.009.20058

Adobe Acrobat: 11.0.0 - 17.009.20058

CPE2.3 External links

https://helpx.adobe.com/security/products/acrobat/apsb17-24.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

11) Memory corruption

EUVDB-ID: #VU7824

Risk: Low

CVSSv4.0: 1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2017-3122

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a remote attacker to obtain potentially sensitive information.

The weakness exists due to boundary error in the image conversion engine when processing Enhanced Metafile Format (EMF) data related to Bezier curves. A remote attacker can send a specially crafted file, trick the victim into opening it, trigger memory corruption and read arbitrary files on the system.

Successful exploitation of the vulnerability results in information disclosure.

Mitigation

Update Acrobat DC and Acrobat Reader DC to version 2015.006.30352 or 2017.012.20093.
Update Acrobat 2017 and Acrobat Reader 2017 to version 2017.011.30059.
Update Acrobat XI and Reader XI to version 11.21.

Vulnerable software versions

Adobe Reader: 11.0.0 - 17.009.20058

Adobe Acrobat: 11.0.0 - 17.009.20058

CPE2.3 External links

https://helpx.adobe.com/security/products/acrobat/apsb17-24.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

12) Memory corruption

EUVDB-ID: #VU7768

Risk: High

CVSSv4.0: 5.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2017-3123

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to boundary error in the image conversion engine when processing Enhanced Metafile Format (EMF) data drawing position definitio. A remote attacker can send a specially crafted file, trick the victim into opening it, trigger memory corruption and execute arbitrary code with system privileges.

Successful exploitation of the vulnerability may result in system compromise.

Mitigation

Update Acrobat DC and Acrobat Reader DC to version 2015.006.30352 or 2017.012.20093.
Update Acrobat 2017 and Acrobat Reader 2017 to version 2017.011.30059.
Update Acrobat XI and Reader XI to version 11.21.

Vulnerable software versions

Adobe Reader: 11.0.0 - 17.009.20058

Adobe Acrobat: 11.0.0 - 17.009.20058

CPE2.3 External links

https://helpx.adobe.com/security/products/acrobat/apsb17-24.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

13) Memory corruption

EUVDB-ID: #VU7769

Risk: High

CVSSv4.0: 5.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2017-3124

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to boundary error in the picture exchange (PCX) file format parsing module. A remote attacker can send a specially crafted file, trick the victim into opening it, trigger memory corruption and execute arbitrary code with system privileges.

Successful exploitation of the vulnerability may result in system compromise.

Mitigation

Update Acrobat DC and Acrobat Reader DC to version 2015.006.30352 or 2017.012.20093.
Update Acrobat 2017 and Acrobat Reader 2017 to version 2017.011.30059.
Update Acrobat XI and Reader XI to version 11.21.

Vulnerable software versions

Adobe Reader: 11.0.0 - 17.009.20058

Adobe Acrobat: 11.0.0 - 17.009.20058

CPE2.3 External links

https://helpx.adobe.com/security/products/acrobat/apsb17-24.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

14) Memory corruption

EUVDB-ID: #VU7823

Risk: Low

CVSSv4.0: 1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2017-11209

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a remote attacker to obtain potentially sensitive information.

The weakness exists due to boundary error when reading a JPEG file embedded within XML Paper Specification (XPS) file. A remote attacker can send a specially crafted file, trick the victim into opening it, trigger memory corruption and read arbitrary files on the system.

Successful exploitation of the vulnerability results in information disclosure.

Mitigation

Update Acrobat DC and Acrobat Reader DC to version 2015.006.30352 or 2017.012.20093.
Update Acrobat 2017 and Acrobat Reader 2017 to version 2017.011.30059.
Update Acrobat XI and Reader XI to version 11.21.

Vulnerable software versions

Adobe Reader: 11.0.0 - 17.009.20058

Adobe Acrobat: 11.0.0 - 17.009.20058

CPE2.3 External links

https://helpx.adobe.com/security/products/acrobat/apsb17-24.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

15) Memory corruption

EUVDB-ID: #VU7822

Risk: Low

CVSSv4.0: 1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2017-11210

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a remote attacker to obtain potentially sensitive information.

The weakness exists due to boundary error in the font parsing, where the font is embedded in the XML Paper Specification (XPS) file. A remote attacker can send a specially crafted file, trick the victim into opening it, trigger memory corruption and read arbitrary files on the system.

Successful exploitation of the vulnerability results in information disclosure.

Mitigation

Update Acrobat DC and Acrobat Reader DC to version 2015.006.30352 or 2017.012.20093.
Update Acrobat 2017 and Acrobat Reader 2017 to version 2017.011.30059.
Update Acrobat XI and Reader XI to version 11.21.

Vulnerable software versions

Adobe Reader: 11.0.0 - 17.009.20058

Adobe Acrobat: 11.0.0 - 17.009.20058

CPE2.3 External links

https://helpx.adobe.com/security/products/acrobat/apsb17-24.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

16) Heap-based buffer overflow

EUVDB-ID: #VU7770

Risk: High

CVSSv4.0: 5.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2017-11211

CWE-ID: CWE-122 - Heap-based Buffer Overflow

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to heap-based buffer overflow in the JPEG parser. A remote attacker can send a specially crafted file, trick the victim into opening it, trigger memory corruption and execute arbitrary code with system privileges.

Successful exploitation of the vulnerability may result in system compromise.

Mitigation

Update Acrobat DC and Acrobat Reader DC to version 2015.006.30352 or 2017.012.20093.
Update Acrobat 2017 and Acrobat Reader 2017 to version 2017.011.30059.
Update Acrobat XI and Reader XI to version 11.21.

Vulnerable software versions

Adobe Reader: 11.0.0 - 17.009.20058

Adobe Acrobat: 11.0.0 - 17.009.20058

CPE2.3 External links

https://helpx.adobe.com/security/products/acrobat/apsb17-24.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

17) Memory corruption

EUVDB-ID: #VU7771

Risk: High

CVSSv4.0: 5.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2017-11212

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to boundary error in the image conversion engine when processing Enhanced Metafile Format (EMF) data related to text output. A remote attacker can send a specially crafted file, trick the victim into opening it, trigger memory corruption and execute arbitrary code with system privileges.

Successful exploitation of the vulnerability may result in system compromise.

Mitigation

Update Acrobat DC and Acrobat Reader DC to version 2015.006.30352 or 2017.012.20093.
Update Acrobat 2017 and Acrobat Reader 2017 to version 2017.011.30059.
Update Acrobat XI and Reader XI to version 11.21.

