Multiple vulnerabilities in Adobe Reader and Acrobat

1) Memory corruption

EUVDB-ID: #VU7711

Risk: High

CVSSv4.0: 5.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2017-3016

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to boundary error when handling malicious content. A remote attacker can send a specially crafted .pdf file, trick the victim into opening it, trigger memory corruption and execute arbitrary code with system privileges.

Successful exploitation of the vulnerability may result in system compromise.

Mitigation

Update Acrobat DC and Acrobat Reader DC to version 2015.006.30352 or 2017.012.20093.
Update Acrobat 2017 and Acrobat Reader 2017 to version 2017.011.30059.
Update Acrobat XI and Reader XI to version 11.21.

Vulnerable software versions

Adobe Reader: 11.0.0 - 17.009.20058

Adobe Acrobat: 11.0.0 - 17.009.20058

CPE2.3

External links

https://helpx.adobe.com/security/products/acrobat/apsb17-24.html

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Memory corruption

EUVDB-ID: #VU6227

Risk: High

CVSSv4.0: 5.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2017-3038

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to boundary error when handling malicious content. A remote unauthenticated attacker can create a specially crafted PDF file, trick the victim into opening it, trigger memory corruption and execute arbitrary code on the target system with privileges of the current user.

Successful exploitation of this vulnerability may result in remote code execution.

The vulnerability was patched in https://helpx.adobe.com/security/products/acrobat/apsb17-24.html

Mitigation

Update Adobe Reader DC and Acrobat DC to version 2015.006.30352 or 2017.011.30059.
Update Adobe Reader and Acrobat to version 11.0.21.

Vulnerable software versions

Adobe Reader: 11.0.19 - 17.009.20044

Adobe Acrobat: 11.0.19 - 17.009.20044

CPE2.3

External links

https://helpx.adobe.com/security/products/acrobat/apsb17-11.html

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

3) Use-after-free error

EUVDB-ID: #VU7762

Risk: High

CVSSv4.0: 5.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2017-3113

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to use-after-free error when handling malicious content. A remote attacker can send a specially crafted .pdf file, trick the victim into opening it, trigger memory corruption and execute arbitrary code with system privileges.

Successful exploitation of the vulnerability may result in system compromise.

Mitigation

Update Acrobat DC and Acrobat Reader DC to version 2015.006.30352 or 2017.012.20093.
Update Acrobat 2017 and Acrobat Reader 2017 to version 2017.011.30059.
Update Acrobat XI and Reader XI to version 11.21.

Vulnerable software versions

Adobe Reader: 11.0.0 - 17.009.20058

Adobe Acrobat: 11.0.0 - 17.009.20058

CPE2.3

External links

https://helpx.adobe.com/security/products/acrobat/apsb17-24.html

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

4) Information disclosure

EUVDB-ID: #VU7826

Risk: Low

CVSSv4.0: 1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2017-3115

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a remote attacker to obtain potentially sensitive information.

The weakness exists due to insufficient validation of user-supplied input. A remote attacker can send a specially crafted .pdf file, trick the victim into opening it and read arbitrary files on the system.

Successful exploitation of the vulnerability results in information disclosure.

Mitigation

Update Acrobat DC and Acrobat Reader DC to version 2015.006.30352 or 2017.012.20093.
Update Acrobat 2017 and Acrobat Reader 2017 to version 2017.011.30059.
Update Acrobat XI and Reader XI to version 11.21.

Vulnerable software versions

Adobe Reader: 11.0.0 - 17.009.20058

Adobe Acrobat: 11.0.0 - 17.009.20058

CPE2.3

External links

https://helpx.adobe.com/security/products/acrobat/apsb17-24.html

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

5) Memory corruption

EUVDB-ID: #VU7763

Risk: High

CVSSv4.0: 5.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2017-3116

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to boundary error when handling malicious content. A remote attacker can send a specially crafted .pdf file, trick the victim into opening it, trigger memory corruption and execute arbitrary code with system privileges.

Successful exploitation of the vulnerability may result in system compromise.

Mitigation

Update Acrobat DC and Acrobat Reader DC to version 2015.006.30352 or 2017.012.20093.
Update Acrobat 2017 and Acrobat Reader 2017 to version 2017.011.30059.
Update Acrobat XI and Reader XI to version 11.21.

Vulnerable software versions

Adobe Reader: 11.0.0 - 17.009.20058

Adobe Acrobat: 11.0.0 - 17.009.20058

CPE2.3

External links

https://helpx.adobe.com/security/products/acrobat/apsb17-24.html

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

6) Heap-based buffer overflow

EUVDB-ID: #VU7764

Risk: High

CVSSv4.0: 5.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2017-3117

CWE-ID: CWE-122 - Heap-based Buffer Overflow

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to heap-based buffer overflow when handling malicious content. A remote attacker can send a specially crafted .pdf file, trick the victim into opening it, trigger memory corruption and execute arbitrary code with system privileges.

Successful exploitation of the vulnerability may result in system compromise.

Mitigation

Update Acrobat DC and Acrobat Reader DC to version 2015.006.30352 or 2017.012.20093.
Update Acrobat 2017 and Acrobat Reader 2017 to version 2017.011.30059.
Update Acrobat XI and Reader XI to version 11.21.

Vulnerable software versions

Adobe Reader: 11.0.0 - 17.009.20058

Adobe Acrobat: 11.0.0 - 17.009.20058

CPE2.3

External links

https://helpx.adobe.com/security/products/acrobat/apsb17-24.html

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

7) Security restrictions bypass

EUVDB-ID: #VU7825

Risk: Low

CVSSv4.0: 1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2017-3118

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a remote attacker to bypass security restrictions.

The weakness exists due to improper access controls. A remote attacker can send a specially crafted file, trick the victim into opening it, execute malicious attachments and gain access to arbitrary data.

Successful exploitation of the vulnerability results in information disclosure.

Mitigation

Update Acrobat DC and Acrobat Reader DC to version 2015.006.30352 or 2017.012.20093.
Update Acrobat 2017 and Acrobat Reader 2017 to version 2017.011.30059.
Update Acrobat XI and Reader XI to version 11.21.

Vulnerable software versions

Adobe Reader: 11.0.0 - 17.009.20058

Adobe Acrobat: 11.0.0 - 17.009.20058

CPE2.3

External links

https://helpx.adobe.com/security/products/acrobat/apsb17-24.html

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

8) Memory corruption

EUVDB-ID: #VU7765

Risk: High

CVSSv4.0: 5.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2017-3119

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to boundary error when handling malicious content. A remote attacker can send a specially crafted .pdf file, trick the victim into opening it, trigger memory corruption and execute arbitrary code with system privileges.

Successful exploitation of the vulnerability may result in system compromise.

Mitigation

Update Acrobat DC and Acrobat Reader DC to version 2015.006.30352 or 2017.012.20093.
Update Acrobat 2017 and Acrobat Reader 2017 to version 2017.011.30059.
Update Acrobat XI and Reader XI to version 11.21.

Vulnerable software versions

Adobe Reader: 11.0.0 - 17.009.20058

Adobe Acrobat: 11.0.0 - 17.009.20058

CPE2.3

External links

https://helpx.adobe.com/security/products/acrobat/apsb17-24.html

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

9) Use-after-free error

EUVDB-ID: #VU7766

Risk: High

CVSSv4.0: 5.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2017-3120

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to use-after-free error in the XFA parsing engine when handling certain types of internal instructions. A remote attacker can send a specially crafted content, trick the victim into opening it, trigger memory corruption and execute arbitrary code with system privileges.

Successful exploitation of the vulnerability may result in system compromise.

Mitigation

Update Acrobat DC and Acrobat Reader DC to version 2015.006.30352 or 2017.012.20093.
Update Acrobat 2017 and Acrobat Reader 2017 to version 2017.011.30059.
Update Acrobat XI and Reader XI to version 11.21.

Vulnerable software versions

Adobe Reader: 11.0.0 - 17.009.20058

Adobe Acrobat: 11.0.0 - 17.009.20058

CPE2.3

External links

https://helpx.adobe.com/security/products/acrobat/apsb17-24.html

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

10) Heap-based buffer overflow

EUVDB-ID: #VU7767

Risk: High

CVSSv4.0: 5.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2017-3121

CWE-ID: CWE-122 - Heap-based Buffer Overflow

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to heap-based buffer overflow when handling malicious content. A remote attacker can send a specially crafted .pdf file, trick the victim into opening it, trigger memory corruption and execute arbitrary code with system privileges.

Successful exploitation of the vulnerability may result in system compromise.

Mitigation

Update Acrobat DC and Acrobat Reader DC to version 2015.006.30352 or 2017.012.20093.
Update Acrobat 2017 and Acrobat Reader 2017 to version 2017.011.30059.
Update Acrobat XI and Reader XI to version 11.21.

Vulnerable software versions

Adobe Reader: 11.0.0 - 17.009.20058

Adobe Acrobat: 11.0.0 - 17.009.20058

CPE2.3

External links

https://helpx.adobe.com/security/products/acrobat/apsb17-24.html

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

11) Memory corruption

EUVDB-ID: #VU7824

Risk: Low

CVSSv4.0: 1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2017-3122

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a remote attacker to obtain potentially sensitive information.

The weakness exists due to boundary error in the image conversion engine when processing Enhanced Metafile Format (EMF) data related to Bezier curves. A remote attacker can send a specially crafted file, trick the victim into opening it, trigger memory corruption and read arbitrary files on the system.

Successful exploitation of the vulnerability results in information disclosure.

Mitigation

Update Acrobat DC and Acrobat Reader DC to version 2015.006.30352 or 2017.012.20093.
Update Acrobat 2017 and Acrobat Reader 2017 to version 2017.011.30059.
Update Acrobat XI and Reader XI to version 11.21.

Vulnerable software versions

Adobe Reader: 11.0.0 - 17.009.20058

Adobe Acrobat: 11.0.0 - 17.009.20058

CPE2.3

External links

https://helpx.adobe.com/security/products/acrobat/apsb17-24.html

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

12) Memory corruption

EUVDB-ID: #VU7768

Risk: High

CVSSv4.0: 5.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2017-3123

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to boundary error in the image conversion engine when processing Enhanced Metafile Format (EMF) data drawing position definitio. A remote attacker can send a specially crafted file, trick the victim into opening it, trigger memory corruption and execute arbitrary code with system privileges.

Successful exploitation of the vulnerability may result in system compromise.

Mitigation

Update Acrobat DC and Acrobat Reader DC to version 2015.006.30352 or 2017.012.20093.
Update Acrobat 2017 and Acrobat Reader 2017 to version 2017.011.30059.
Update Acrobat XI and Reader XI to version 11.21.