Vulnerable software versions

Adobe Reader: 11.0.0 - 17.009.20058

Adobe Acrobat: 11.0.0 - 17.009.20058

CPE2.3 External links

https://helpx.adobe.com/security/products/acrobat/apsb17-24.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

18) Memory corruption

EUVDB-ID: #VU7772

Risk: High

CVSSv4.0: 5.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2017-11214

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to boundary error in the image conversion engine when processing Enhanced Metafile Format (EMF) data related to rendering a path. A remote attacker can send a specially crafted file, trick the victim into opening it, trigger memory corruption and execute arbitrary code with system privileges.

Successful exploitation of the vulnerability may result in system compromise.

Mitigation

Update Acrobat DC and Acrobat Reader DC to version 2015.006.30352 or 2017.012.20093.
Update Acrobat 2017 and Acrobat Reader 2017 to version 2017.011.30059.
Update Acrobat XI and Reader XI to version 11.21.

Vulnerable software versions

Adobe Reader: 11.0.0 - 17.009.20058

Adobe Acrobat: 11.0.0 - 17.009.20058

CPE2.3 External links

https://helpx.adobe.com/security/products/acrobat/apsb17-24.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

19) Memory corruption

EUVDB-ID: #VU7773

Risk: High

CVSSv4.0: 5.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2017-11216

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to boundary error in the image conversion engine when processing Enhanced Metafile Format (EMF) data related to bitmap transformations. A remote attacker can send a specially crafted file, trick the victim into opening it, trigger memory corruption and execute arbitrary code with system privileges.

Successful exploitation of the vulnerability may result in system compromise.

Mitigation

Update Acrobat DC and Acrobat Reader DC to version 2015.006.30352 or 2017.012.20093.
Update Acrobat 2017 and Acrobat Reader 2017 to version 2017.011.30059.
Update Acrobat XI and Reader XI to version 11.21.

Vulnerable software versions

Adobe Reader: 11.0.0 - 17.009.20058

Adobe Acrobat: 11.0.0 - 17.009.20058

CPE2.3 External links

https://helpx.adobe.com/security/products/acrobat/apsb17-24.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

20) Memory corruption

EUVDB-ID: #VU7821

Risk: Low

CVSSv4.0: 1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2017-11217

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a remote attacker to obtain potentially sensitive information.

The weakness exists due to boundary error when processing Enhanced Metafile Format (EMF) data related to drawing of Unicode text strings. A remote attacker can send a specially crafted file, trick the victim into opening it, trigger memory corruption and read arbitrary files on the system.

Successful exploitation of the vulnerability results in information disclosure.

Mitigation

Update Acrobat DC and Acrobat Reader DC to version 2015.006.30352 or 2017.012.20093.
Update Acrobat 2017 and Acrobat Reader 2017 to version 2017.011.30059.
Update Acrobat XI and Reader XI to version 11.21.

Vulnerable software versions

Adobe Reader: 11.0.0 - 17.009.20058

Adobe Acrobat: 11.0.0 - 17.009.20058

CPE2.3 External links

https://helpx.adobe.com/security/products/acrobat/apsb17-24.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

21) Use-after-free error

EUVDB-ID: #VU7774

Risk: High

CVSSv4.0: 5.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2017-11218

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to use-after-free error in XFA event management. A remote attacker can send a specially crafted file, trick the victim into opening it, trigger memory corruption and execute arbitrary code with system privileges.

Successful exploitation of the vulnerability may result in system compromise.

Mitigation

Update Acrobat DC and Acrobat Reader DC to version 2015.006.30352 or 2017.012.20093.
Update Acrobat 2017 and Acrobat Reader 2017 to version 2017.011.30059.
Update Acrobat XI and Reader XI to version 11.21.

Vulnerable software versions

Adobe Reader: 11.0.0 - 17.009.20058

Adobe Acrobat: 11.0.0 - 17.009.20058

CPE2.3 External links

https://helpx.adobe.com/security/products/acrobat/apsb17-24.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

22) Use-after-free error

EUVDB-ID: #VU7775

Risk: High

CVSSv4.0: 5.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2017-11219

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to use-after-free error in the XFA rendering engine. A remote attacker can send a specially crafted file, trick the victim into opening it, trigger memory corruption and execute arbitrary code with system privileges.

Successful exploitation of the vulnerability may result in system compromise.

Mitigation

Update Acrobat DC and Acrobat Reader DC to version 2015.006.30352 or 2017.012.20093.
Update Acrobat 2017 and Acrobat Reader 2017 to version 2017.011.30059.
Update Acrobat XI and Reader XI to version 11.21.

Vulnerable software versions

Adobe Reader: 11.0.0 - 17.009.20058

Adobe Acrobat: 11.0.0 - 17.009.20058

CPE2.3 External links

https://helpx.adobe.com/security/products/acrobat/apsb17-24.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

23) Heap-based buffer overflow

EUVDB-ID: #VU7776

Risk: High

CVSSv4.0: 5.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2017-11220

CWE-ID: CWE-122 - Heap-based Buffer Overflow

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to heap-based buffer overflow in an internal data structure. A remote attacker can send a specially crafted .pdf file, trick the victim into opening it, trigger memory corruption and execute arbitrary code with system privileges.

Successful exploitation of the vulnerability may result in system compromise.

Mitigation

Update Acrobat DC and Acrobat Reader DC to version 2015.006.30352 or 2017.012.20093.
Update Acrobat 2017 and Acrobat Reader 2017 to version 2017.011.30059.
Update Acrobat XI and Reader XI to version 11.21.

Vulnerable software versions

Adobe Reader: 11.0.0 - 17.009.20058

Adobe Acrobat: 11.0.0 - 17.009.20058

CPE2.3 External links

https://helpx.adobe.com/security/products/acrobat/apsb17-24.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

24) Type confusion error

EUVDB-ID: #VU7777

Risk: High

CVSSv4.0: 5.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2017-11221

CWE-ID: CWE-843 - Type confusion

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to type confusion error in the annotation functionality. A remote attacker can send a specially crafted file, trick the victim into opening it and execute arbitrary code with system privileges.

Successful exploitation of the vulnerability may result in system compromise.

Mitigation

Update Acrobat DC and Acrobat Reader DC to version 2015.006.30352 or 2017.012.20093.
Update Acrobat 2017 and Acrobat Reader 2017 to version 2017.011.30059.
Update Acrobat XI and Reader XI to version 11.21.

Vulnerable software versions

Adobe Reader: 11.0.0 - 17.009.20058

Adobe Acrobat: 11.0.0 - 17.009.20058

CPE2.3 External links

https://helpx.adobe.com/security/products/acrobat/apsb17-24.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

25) Memory corruption

EUVDB-ID: #VU7778

Risk: High

CVSSv4.0: 5.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2017-11222

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to boundary error in the Product Representation Compact (PRC) engine. A remote attacker can send a specially crafted file, trick the victim into opening it, trigger memory corruption and execute arbitrary code with system privileges.