Vulnerable software versions

Adobe Reader: 11.0.0 - 17.009.20058

Adobe Acrobat: 11.0.0 - 17.009.20058

CPE2.3

External links

https://helpx.adobe.com/security/products/acrobat/apsb17-24.html

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

13) Memory corruption

EUVDB-ID: #VU7769

Risk: High

CVSSv4.0: 5.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2017-3124

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to boundary error in the picture exchange (PCX) file format parsing module. A remote attacker can send a specially crafted file, trick the victim into opening it, trigger memory corruption and execute arbitrary code with system privileges.

Successful exploitation of the vulnerability may result in system compromise.

Mitigation

Update Acrobat DC and Acrobat Reader DC to version 2015.006.30352 or 2017.012.20093.
Update Acrobat 2017 and Acrobat Reader 2017 to version 2017.011.30059.
Update Acrobat XI and Reader XI to version 11.21.

Vulnerable software versions

Adobe Reader: 11.0.0 - 17.009.20058

Adobe Acrobat: 11.0.0 - 17.009.20058

CPE2.3

External links

https://helpx.adobe.com/security/products/acrobat/apsb17-24.html

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

14) Memory corruption

EUVDB-ID: #VU7823

Risk: Low

CVSSv4.0: 1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2017-11209

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a remote attacker to obtain potentially sensitive information.

The weakness exists due to boundary error when reading a JPEG file embedded within XML Paper Specification (XPS) file. A remote attacker can send a specially crafted file, trick the victim into opening it, trigger memory corruption and read arbitrary files on the system.

Successful exploitation of the vulnerability results in information disclosure.

Mitigation

Update Acrobat DC and Acrobat Reader DC to version 2015.006.30352 or 2017.012.20093.
Update Acrobat 2017 and Acrobat Reader 2017 to version 2017.011.30059.
Update Acrobat XI and Reader XI to version 11.21.

Vulnerable software versions

Adobe Reader: 11.0.0 - 17.009.20058

Adobe Acrobat: 11.0.0 - 17.009.20058

CPE2.3

External links

https://helpx.adobe.com/security/products/acrobat/apsb17-24.html

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

15) Memory corruption

EUVDB-ID: #VU7822

Risk: Low

CVSSv4.0: 1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2017-11210

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a remote attacker to obtain potentially sensitive information.

The weakness exists due to boundary error in the font parsing, where the font is embedded in the XML Paper Specification (XPS) file. A remote attacker can send a specially crafted file, trick the victim into opening it, trigger memory corruption and read arbitrary files on the system.

Successful exploitation of the vulnerability results in information disclosure.

Mitigation

Update Acrobat DC and Acrobat Reader DC to version 2015.006.30352 or 2017.012.20093.
Update Acrobat 2017 and Acrobat Reader 2017 to version 2017.011.30059.
Update Acrobat XI and Reader XI to version 11.21.

Vulnerable software versions

Adobe Reader: 11.0.0 - 17.009.20058

Adobe Acrobat: 11.0.0 - 17.009.20058

CPE2.3

External links

https://helpx.adobe.com/security/products/acrobat/apsb17-24.html

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

16) Heap-based buffer overflow

EUVDB-ID: #VU7770

Risk: High

CVSSv4.0: 5.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2017-11211

CWE-ID: CWE-122 - Heap-based Buffer Overflow

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to heap-based buffer overflow in the JPEG parser. A remote attacker can send a specially crafted file, trick the victim into opening it, trigger memory corruption and execute arbitrary code with system privileges.

Successful exploitation of the vulnerability may result in system compromise.

Mitigation

Update Acrobat DC and Acrobat Reader DC to version 2015.006.30352 or 2017.012.20093.
Update Acrobat 2017 and Acrobat Reader 2017 to version 2017.011.30059.
Update Acrobat XI and Reader XI to version 11.21.

Vulnerable software versions

Adobe Reader: 11.0.0 - 17.009.20058

Adobe Acrobat: 11.0.0 - 17.009.20058

CPE2.3

External links

https://helpx.adobe.com/security/products/acrobat/apsb17-24.html

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

17) Memory corruption

EUVDB-ID: #VU7771

Risk: High

CVSSv4.0: 5.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2017-11212

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to boundary error in the image conversion engine when processing Enhanced Metafile Format (EMF) data related to text output. A remote attacker can send a specially crafted file, trick the victim into opening it, trigger memory corruption and execute arbitrary code with system privileges.

Successful exploitation of the vulnerability may result in system compromise.

Mitigation

Update Acrobat DC and Acrobat Reader DC to version 2015.006.30352 or 2017.012.20093.
Update Acrobat 2017 and Acrobat Reader 2017 to version 2017.011.30059.
Update Acrobat XI and Reader XI to version 11.21.

Vulnerable software versions

Adobe Reader: 11.0.0 - 17.009.20058

Adobe Acrobat: 11.0.0 - 17.009.20058

CPE2.3

External links

https://helpx.adobe.com/security/products/acrobat/apsb17-24.html

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

18) Memory corruption

EUVDB-ID: #VU7772

Risk: High

CVSSv4.0: 5.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2017-11214

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to boundary error in the image conversion engine when processing Enhanced Metafile Format (EMF) data related to rendering a path. A remote attacker can send a specially crafted file, trick the victim into opening it, trigger memory corruption and execute arbitrary code with system privileges.