Successful exploitation of the vulnerability may result in system compromise.

Mitigation

Update Acrobat DC and Acrobat Reader DC to version 2015.006.30352 or 2017.012.20093.
Update Acrobat 2017 and Acrobat Reader 2017 to version 2017.011.30059.
Update Acrobat XI and Reader XI to version 11.21.

Vulnerable software versions

Adobe Reader: 11.0.0 - 17.009.20058

Adobe Acrobat: 11.0.0 - 17.009.20058

CPE2.3 External links

https://helpx.adobe.com/security/products/acrobat/apsb17-24.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

26) Use-after-free error

EUVDB-ID: #VU7779

Risk: High

CVSSv4.0: 5.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2017-11223

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to use-after-free error in the core of the XFA engine. A remote attacker can send a specially crafted file, trick the victim into opening it, trigger memory corruption and execute arbitrary code with system privileges.

Successful exploitation of the vulnerability may result in system compromise.

Mitigation

Update Acrobat DC and Acrobat Reader DC to version 2015.006.30352 or 2017.012.20093.
Update Acrobat 2017 and Acrobat Reader 2017 to version 2017.011.30059.
Update Acrobat XI and Reader XI to version 11.21.

Vulnerable software versions

Adobe Reader: 11.0.0 - 17.009.20058

Adobe Acrobat: 11.0.0 - 17.009.20058

CPE2.3 External links

https://helpx.adobe.com/security/products/acrobat/apsb17-24.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

27) Use-after-free error

EUVDB-ID: #VU7780

Risk: High

CVSSv4.0: 5.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2017-11224

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to use-after-free error in the XFA layout engine. A remote attacker can send a specially crafted file, trick the victim into opening it, trigger memory corruption and execute arbitrary code with system privileges.

Successful exploitation of the vulnerability may result in system compromise.

Mitigation

Update Acrobat DC and Acrobat Reader DC to version 2015.006.30352 or 2017.012.20093.
Update Acrobat 2017 and Acrobat Reader 2017 to version 2017.011.30059.
Update Acrobat XI and Reader XI to version 11.21.

Vulnerable software versions

Adobe Reader: 11.0.0 - 17.009.20058

Adobe Acrobat: 11.0.0 - 17.009.20058

CPE2.3 External links

https://helpx.adobe.com/security/products/acrobat/apsb17-24.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

28) Memory corruption

EUVDB-ID: #VU7781

Risk: High

CVSSv4.0: 5.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2017-11226

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to boundary error in the image processing engine when processing JPEG 2000 (JP2) code stream data. A remote attacker can send a specially crafted file, trick the victim into opening it, trigger memory corruption and execute arbitrary code with system privileges.

Successful exploitation of the vulnerability may result in system compromise.

Mitigation

Update Acrobat DC and Acrobat Reader DC to version 2015.006.30352 or 2017.012.20093.
Update Acrobat 2017 and Acrobat Reader 2017 to version 2017.011.30059.
Update Acrobat XI and Reader XI to version 11.21.

Vulnerable software versions

Adobe Reader: 11.0.0 - 17.009.20058

Adobe Acrobat: 11.0.0 - 17.009.20058

CPE2.3 External links

https://helpx.adobe.com/security/products/acrobat/apsb17-24.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

29) Memory corruption

EUVDB-ID: #VU7782

Risk: High

CVSSv4.0: 5.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2017-11227

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to boundary error in the image conversion engine when processing Enhanced Metafile Format (EMF) private data. A remote attacker can send a specially crafted file, trick the victim into opening it, trigger memory corruption and execute arbitrary code with system privileges.

Successful exploitation of the vulnerability may result in system compromise.

Mitigation

Update Acrobat DC and Acrobat Reader DC to version 2015.006.30352 or 2017.012.20093.
Update Acrobat 2017 and Acrobat Reader 2017 to version 2017.011.30059.
Update Acrobat XI and Reader XI to version 11.21.

Vulnerable software versions

Adobe Reader: 11.0.0 - 17.009.20058

Adobe Acrobat: 11.0.0 - 17.009.20058

CPE2.3 External links

https://helpx.adobe.com/security/products/acrobat/apsb17-24.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

30) Memory corruption

EUVDB-ID: #VU7783

Risk: High

CVSSv4.0: 5.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2017-11228

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to boundary error in the image conversion engine when processing JPEG 2000 (JP2) code stream data. A remote attacker can send a specially crafted file, trick the victim into opening it, trigger memory corruption and execute arbitrary code with system privileges.

Successful exploitation of the vulnerability may result in system compromise.

Mitigation

Update Acrobat DC and Acrobat Reader DC to version 2015.006.30352 or 2017.012.20093.
Update Acrobat 2017 and Acrobat Reader 2017 to version 2017.011.30059.
Update Acrobat XI and Reader XI to version 11.21.

Vulnerable software versions

Adobe Reader: 11.0.0 - 17.009.20058

Adobe Acrobat: 11.0.0 - 17.009.20058

CPE2.3 External links

https://helpx.adobe.com/security/products/acrobat/apsb17-24.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

31) Security restrictions bypass

EUVDB-ID: #VU7784

Risk: High

CVSSv4.0: 5.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2017-11229

CWE-ID: CWE-264 - Permissions, Privileges, and Access Controls

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to improper access controls when manipulating Forms Data Format (FDF). A remote attacker can send a specially crafted file, trick the victim into opening it, bypass security restrictions and execute arbitrary code with system privileges.

Successful exploitation of the vulnerability may result in system compromise.

Mitigation

Update Acrobat DC and Acrobat Reader DC to version 2015.006.30352 or 2017.012.20093.
Update Acrobat 2017 and Acrobat Reader 2017 to version 2017.011.30059.
Update Acrobat XI and Reader XI to version 11.21.

Vulnerable software versions

Adobe Reader: 11.0.0 - 17.009.20058

Adobe Acrobat: 11.0.0 - 17.009.20058

CPE2.3 External links

https://helpx.adobe.com/security/products/acrobat/apsb17-24.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

32) Memory corruption

EUVDB-ID: #VU7820

Risk: Low

CVSSv4.0: 1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2017-11230

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a remote attacker to obtain potentially sensitive information.

The weakness exists due to boundary error in the JPEG 2000 engine. A remote attacker can send a specially crafted file, trick the victim into opening it, trigger memory corruption and read arbitrary files on the system.

Successful exploitation of the vulnerability results in information disclosure.

Mitigation

Update Acrobat DC and Acrobat Reader DC to version 2015.006.30352 or 2017.012.20093.
Update Acrobat 2017 and Acrobat Reader 2017 to version 2017.011.30059.
Update Acrobat XI and Reader XI to version 11.21.

Vulnerable software versions

Adobe Reader: 11.0.0 - 17.009.20058

Adobe Acrobat: 11.0.0 - 17.009.20058

CPE2.3 External links

https://helpx.adobe.com/security/products/acrobat/apsb17-24.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

33) Use-after-free error

EUVDB-ID: #VU7785

Risk: High

CVSSv4.0: 5.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2017-11231

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to use-after-free error in Acrobat/Reader rendering engine. A remote attacker can send a specially crafted file, trick the victim into opening it, trigger memory corruption and execute arbitrary code with system privileges.

Successful exploitation of the vulnerability may result in system compromise.

Mitigation

Update Acrobat DC and Acrobat Reader DC to version 2015.006.30352 or 2017.012.20093.
Update Acrobat 2017 and Acrobat Reader 2017 to version 2017.011.30059.
Update Acrobat XI and Reader XI to version 11.21.

Vulnerable software versions

Adobe Reader: 11.0.0 - 17.009.20058

Adobe Acrobat: 11.0.0 - 17.009.20058

CPE2.3 External links

https://helpx.adobe.com/security/products/acrobat/apsb17-24.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

34) Use-after-free error

EUVDB-ID: #VU7819

Risk: Low

CVSSv4.0: 1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2017-11232

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a remote attacker to obtain potentially sensitive information.

The weakness exists due to use-after-free error when processing Enhanced Metafile Format (EMF) data related to brush manipulation. A remote attacker can send a specially crafted file, trick the victim into opening it, trigger memory corruption and read arbitrary files on the system.

Successful exploitation of the vulnerability results in information disclosure.

Mitigation

Update Acrobat DC and Acrobat Reader DC to version 2015.006.30352 or 2017.012.20093.
Update Acrobat 2017 and Acrobat Reader 2017 to version 2017.011.30059.
Update Acrobat XI and Reader XI to version 11.21.

Vulnerable software versions

Adobe Reader: 11.0.0 - 17.009.20058

Adobe Acrobat: 11.0.0 - 17.009.20058

CPE2.3 External links

https://helpx.adobe.com/security/products/acrobat/apsb17-24.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

35) Memory corruption

EUVDB-ID: #VU7818

Risk: Low

CVSSv4.0: 1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2017-11233

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a remote attacker to obtain potentially sensitive information.

The weakness exists due to boundary error in the image conversion engine when processing Enhanced Metafile Format (EMF) data related to block transfer of pixels. A remote attacker can send a specially crafted file, trick the victim into opening it, trigger memory corruption and read arbitrary files on the system.

Successful exploitation of the vulnerability results in information disclosure.

Mitigation

Update Acrobat DC and Acrobat Reader DC to version 2015.006.30352 or 2017.012.20093.
Update Acrobat 2017 and Acrobat Reader 2017 to version 2017.011.30059.
Update Acrobat XI and Reader XI to version 11.21.

Vulnerable software versions

Adobe Reader: 11.0.0 - 17.009.20058

Adobe Acrobat: 11.0.0 - 17.009.20058

CPE2.3 External links

https://helpx.adobe.com/security/products/acrobat/apsb17-24.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

36) Memory corruption

EUVDB-ID: #VU7786

Risk: High

CVSSv4.0: 5.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2017-11234

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to boundary error in the image conversion engine when processing TIFF data related to the way how the components of each pixel are stored. A remote attacker can send a specially crafted file, trick the victim into opening it, trigger memory corruption and execute arbitrary code with system privileges.

Successful exploitation of the vulnerability may result in system compromise.

Mitigation

Update Acrobat DC and Acrobat Reader DC to version 2015.006.30352 or 2017.012.20093.
Update Acrobat 2017 and Acrobat Reader 2017 to version 2017.011.30059.
Update Acrobat XI and Reader XI to version 11.21.

Vulnerable software versions

Adobe Reader: 11.0.0 - 17.009.20058

Adobe Acrobat: 11.0.0 - 17.009.20058

CPE2.3 External links

https://helpx.adobe.com/security/products/acrobat/apsb17-24.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

37) Use-after-free error

EUVDB-ID: #VU7787

Risk: High

CVSSv4.0: 5.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2017-11235

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to use-after-free error in the image conversion engine when decompressing JPEG data. A remote attacker can send a specially crafted file, trick the victim into opening it, trigger memory corruption and execute arbitrary code with system privileges.

Successful exploitation of the vulnerability may result in system compromise.

Mitigation

Update Acrobat DC and Acrobat Reader DC to version 2015.006.30352 or 2017.012.20093.
Update Acrobat 2017 and Acrobat Reader 2017 to version 2017.011.30059.
Update Acrobat XI and Reader XI to version 11.21.

Vulnerable software versions

Adobe Reader: 11.0.0 - 17.009.20058

Adobe Acrobat: 11.0.0 - 17.009.20058

CPE2.3 External links

https://helpx.adobe.com/security/products/acrobat/apsb17-24.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

38) Memory corruption

EUVDB-ID: #VU7817

Risk: Low

CVSSv4.0: 1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2017-11236

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a remote attacker to obtain potentially sensitive information.

The weakness exists due to boundary error in the internal handling of UTF-16 literal strings. A remote attacker can send a specially crafted file, trick the victim into opening it, trigger memory corruption and read arbitrary files on the system.

Successful exploitation of the vulnerability results in information disclosure.

Mitigation

Update Acrobat DC and Acrobat Reader DC to version 2015.006.30352 or 2017.012.20093.
Update Acrobat 2017 and Acrobat Reader 2017 to version 2017.011.30059.
Update Acrobat XI and Reader XI to version 11.21.

Vulnerable software versions

Adobe Reader: 11.0.0 - 17.009.20058

Adobe Acrobat: 11.0.0 - 17.009.20058

CPE2.3 External links

https://helpx.adobe.com/security/products/acrobat/apsb17-24.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

39) Memory corruption

EUVDB-ID: #VU7788

Risk: High

CVSSv4.0: 5.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2017-11237

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to boundary error in the font parsing module. A remote attacker can send a specially crafted file, trick the victim into opening it, trigger memory corruption and execute arbitrary code with system privileges.

Successful exploitation of the vulnerability may result in system compromise.

Mitigation

Update Acrobat DC and Acrobat Reader DC to version 2015.006.30352 or 2017.012.20093.
Update Acrobat 2017 and Acrobat Reader 2017 to version 2017.011.30059.
Update Acrobat XI and Reader XI to version 11.21.