Successful exploitation of the vulnerability may result in system compromise.

Mitigation

Update Acrobat DC and Acrobat Reader DC to version 2015.006.30352 or 2017.012.20093.
Update Acrobat 2017 and Acrobat Reader 2017 to version 2017.011.30059.
Update Acrobat XI and Reader XI to version 11.21.

Vulnerable software versions

Adobe Reader: 11.0.0 - 17.009.20058

Adobe Acrobat: 11.0.0 - 17.009.20058

CPE2.3

External links

https://helpx.adobe.com/security/products/acrobat/apsb17-24.html

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

19) Memory corruption

EUVDB-ID: #VU7773

Risk: High

CVSSv4.0: 5.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2017-11216

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to boundary error in the image conversion engine when processing Enhanced Metafile Format (EMF) data related to bitmap transformations. A remote attacker can send a specially crafted file, trick the victim into opening it, trigger memory corruption and execute arbitrary code with system privileges.

Successful exploitation of the vulnerability may result in system compromise.

Mitigation

Update Acrobat DC and Acrobat Reader DC to version 2015.006.30352 or 2017.012.20093.
Update Acrobat 2017 and Acrobat Reader 2017 to version 2017.011.30059.
Update Acrobat XI and Reader XI to version 11.21.

Vulnerable software versions

Adobe Reader: 11.0.0 - 17.009.20058

Adobe Acrobat: 11.0.0 - 17.009.20058

CPE2.3

External links

https://helpx.adobe.com/security/products/acrobat/apsb17-24.html

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

20) Memory corruption

EUVDB-ID: #VU7821

Risk: Low

CVSSv4.0: 1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2017-11217

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a remote attacker to obtain potentially sensitive information.

The weakness exists due to boundary error when processing Enhanced Metafile Format (EMF) data related to drawing of Unicode text strings. A remote attacker can send a specially crafted file, trick the victim into opening it, trigger memory corruption and read arbitrary files on the system.

Successful exploitation of the vulnerability results in information disclosure.

Mitigation

Update Acrobat DC and Acrobat Reader DC to version 2015.006.30352 or 2017.012.20093.
Update Acrobat 2017 and Acrobat Reader 2017 to version 2017.011.30059.
Update Acrobat XI and Reader XI to version 11.21.

Vulnerable software versions

Adobe Reader: 11.0.0 - 17.009.20058

Adobe Acrobat: 11.0.0 - 17.009.20058

CPE2.3

External links

https://helpx.adobe.com/security/products/acrobat/apsb17-24.html

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

21) Use-after-free error

EUVDB-ID: #VU7774

Risk: High

CVSSv4.0: 5.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2017-11218

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to use-after-free error in XFA event management. A remote attacker can send a specially crafted file, trick the victim into opening it, trigger memory corruption and execute arbitrary code with system privileges.

Successful exploitation of the vulnerability may result in system compromise.

Mitigation

Update Acrobat DC and Acrobat Reader DC to version 2015.006.30352 or 2017.012.20093.
Update Acrobat 2017 and Acrobat Reader 2017 to version 2017.011.30059.
Update Acrobat XI and Reader XI to version 11.21.

Vulnerable software versions

Adobe Reader: 11.0.0 - 17.009.20058

Adobe Acrobat: 11.0.0 - 17.009.20058

CPE2.3

External links

https://helpx.adobe.com/security/products/acrobat/apsb17-24.html

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

22) Use-after-free error

EUVDB-ID: #VU7775

Risk: High

CVSSv4.0: 5.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2017-11219

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to use-after-free error in the XFA rendering engine. A remote attacker can send a specially crafted file, trick the victim into opening it, trigger memory corruption and execute arbitrary code with system privileges.

Successful exploitation of the vulnerability may result in system compromise.

Mitigation

Update Acrobat DC and Acrobat Reader DC to version 2015.006.30352 or 2017.012.20093.
Update Acrobat 2017 and Acrobat Reader 2017 to version 2017.011.30059.
Update Acrobat XI and Reader XI to version 11.21.

Vulnerable software versions

Adobe Reader: 11.0.0 - 17.009.20058

Adobe Acrobat: 11.0.0 - 17.009.20058

CPE2.3

External links

https://helpx.adobe.com/security/products/acrobat/apsb17-24.html

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

23) Heap-based buffer overflow

EUVDB-ID: #VU7776

Risk: High

CVSSv4.0: 5.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2017-11220

CWE-ID: CWE-122 - Heap-based Buffer Overflow

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to heap-based buffer overflow in an internal data structure. A remote attacker can send a specially crafted .pdf file, trick the victim into opening it, trigger memory corruption and execute arbitrary code with system privileges.

Successful exploitation of the vulnerability may result in system compromise.

Mitigation

Update Acrobat DC and Acrobat Reader DC to version 2015.006.30352 or 2017.012.20093.
Update Acrobat 2017 and Acrobat Reader 2017 to version 2017.011.30059.
Update Acrobat XI and Reader XI to version 11.21.

Vulnerable software versions

Adobe Reader: 11.0.0 - 17.009.20058

Adobe Acrobat: 11.0.0 - 17.009.20058

CPE2.3

External links

https://helpx.adobe.com/security/products/acrobat/apsb17-24.html

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

24) Type confusion error

EUVDB-ID: #VU7777

Risk: High

CVSSv4.0: 5.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2017-11221

CWE-ID: CWE-843 - Type confusion

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to type confusion error in the annotation functionality. A remote attacker can send a specially crafted file, trick the victim into opening it and execute arbitrary code with system privileges.

Successful exploitation of the vulnerability may result in system compromise.

Mitigation

Update Acrobat DC and Acrobat Reader DC to version 2015.006.30352 or 2017.012.20093.
Update Acrobat 2017 and Acrobat Reader 2017 to version 2017.011.30059.
Update Acrobat XI and Reader XI to version 11.21.

Vulnerable software versions

Adobe Reader: 11.0.0 - 17.009.20058

Adobe Acrobat: 11.0.0 - 17.009.20058

CPE2.3

External links

https://helpx.adobe.com/security/products/acrobat/apsb17-24.html

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

25) Memory corruption

EUVDB-ID: #VU7778

Risk: High

CVSSv4.0: 5.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2017-11222

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to boundary error in the Product Representation Compact (PRC) engine. A remote attacker can send a specially crafted file, trick the victim into opening it, trigger memory corruption and execute arbitrary code with system privileges.

Successful exploitation of the vulnerability may result in system compromise.

Mitigation

Update Acrobat DC and Acrobat Reader DC to version 2015.006.30352 or 2017.012.20093.
Update Acrobat 2017 and Acrobat Reader 2017 to version 2017.011.30059.
Update Acrobat XI and Reader XI to version 11.21.

Vulnerable software versions

Adobe Reader: 11.0.0 - 17.009.20058

Adobe Acrobat: 11.0.0 - 17.009.20058

CPE2.3

External links

https://helpx.adobe.com/security/products/acrobat/apsb17-24.html

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

26) Use-after-free error

EUVDB-ID: #VU7779

Risk: High

CVSSv4.0: 5.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2017-11223

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to use-after-free error in the core of the XFA engine. A remote attacker can send a specially crafted file, trick the victim into opening it, trigger memory corruption and execute arbitrary code with system privileges.

Successful exploitation of the vulnerability may result in system compromise.

Mitigation

Update Acrobat DC and Acrobat Reader DC to version 2015.006.30352 or 2017.012.20093.
Update Acrobat 2017 and Acrobat Reader 2017 to version 2017.011.30059.
Update Acrobat XI and Reader XI to version 11.21.

Vulnerable software versions

Adobe Reader: 11.0.0 - 17.009.20058

Adobe Acrobat: 11.0.0 - 17.009.20058

CPE2.3

External links

https://helpx.adobe.com/security/products/acrobat/apsb17-24.html

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

27) Use-after-free error

EUVDB-ID: #VU7780

Risk: High

CVSSv4.0: 5.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2017-11224

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to use-after-free error in the XFA layout engine. A remote attacker can send a specially crafted file, trick the victim into opening it, trigger memory corruption and execute arbitrary code with system privileges.

Successful exploitation of the vulnerability may result in system compromise.

Mitigation

Update Acrobat DC and Acrobat Reader DC to version 2015.006.30352 or 2017.012.20093.
Update Acrobat 2017 and Acrobat Reader 2017 to version 2017.011.30059.
Update Acrobat XI and Reader XI to version 11.21.

Vulnerable software versions

Adobe Reader: 11.0.0 - 17.009.20058

Adobe Acrobat: 11.0.0 - 17.009.20058

CPE2.3

External links

https://helpx.adobe.com/security/products/acrobat/apsb17-24.html

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

28) Memory corruption

EUVDB-ID: #VU7781

Risk: High

CVSSv4.0: 5.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2017-11226

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to boundary error in the image processing engine when processing JPEG 2000 (JP2) code stream data. A remote attacker can send a specially crafted file, trick the victim into opening it, trigger memory corruption and execute arbitrary code with system privileges.

Successful exploitation of the vulnerability may result in system compromise.

Mitigation

Update Acrobat DC and Acrobat Reader DC to version 2015.006.30352 or 2017.012.20093.
Update Acrobat 2017 and Acrobat Reader 2017 to version 2017.011.30059.
Update Acrobat XI and Reader XI to version 11.21.

Vulnerable software versions

Adobe Reader: 11.0.0 - 17.009.20058

Adobe Acrobat: 11.0.0 - 17.009.20058

CPE2.3

External links

https://helpx.adobe.com/security/products/acrobat/apsb17-24.html

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

29) Memory corruption

EUVDB-ID: #VU7782

Risk: High

CVSSv4.0: 5.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2017-11227

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to boundary error in the image conversion engine when processing Enhanced Metafile Format (EMF) private data. A remote attacker can send a specially crafted file, trick the victim into opening it, trigger memory corruption and execute arbitrary code with system privileges.

Successful exploitation of the vulnerability may result in system compromise.

Mitigation

Update Acrobat DC and Acrobat Reader DC to version 2015.006.30352 or 2017.012.20093.
Update Acrobat 2017 and Acrobat Reader 2017 to version 2017.011.30059.
Update Acrobat XI and Reader XI to version 11.21.

Vulnerable software versions

Adobe Reader: 11.0.0 - 17.009.20058

Adobe Acrobat: 11.0.0 - 17.009.20058

CPE2.3

External links

https://helpx.adobe.com/security/products/acrobat/apsb17-24.html

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

30) Memory corruption

EUVDB-ID: #VU7783

Risk: High

CVSSv4.0: 5.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2017-11228

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to boundary error in the image conversion engine when processing JPEG 2000 (JP2) code stream data. A remote attacker can send a specially crafted file, trick the victim into opening it, trigger memory corruption and execute arbitrary code with system privileges.