Vulnerable software versions

Adobe Reader: 11.0.0 - 17.009.20058

Adobe Acrobat: 11.0.0 - 17.009.20058

CPE2.3 External links

https://helpx.adobe.com/security/products/acrobat/apsb17-24.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

40) Memory corruption

EUVDB-ID: #VU7816

Risk: Low

CVSSv4.0: 1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2017-11238

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a remote attacker to obtain potentially sensitive information.

The weakness exists due to boundary error in the image conversion engine when processing Enhanced Metafile Format (EMF) data related to curve drawing. A remote attacker can send a specially crafted file, trick the victim into opening it, trigger memory corruption and read arbitrary files on the system.

Successful exploitation of the vulnerability results in information disclosure.

Mitigation

Update Acrobat DC and Acrobat Reader DC to version 2015.006.30352 or 2017.012.20093.
Update Acrobat 2017 and Acrobat Reader 2017 to version 2017.011.30059.
Update Acrobat XI and Reader XI to version 11.21.

Vulnerable software versions

Adobe Reader: 11.0.0 - 17.009.20058

Adobe Acrobat: 11.0.0 - 17.009.20058

CPE2.3 External links

https://helpx.adobe.com/security/products/acrobat/apsb17-24.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

41) Memory corruption

EUVDB-ID: #VU7815

Risk: Low

CVSSv4.0: 1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2017-11239

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a remote attacker to obtain potentially sensitive information.

The weakness exists due to boundary error in the image conversion engine when processing Enhanced Metafile Format (EMF) data related to text strings. A remote attacker can send a specially crafted file, trick the victim into opening it, trigger memory corruption and read arbitrary files on the system.

Successful exploitation of the vulnerability results in information disclosure.

Mitigation

Update Acrobat DC and Acrobat Reader DC to version 2015.006.30352 or 2017.012.20093.
Update Acrobat 2017 and Acrobat Reader 2017 to version 2017.011.30059.
Update Acrobat XI and Reader XI to version 11.21.

Vulnerable software versions

Adobe Reader: 11.0.0 - 17.009.20058

Adobe Acrobat: 11.0.0 - 17.009.20058

CPE2.3 External links

https://helpx.adobe.com/security/products/acrobat/apsb17-24.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

42) Heap-based buffer overflow

EUVDB-ID: #VU7789

Risk: High

CVSSv4.0: 5.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2017-11241

CWE-ID: CWE-122 - Heap-based Buffer Overflow

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to heap-based buffer overflow in the image conversion engine when processing Enhanced Metafile Format (EMF) data related to polygons. A remote attacker can send a specially crafted .pdf file, trick the victim into opening it, trigger memory corruption and execute arbitrary code with system privileges.

Successful exploitation of the vulnerability may result in system compromise.

Mitigation

Update Acrobat DC and Acrobat Reader DC to version 2015.006.30352 or 2017.012.20093.
Update Acrobat 2017 and Acrobat Reader 2017 to version 2017.011.30059.
Update Acrobat XI and Reader XI to version 11.21.

Vulnerable software versions

Adobe Reader: 11.0.0 - 17.009.20058

Adobe Acrobat: 11.0.0 - 17.009.20058

CPE2.3 External links

https://helpx.adobe.com/security/products/acrobat/apsb17-24.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

43) Memory corruption

EUVDB-ID: #VU7814

Risk: Low

CVSSv4.0: 1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2017-11242

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a remote attacker to obtain potentially sensitive information.

The weakness exists due to boundary error in the image conversion engine when processing Enhanced Metafile Format (EMF) data related to line segments. A remote attacker can send a specially crafted file, trick the victim into opening it, trigger memory corruption and read arbitrary files on the system.

Successful exploitation of the vulnerability results in information disclosure.

Mitigation

Update Acrobat DC and Acrobat Reader DC to version 2015.006.30352 or 2017.012.20093.
Update Acrobat 2017 and Acrobat Reader 2017 to version 2017.011.30059.
Update Acrobat XI and Reader XI to version 11.21.

Vulnerable software versions

Adobe Reader: 11.0.0 - 17.009.20058

Adobe Acrobat: 11.0.0 - 17.009.20058

CPE2.3 External links

https://helpx.adobe.com/security/products/acrobat/apsb17-24.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

44) Memory corruption

EUVDB-ID: #VU7813

Risk: Low

CVSSv4.0: 1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2017-11243

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a remote attacker to obtain potentially sensitive information.

The weakness exists due to boundary error in the XSLT engine. A remote attacker can send a specially crafted file, trick the victim into opening it, trigger memory corruption and read arbitrary files on the system.

Successful exploitation of the vulnerability results in information disclosure.

Mitigation

Update Acrobat DC and Acrobat Reader DC to version 2015.006.30352 or 2017.012.20093.
Update Acrobat 2017 and Acrobat Reader 2017 to version 2017.011.30059.
Update Acrobat XI and Reader XI to version 11.21.

Vulnerable software versions

Adobe Reader: 11.0.0 - 17.009.20058

Adobe Acrobat: 11.0.0 - 17.009.20058

CPE2.3 External links

https://helpx.adobe.com/security/products/acrobat/apsb17-24.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

45) Memory corruption

EUVDB-ID: #VU7812

Risk: Low

CVSSv4.0: 1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2017-11244

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a remote attacker to obtain potentially sensitive information.

The weakness exists due to boundary error in the image conversion engine when processing Enhanced Metafile Format (EMF) data related to transformation of blocks of pixels. A remote attacker can send a specially crafted file, trick the victim into opening it, trigger memory corruption and read arbitrary files on the system.

Successful exploitation of the vulnerability results in information disclosure.

Mitigation

Update Acrobat DC and Acrobat Reader DC to version 2015.006.30352 or 2017.012.20093.
Update Acrobat 2017 and Acrobat Reader 2017 to version 2017.011.30059.
Update Acrobat XI and Reader XI to version 11.21.

Vulnerable software versions

Adobe Reader: 11.0.0 - 17.009.20058

Adobe Acrobat: 11.0.0 - 17.009.20058

CPE2.3 External links

https://helpx.adobe.com/security/products/acrobat/apsb17-24.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

46) Memory corruption

EUVDB-ID: #VU7811

Risk: Low

CVSSv4.0: 1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2017-11245

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a remote attacker to obtain potentially sensitive information.

The weakness exists due to boundary error in the image conversion engine when processing Enhanced Metafile Format (EMF) private data. A remote attacker can send a specially crafted file, trick the victim into opening it, trigger memory corruption and read arbitrary files on the system.

Successful exploitation of the vulnerability results in information disclosure.