Successful exploitation of the vulnerability may result in system compromise.

Mitigation

Update Acrobat DC and Acrobat Reader DC to version 2015.006.30352 or 2017.012.20093.
Update Acrobat 2017 and Acrobat Reader 2017 to version 2017.011.30059.
Update Acrobat XI and Reader XI to version 11.21.

Vulnerable software versions

Adobe Reader: 11.0.0 - 17.009.20058

Adobe Acrobat: 11.0.0 - 17.009.20058

CPE2.3

External links

https://helpx.adobe.com/security/products/acrobat/apsb17-24.html

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

31) Security restrictions bypass

EUVDB-ID: #VU7784

Risk: High

CVSSv4.0: 5.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2017-11229

CWE-ID: CWE-264 - Permissions, Privileges, and Access Controls

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to improper access controls when manipulating Forms Data Format (FDF). A remote attacker can send a specially crafted file, trick the victim into opening it, bypass security restrictions and execute arbitrary code with system privileges.

Successful exploitation of the vulnerability may result in system compromise.

Mitigation

Update Acrobat DC and Acrobat Reader DC to version 2015.006.30352 or 2017.012.20093.
Update Acrobat 2017 and Acrobat Reader 2017 to version 2017.011.30059.
Update Acrobat XI and Reader XI to version 11.21.

Vulnerable software versions

Adobe Reader: 11.0.0 - 17.009.20058

Adobe Acrobat: 11.0.0 - 17.009.20058

CPE2.3

External links

https://helpx.adobe.com/security/products/acrobat/apsb17-24.html

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

32) Memory corruption

EUVDB-ID: #VU7820

Risk: Low

CVSSv4.0: 1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2017-11230

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a remote attacker to obtain potentially sensitive information.

The weakness exists due to boundary error in the JPEG 2000 engine. A remote attacker can send a specially crafted file, trick the victim into opening it, trigger memory corruption and read arbitrary files on the system.

Successful exploitation of the vulnerability results in information disclosure.

Mitigation

Update Acrobat DC and Acrobat Reader DC to version 2015.006.30352 or 2017.012.20093.
Update Acrobat 2017 and Acrobat Reader 2017 to version 2017.011.30059.
Update Acrobat XI and Reader XI to version 11.21.

Vulnerable software versions

Adobe Reader: 11.0.0 - 17.009.20058

Adobe Acrobat: 11.0.0 - 17.009.20058

CPE2.3

External links

https://helpx.adobe.com/security/products/acrobat/apsb17-24.html

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

33) Use-after-free error

EUVDB-ID: #VU7785

Risk: High

CVSSv4.0: 5.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2017-11231

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to use-after-free error in Acrobat/Reader rendering engine. A remote attacker can send a specially crafted file, trick the victim into opening it, trigger memory corruption and execute arbitrary code with system privileges.

Successful exploitation of the vulnerability may result in system compromise.

Mitigation

Update Acrobat DC and Acrobat Reader DC to version 2015.006.30352 or 2017.012.20093.
Update Acrobat 2017 and Acrobat Reader 2017 to version 2017.011.30059.
Update Acrobat XI and Reader XI to version 11.21.

Vulnerable software versions

Adobe Reader: 11.0.0 - 17.009.20058

Adobe Acrobat: 11.0.0 - 17.009.20058

CPE2.3

External links

https://helpx.adobe.com/security/products/acrobat/apsb17-24.html

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

34) Use-after-free error

EUVDB-ID: #VU7819

Risk: Low

CVSSv4.0: 1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2017-11232

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a remote attacker to obtain potentially sensitive information.

The weakness exists due to use-after-free error when processing Enhanced Metafile Format (EMF) data related to brush manipulation. A remote attacker can send a specially crafted file, trick the victim into opening it, trigger memory corruption and read arbitrary files on the system.

Successful exploitation of the vulnerability results in information disclosure.

Mitigation

Update Acrobat DC and Acrobat Reader DC to version 2015.006.30352 or 2017.012.20093.
Update Acrobat 2017 and Acrobat Reader 2017 to version 2017.011.30059.
Update Acrobat XI and Reader XI to version 11.21.

Vulnerable software versions

Adobe Reader: 11.0.0 - 17.009.20058

Adobe Acrobat: 11.0.0 - 17.009.20058

CPE2.3

External links

https://helpx.adobe.com/security/products/acrobat/apsb17-24.html

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

35) Memory corruption

EUVDB-ID: #VU7818

Risk: Low

CVSSv4.0: 1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2017-11233

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a remote attacker to obtain potentially sensitive information.

The weakness exists due to boundary error in the image conversion engine when processing Enhanced Metafile Format (EMF) data related to block transfer of pixels. A remote attacker can send a specially crafted file, trick the victim into opening it, trigger memory corruption and read arbitrary files on the system.

Successful exploitation of the vulnerability results in information disclosure.

Mitigation

Update Acrobat DC and Acrobat Reader DC to version 2015.006.30352 or 2017.012.20093.
Update Acrobat 2017 and Acrobat Reader 2017 to version 2017.011.30059.
Update Acrobat XI and Reader XI to version 11.21.