Mitigation

Update Acrobat DC and Acrobat Reader DC to version 2015.006.30352 or 2017.012.20093.
Update Acrobat 2017 and Acrobat Reader 2017 to version 2017.011.30059.
Update Acrobat XI and Reader XI to version 11.21.

Vulnerable software versions

Adobe Reader: 11.0.0 - 17.009.20058

Adobe Acrobat: 11.0.0 - 17.009.20058

CPE2.3 External links

https://helpx.adobe.com/security/products/acrobat/apsb17-24.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

47) Memory corruption

EUVDB-ID: #VU7810

Risk: Low

CVSSv4.0: 1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2017-11246

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a remote attacker to obtain potentially sensitive information.

The weakness exists due to boundary error  in the image conversion engine when parsing JPEG data. A remote attacker can send a specially crafted file, trick the victim into opening it, trigger memory corruption and read arbitrary files on the system.

Successful exploitation of the vulnerability results in information disclosure.

Mitigation

Update Acrobat DC and Acrobat Reader DC to version 2015.006.30352 or 2017.012.20093.
Update Acrobat 2017 and Acrobat Reader 2017 to version 2017.011.30059.
Update Acrobat XI and Reader XI to version 11.21.

Vulnerable software versions

Adobe Reader: 11.0.0 - 17.009.20058

Adobe Acrobat: 11.0.0 - 17.009.20058

CPE2.3 External links

https://helpx.adobe.com/security/products/acrobat/apsb17-24.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

48) Memory corruption

EUVDB-ID: #VU7809

Risk: Low

CVSSv4.0: 1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2017-11248

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a remote attacker to obtain potentially sensitive information.

The weakness exists due to boundary error in the image conversion engine when processing Enhanced Metafile Format (EMF) data related to pixel block transfer. A remote attacker can send a specially crafted file, trick the victim into opening it, trigger memory corruption and read arbitrary files on the system.

Successful exploitation of the vulnerability results in information disclosure.

Mitigation

Update Acrobat DC and Acrobat Reader DC to version 2015.006.30352 or 2017.012.20093.
Update Acrobat 2017 and Acrobat Reader 2017 to version 2017.011.30059.
Update Acrobat XI and Reader XI to version 11.21.

Vulnerable software versions

Adobe Reader: 11.0.0 - 17.009.20058

Adobe Acrobat: 11.0.0 - 17.009.20058

CPE2.3 External links

https://helpx.adobe.com/security/products/acrobat/apsb17-24.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

49) Memory corruption

EUVDB-ID: #VU7808

Risk: Low

CVSSv4.0: 1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2017-11249

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a remote attacker to obtain potentially sensitive information.

The weakness exists due to boundary error in the image conversion engine when parsing an invalid Enhanced Metafile Format (EMF) record. A remote attacker can send a specially crafted file, trick the victim into opening it, trigger memory corruption and read arbitrary files on the system.

Successful exploitation of the vulnerability results in information disclosure.

Mitigation

Update Acrobat DC and Acrobat Reader DC to version 2015.006.30352 or 2017.012.20093.
Update Acrobat 2017 and Acrobat Reader 2017 to version 2017.011.30059.
Update Acrobat XI and Reader XI to version 11.21.

Vulnerable software versions

Adobe Reader: 11.0.0 - 17.009.20058

Adobe Acrobat: 11.0.0 - 17.009.20058

CPE2.3 External links

https://helpx.adobe.com/security/products/acrobat/apsb17-24.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

50) Memory corruption

EUVDB-ID: #VU7790

Risk: High

CVSSv4.0: 5.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2017-11251

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to boundary error in the JPEG 2000 parsing module. A remote attacker can send a specially crafted file, trick the victim into opening it, trigger memory corruption and execute arbitrary code with system privileges.

Successful exploitation of the vulnerability may result in system compromise.

Mitigation

Update Acrobat DC and Acrobat Reader DC to version 2015.006.30352 or 2017.012.20093.
Update Acrobat 2017 and Acrobat Reader 2017 to version 2017.011.30059.
Update Acrobat XI and Reader XI to version 11.21.

Vulnerable software versions

Adobe Reader: 11.0.0 - 17.009.20058

Adobe Acrobat: 11.0.0 - 17.009.20058

CPE2.3 External links

https://helpx.adobe.com/security/products/acrobat/apsb17-24.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

51) Memory corruption

EUVDB-ID: #VU7807

Risk: Low

CVSSv4.0: 1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2017-11252

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a remote attacker to obtain potentially sensitive information.

The weakness exists due to boundary error in the Adobe Graphics Manager (AGM) module. A remote attacker can send a specially crafted file, trick the victim into opening it, trigger memory corruption and read arbitrary files on the system.

Successful exploitation of the vulnerability results in information disclosure.

Mitigation

Update Acrobat DC and Acrobat Reader DC to version 2015.006.30352 or 2017.012.20093.
Update Acrobat 2017 and Acrobat Reader 2017 to version 2017.011.30059.
Update Acrobat XI and Reader XI to version 11.21.

Vulnerable software versions

Adobe Reader: 11.0.0 - 17.009.20058

Adobe Acrobat: 11.0.0 - 17.009.20058

CPE2.3 External links

https://helpx.adobe.com/security/products/acrobat/apsb17-24.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

52) Use-after-free error

EUVDB-ID: #VU7791

Risk: High

CVSSv4.0: 5.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2017-11254

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to use-after-free error in the Acrobat/Reader's JavaScript engine. A remote attacker can send a specially crafted file, trick the victim into opening it, trigger memory corruption and execute arbitrary code with system privileges.

Successful exploitation of the vulnerability may result in system compromise.

Mitigation

Update Acrobat DC and Acrobat Reader DC to version 2015.006.30352 or 2017.012.20093.
Update Acrobat 2017 and Acrobat Reader 2017 to version 2017.011.30059.
Update Acrobat XI and Reader XI to version 11.21.

Vulnerable software versions

Adobe Reader: 11.0.0 - 17.009.20058

Adobe Acrobat: 11.0.0 - 17.009.20058

CPE2.3 External links

https://helpx.adobe.com/security/products/acrobat/apsb17-24.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

53) Memory corruption

EUVDB-ID: #VU7806

Risk: Low

CVSSv4.0: 1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2017-11255

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a remote attacker to obtain potentially sensitive information.

The weakness exists due to boundary error in the image conversion engine when processing TIFF color map data. A remote attacker can send a specially crafted file, trick the victim into opening it, trigger memory corruption and read arbitrary files on the system.

Successful exploitation of the vulnerability results in information disclosure.

Mitigation

Update Acrobat DC and Acrobat Reader DC to version 2015.006.30352 or 2017.012.20093.
Update Acrobat 2017 and Acrobat Reader 2017 to version 2017.011.30059.
Update Acrobat XI and Reader XI to version 11.21.

Vulnerable software versions

Adobe Reader: 11.0.0 - 17.009.20058

Adobe Acrobat: 11.0.0 - 17.009.20058

CPE2.3 External links

https://helpx.adobe.com/security/products/acrobat/apsb17-24.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

54) Use-after-free error

EUVDB-ID: #VU7792

Risk: High

CVSSv4.0: 5.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2017-11256

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to use-after-free error when generating content using XFA layout engine. A remote attacker can send a specially crafted file, trick the victim into opening it, trigger memory corruption and execute arbitrary code with system privileges.

Successful exploitation of the vulnerability may result in system compromise.

Mitigation

Update Acrobat DC and Acrobat Reader DC to version 2015.006.30352 or 2017.012.20093.
Update Acrobat 2017 and Acrobat Reader 2017 to version 2017.011.30059.
Update Acrobat XI and Reader XI to version 11.21.

Vulnerable software versions

Adobe Reader: 11.0.0 - 17.009.20058

Adobe Acrobat: 11.0.0 - 17.009.20058

CPE2.3 External links

https://helpx.adobe.com/security/products/acrobat/apsb17-24.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

55) Type confusion error

EUVDB-ID: #VU7793

Risk: High

CVSSv4.0: 5.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2017-11257

CWE-ID: CWE-843 - Type confusion

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to type confusion error in the XFA layout engine. A remote attacker can send a specially crafted file, trick the victim into opening it and execute arbitrary code with system privileges.

Successful exploitation of the vulnerability may result in system compromise.

Mitigation

Update Acrobat DC and Acrobat Reader DC to version 2015.006.30352 or 2017.012.20093.
Update Acrobat 2017 and Acrobat Reader 2017 to version 2017.011.30059.
Update Acrobat XI and Reader XI to version 11.21.

Vulnerable software versions

Adobe Reader: 11.0.0 - 17.009.20058

Adobe Acrobat: 11.0.0 - 17.009.20058

CPE2.3 External links

https://helpx.adobe.com/security/products/acrobat/apsb17-24.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

56) Memory corruption

EUVDB-ID: #VU7805

Risk: Low

CVSSv4.0: 1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2017-11258

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a remote attacker to obtain potentially sensitive information.

The weakness exists due to boundary error in the image conversion engine when processing Enhanced Metafile Format (EMF) private data and the embedded GIF image. A remote attacker can send a specially crafted file, trick the victim into opening it, trigger memory corruption and read arbitrary files on the system.

Successful exploitation of the vulnerability results in information disclosure.

Mitigation

Update Acrobat DC and Acrobat Reader DC to version 2015.006.30352 or 2017.012.20093.
Update Acrobat 2017 and Acrobat Reader 2017 to version 2017.011.30059.
Update Acrobat XI and Reader XI to version 11.21.

Vulnerable software versions

Adobe Reader: 11.0.0 - 17.009.20058

Adobe Acrobat: 11.0.0 - 17.009.20058

CPE2.3 External links

https://helpx.adobe.com/security/products/acrobat/apsb17-24.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

57) Memory corruption

EUVDB-ID: #VU7794

Risk: High

CVSSv4.0: 5.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2017-11259

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to boundary error in the image conversion engine when processing Enhanced Metafile Format (EMF) private data. A remote attacker can send a specially crafted file, trick the victim into opening it, trigger memory corruption and execute arbitrary code with system privileges.

Successful exploitation of the vulnerability may result in system compromise.

Mitigation

Update Acrobat DC and Acrobat Reader DC to version 2015.006.30352 or 2017.012.20093.
Update Acrobat 2017 and Acrobat Reader 2017 to version 2017.011.30059.
Update Acrobat XI and Reader XI to version 11.21.

Vulnerable software versions

Adobe Reader: 11.0.0 - 17.009.20058

Adobe Acrobat: 11.0.0 - 17.009.20058

CPE2.3 External links

https://helpx.adobe.com/security/products/acrobat/apsb17-24.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

58) Memory corruption

EUVDB-ID: #VU7795

Risk: High

CVSSv4.0: 5.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2017-11260

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to boundary error in the image conversion engine when processing Enhanced Metafile Format (EMF) private data interpreted as a GIF image. A remote attacker can send a specially crafted file, trick the victim into opening it, trigger memory corruption and execute arbitrary code with system privileges.

Successful exploitation of the vulnerability may result in system compromise.

Mitigation

Update Acrobat DC and Acrobat Reader DC to version 2015.006.30352 or 2017.012.20093.
Update Acrobat 2017 and Acrobat Reader 2017 to version 2017.011.30059.
Update Acrobat XI and Reader XI to version 11.21.

Vulnerable software versions

Adobe Reader: 11.0.0 - 17.009.20058

Adobe Acrobat: 11.0.0 - 17.009.20058

CPE2.3 External links

https://helpx.adobe.com/security/products/acrobat/apsb17-24.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

59) Memory corruption

EUVDB-ID: #VU7796

Risk: High

CVSSv4.0: 5.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2017-11261

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to boundary error in the image conversion engine when processing Enhanced Metafile Format (EMF) private data and the embedded TIF image. A remote attacker can send a specially crafted file, trick the victim into opening it, trigger memory corruption and execute arbitrary code with system privileges.

Successful exploitation of the vulnerability may result in system compromise.

Mitigation

Update Acrobat DC and Acrobat Reader DC to version 2015.006.30352 or 2017.012.20093.
Update Acrobat 2017 and Acrobat Reader 2017 to version 2017.011.30059.
Update Acrobat XI and Reader XI to version 11.21.

Vulnerable software versions

Adobe Reader: 11.0.0 - 17.009.20058

Adobe Acrobat: 11.0.0 - 17.009.20058

CPE2.3 External links

https://helpx.adobe.com/security/products/acrobat/apsb17-24.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

60) Memory corruption

EUVDB-ID: #VU7797

Risk: High

CVSSv4.0: 5.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2017-11262

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to boundary error in the image conversion engine when processing Enhanced Metafile Format (EMF) data related to drawing ASCII text string. A remote attacker can send a specially crafted file, trick the victim into opening it, trigger memory corruption and execute arbitrary code with system privileges.

Successful exploitation of the vulnerability may result in system compromise.

Mitigation

Update Acrobat DC and Acrobat Reader DC to version 2015.006.30352 or 2017.012.20093.
Update Acrobat 2017 and Acrobat Reader 2017 to version 2017.011.30059.
Update Acrobat XI and Reader XI to version 11.21.