Vulnerable software versions

Adobe Reader: 11.0.0 - 17.009.20058

Adobe Acrobat: 11.0.0 - 17.009.20058

CPE2.3

External links

https://helpx.adobe.com/security/products/acrobat/apsb17-24.html

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

36) Memory corruption

EUVDB-ID: #VU7786

Risk: High

CVSSv4.0: 5.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2017-11234

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to boundary error in the image conversion engine when processing TIFF data related to the way how the components of each pixel are stored. A remote attacker can send a specially crafted file, trick the victim into opening it, trigger memory corruption and execute arbitrary code with system privileges.

Successful exploitation of the vulnerability may result in system compromise.

Mitigation

Update Acrobat DC and Acrobat Reader DC to version 2015.006.30352 or 2017.012.20093.
Update Acrobat 2017 and Acrobat Reader 2017 to version 2017.011.30059.
Update Acrobat XI and Reader XI to version 11.21.

Vulnerable software versions

Adobe Reader: 11.0.0 - 17.009.20058

Adobe Acrobat: 11.0.0 - 17.009.20058

CPE2.3

External links

https://helpx.adobe.com/security/products/acrobat/apsb17-24.html

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

37) Use-after-free error

EUVDB-ID: #VU7787

Risk: High

CVSSv4.0: 5.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2017-11235

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to use-after-free error in the image conversion engine when decompressing JPEG data. A remote attacker can send a specially crafted file, trick the victim into opening it, trigger memory corruption and execute arbitrary code with system privileges.

Successful exploitation of the vulnerability may result in system compromise.

Mitigation

Update Acrobat DC and Acrobat Reader DC to version 2015.006.30352 or 2017.012.20093.
Update Acrobat 2017 and Acrobat Reader 2017 to version 2017.011.30059.
Update Acrobat XI and Reader XI to version 11.21.

Vulnerable software versions

Adobe Reader: 11.0.0 - 17.009.20058

Adobe Acrobat: 11.0.0 - 17.009.20058

CPE2.3

External links

https://helpx.adobe.com/security/products/acrobat/apsb17-24.html

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

38) Memory corruption

EUVDB-ID: #VU7817

Risk: Low

CVSSv4.0: 1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2017-11236

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a remote attacker to obtain potentially sensitive information.

The weakness exists due to boundary error in the internal handling of UTF-16 literal strings. A remote attacker can send a specially crafted file, trick the victim into opening it, trigger memory corruption and read arbitrary files on the system.

Successful exploitation of the vulnerability results in information disclosure.

Mitigation

Update Acrobat DC and Acrobat Reader DC to version 2015.006.30352 or 2017.012.20093.
Update Acrobat 2017 and Acrobat Reader 2017 to version 2017.011.30059.
Update Acrobat XI and Reader XI to version 11.21.

Vulnerable software versions

Adobe Reader: 11.0.0 - 17.009.20058

Adobe Acrobat: 11.0.0 - 17.009.20058

CPE2.3

External links

https://helpx.adobe.com/security/products/acrobat/apsb17-24.html

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

39) Memory corruption

EUVDB-ID: #VU7788

Risk: High

CVSSv4.0: 5.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2017-11237

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to boundary error in the font parsing module. A remote attacker can send a specially crafted file, trick the victim into opening it, trigger memory corruption and execute arbitrary code with system privileges.

Successful exploitation of the vulnerability may result in system compromise.

Mitigation

Update Acrobat DC and Acrobat Reader DC to version 2015.006.30352 or 2017.012.20093.
Update Acrobat 2017 and Acrobat Reader 2017 to version 2017.011.30059.
Update Acrobat XI and Reader XI to version 11.21.

Vulnerable software versions

Adobe Reader: 11.0.0 - 17.009.20058

Adobe Acrobat: 11.0.0 - 17.009.20058

CPE2.3

External links

https://helpx.adobe.com/security/products/acrobat/apsb17-24.html

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

40) Memory corruption

EUVDB-ID: #VU7816

Risk: Low

CVSSv4.0: 1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2017-11238

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a remote attacker to obtain potentially sensitive information.

The weakness exists due to boundary error in the image conversion engine when processing Enhanced Metafile Format (EMF) data related to curve drawing. A remote attacker can send a specially crafted file, trick the victim into opening it, trigger memory corruption and read arbitrary files on the system.

Successful exploitation of the vulnerability results in information disclosure.

Mitigation

Update Acrobat DC and Acrobat Reader DC to version 2015.006.30352 or 2017.012.20093.
Update Acrobat 2017 and Acrobat Reader 2017 to version 2017.011.30059.
Update Acrobat XI and Reader XI to version 11.21.

Vulnerable software versions

Adobe Reader: 11.0.0 - 17.009.20058

Adobe Acrobat: 11.0.0 - 17.009.20058

CPE2.3

External links

https://helpx.adobe.com/security/products/acrobat/apsb17-24.html

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

41) Memory corruption

EUVDB-ID: #VU7815

Risk: Low

CVSSv4.0: 1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2017-11239

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a remote attacker to obtain potentially sensitive information.

The weakness exists due to boundary error in the image conversion engine when processing Enhanced Metafile Format (EMF) data related to text strings. A remote attacker can send a specially crafted file, trick the victim into opening it, trigger memory corruption and read arbitrary files on the system.

Successful exploitation of the vulnerability results in information disclosure.