Vulnerable software versions

Adobe Reader: 11.0.0 - 17.009.20058

Adobe Acrobat: 11.0.0 - 17.009.20058

CPE2.3 External links

https://helpx.adobe.com/security/products/acrobat/apsb17-24.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

61) Memory corruption

EUVDB-ID: #VU7798

Risk: High

CVSSv4.0: 5.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2017-11263

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to boundary error in the internal data structure manipulation related to document encoding. A remote attacker can send a specially crafted file, trick the victim into opening it, trigger memory corruption and execute arbitrary code with system privileges.

Successful exploitation of the vulnerability may result in system compromise.

Mitigation

Update Acrobat DC and Acrobat Reader DC to version 2015.006.30352 or 2017.012.20093.
Update Acrobat 2017 and Acrobat Reader 2017 to version 2017.011.30059.
Update Acrobat XI and Reader XI to version 11.21.

Vulnerable software versions

Adobe Reader: 11.0.0 - 17.009.20058

Adobe Acrobat: 11.0.0 - 17.009.20058

CPE2.3 External links

https://helpx.adobe.com/security/products/acrobat/apsb17-24.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

62) Memory corruption

EUVDB-ID: #VU7804

Risk: Low

CVSSv4.0: 1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2017-11265

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a remote attacker to obtain potentially sensitive information.

The weakness exists due to boundary error in the image conversion engine when processing Enhanced Metafile Format (EMF) private data interpreted as JPEG data. A remote attacker can send a specially crafted file, trick the victim into opening it, trigger memory corruption and read arbitrary files on the system.

Successful exploitation of the vulnerability results in information disclosure.

Mitigation

Update Acrobat DC and Acrobat Reader DC to version 2015.006.30352 or 2017.012.20093.
Update Acrobat 2017 and Acrobat Reader 2017 to version 2017.011.30059.
Update Acrobat XI and Reader XI to version 11.21.

Vulnerable software versions

Adobe Reader: 11.0.0 - 17.009.20058

Adobe Acrobat: 11.0.0 - 17.009.20058

CPE2.3 External links

https://helpx.adobe.com/security/products/acrobat/apsb17-24.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

63) Memory corruption

EUVDB-ID: #VU7799

Risk: High

CVSSv4.0: 5.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2017-11267

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to boundary error in the image conversion engine when processing Enhanced Metafile Format (EMF) private data interpreted as JPEG data. A remote attacker can send a specially crafted file, trick the victim into opening it, trigger memory corruption and execute arbitrary code with system privileges.

Successful exploitation of the vulnerability may result in system compromise.

Mitigation

Update Acrobat DC and Acrobat Reader DC to version 2015.006.30352 or 2017.012.20093.
Update Acrobat 2017 and Acrobat Reader 2017 to version 2017.011.30059.
Update Acrobat XI and Reader XI to version 11.21.

Vulnerable software versions

Adobe Reader: 11.0.0 - 17.009.20058

Adobe Acrobat: 11.0.0 - 17.009.20058

CPE2.3 External links

https://helpx.adobe.com/security/products/acrobat/apsb17-24.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

64) Memory corruption

EUVDB-ID: #VU7800

Risk: High

CVSSv4.0: 5.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2017-11268

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to boundary error in the image conversion engine when processing Enhanced Metafile Format (EMF) private JPEG data. A remote attacker can send a specially crafted file, trick the victim into opening it, trigger memory corruption and execute arbitrary code with system privileges.

Successful exploitation of the vulnerability may result in system compromise.

Mitigation

Update Acrobat DC and Acrobat Reader DC to version 2015.006.30352 or 2017.012.20093.
Update Acrobat 2017 and Acrobat Reader 2017 to version 2017.011.30059.
Update Acrobat XI and Reader XI to version 11.21.

Vulnerable software versions

Adobe Reader: 11.0.0 - 17.009.20058

Adobe Acrobat: 11.0.0 - 17.009.20058

CPE2.3 External links

https://helpx.adobe.com/security/products/acrobat/apsb17-24.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

65) Memory corruption

EUVDB-ID: #VU7801

Risk: High

CVSSv4.0: 5.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2017-11269

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to boundary error in the image conversion engine when processing Enhanced Metafile Format (EMF) image stream data. A remote attacker can send a specially crafted file, trick the victim into opening it, trigger memory corruption and execute arbitrary code with system privileges.

Successful exploitation of the vulnerability may result in system compromise.

Mitigation

Update Acrobat DC and Acrobat Reader DC to version 2015.006.30352 or 2017.012.20093.
Update Acrobat 2017 and Acrobat Reader 2017 to version 2017.011.30059.
Update Acrobat XI and Reader XI to version 11.21.

Vulnerable software versions

Adobe Reader: 11.0.0 - 17.009.20058

Adobe Acrobat: 11.0.0 - 17.009.20058

CPE2.3 External links

https://helpx.adobe.com/security/products/acrobat/apsb17-24.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

66) Memory corruption

EUVDB-ID: #VU7802

Risk: High

CVSSv4.0: 5.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2017-11270

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to boundary error in the image conversion engine when processing Enhanced Metafile Format (EMF) private data representing icons. A remote attacker can send a specially crafted file, trick the victim into opening it, trigger memory corruption and execute arbitrary code with system privileges.

Successful exploitation of the vulnerability may result in system compromise.

Mitigation

Update Acrobat DC and Acrobat Reader DC to version 2015.006.30352 or 2017.012.20093.
Update Acrobat 2017 and Acrobat Reader 2017 to version 2017.011.30059.
Update Acrobat XI and Reader XI to version 11.21.

Vulnerable software versions

Adobe Reader: 11.0.0 - 17.009.20058

Adobe Acrobat: 11.0.0 - 17.009.20058

CPE2.3 External links

https://helpx.adobe.com/security/products/acrobat/apsb17-24.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

67) Memory corruption

EUVDB-ID: #VU7803

Risk: High

CVSSv4.0: 5.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2017-11271

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to boundary error in the image conversion engine when processing Enhanced Metafile Format (EMF) data related to transfer of pixel blocks. A remote attacker can send a specially crafted file, trick the victim into opening it, trigger memory corruption and execute arbitrary code with system privileges.

Successful exploitation of the vulnerability may result in system compromise.

Mitigation

Update Acrobat DC and Acrobat Reader DC to version 2015.006.30352 or 2017.012.20093.
Update Acrobat 2017 and Acrobat Reader 2017 to version 2017.011.30059.
Update Acrobat XI and Reader XI to version 11.21.

Vulnerable software versions

Adobe Reader: 11.0.0 - 17.009.20058

Adobe Acrobat: 11.0.0 - 17.009.20058

CPE2.3 External links

https://helpx.adobe.com/security/products/acrobat/apsb17-24.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###