Mitigation

Update Acrobat DC and Acrobat Reader DC to version 2015.006.30352 or 2017.012.20093.
Update Acrobat 2017 and Acrobat Reader 2017 to version 2017.011.30059.
Update Acrobat XI and Reader XI to version 11.21.

Vulnerable software versions

Adobe Reader: 11.0.0 - 17.009.20058

Adobe Acrobat: 11.0.0 - 17.009.20058

CPE2.3

External links

https://helpx.adobe.com/security/products/acrobat/apsb17-24.html

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

42) Heap-based buffer overflow

EUVDB-ID: #VU7789

Risk: High

CVSSv4.0: 5.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2017-11241

CWE-ID: CWE-122 - Heap-based Buffer Overflow

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to heap-based buffer overflow in the image conversion engine when processing Enhanced Metafile Format (EMF) data related to polygons. A remote attacker can send a specially crafted .pdf file, trick the victim into opening it, trigger memory corruption and execute arbitrary code with system privileges.

Successful exploitation of the vulnerability may result in system compromise.

Mitigation

Update Acrobat DC and Acrobat Reader DC to version 2015.006.30352 or 2017.012.20093.
Update Acrobat 2017 and Acrobat Reader 2017 to version 2017.011.30059.
Update Acrobat XI and Reader XI to version 11.21.

Vulnerable software versions

Adobe Reader: 11.0.0 - 17.009.20058

Adobe Acrobat: 11.0.0 - 17.009.20058

CPE2.3

External links

https://helpx.adobe.com/security/products/acrobat/apsb17-24.html

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

43) Memory corruption

EUVDB-ID: #VU7814

Risk: Low

CVSSv4.0: 1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2017-11242

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a remote attacker to obtain potentially sensitive information.

The weakness exists due to boundary error in the image conversion engine when processing Enhanced Metafile Format (EMF) data related to line segments. A remote attacker can send a specially crafted file, trick the victim into opening it, trigger memory corruption and read arbitrary files on the system.

Successful exploitation of the vulnerability results in information disclosure.

Mitigation

Update Acrobat DC and Acrobat Reader DC to version 2015.006.30352 or 2017.012.20093.
Update Acrobat 2017 and Acrobat Reader 2017 to version 2017.011.30059.
Update Acrobat XI and Reader XI to version 11.21.

Vulnerable software versions

Adobe Reader: 11.0.0 - 17.009.20058

Adobe Acrobat: 11.0.0 - 17.009.20058

CPE2.3

External links

https://helpx.adobe.com/security/products/acrobat/apsb17-24.html

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

44) Memory corruption

EUVDB-ID: #VU7813

Risk: Low

CVSSv4.0: 1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2017-11243

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a remote attacker to obtain potentially sensitive information.

The weakness exists due to boundary error in the XSLT engine. A remote attacker can send a specially crafted file, trick the victim into opening it, trigger memory corruption and read arbitrary files on the system.

Successful exploitation of the vulnerability results in information disclosure.

Mitigation

Update Acrobat DC and Acrobat Reader DC to version 2015.006.30352 or 2017.012.20093.
Update Acrobat 2017 and Acrobat Reader 2017 to version 2017.011.30059.
Update Acrobat XI and Reader XI to version 11.21.

Vulnerable software versions

Adobe Reader: 11.0.0 - 17.009.20058

Adobe Acrobat: 11.0.0 - 17.009.20058

CPE2.3

External links

https://helpx.adobe.com/security/products/acrobat/apsb17-24.html

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

45) Memory corruption

EUVDB-ID: #VU7812

Risk: Low

CVSSv4.0: 1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2017-11244

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a remote attacker to obtain potentially sensitive information.

The weakness exists due to boundary error in the image conversion engine when processing Enhanced Metafile Format (EMF) data related to transformation of blocks of pixels. A remote attacker can send a specially crafted file, trick the victim into opening it, trigger memory corruption and read arbitrary files on the system.

Successful exploitation of the vulnerability results in information disclosure.

Mitigation

Update Acrobat DC and Acrobat Reader DC to version 2015.006.30352 or 2017.012.20093.
Update Acrobat 2017 and Acrobat Reader 2017 to version 2017.011.30059.
Update Acrobat XI and Reader XI to version 11.21.

Vulnerable software versions

Adobe Reader: 11.0.0 - 17.009.20058

Adobe Acrobat: 11.0.0 - 17.009.20058

CPE2.3

External links

https://helpx.adobe.com/security/products/acrobat/apsb17-24.html

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

46) Memory corruption

EUVDB-ID: #VU7811

Risk: Low

CVSSv4.0: 1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2017-11245

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a remote attacker to obtain potentially sensitive information.

The weakness exists due to boundary error in the image conversion engine when processing Enhanced Metafile Format (EMF) private data. A remote attacker can send a specially crafted file, trick the victim into opening it, trigger memory corruption and read arbitrary files on the system.

Successful exploitation of the vulnerability results in information disclosure.

Mitigation

Update Acrobat DC and Acrobat Reader DC to version 2015.006.30352 or 2017.012.20093.
Update Acrobat 2017 and Acrobat Reader 2017 to version 2017.011.30059.
Update Acrobat XI and Reader XI to version 11.21.

Vulnerable software versions

Adobe Reader: 11.0.0 - 17.009.20058

Adobe Acrobat: 11.0.0 - 17.009.20058

CPE2.3

External links

https://helpx.adobe.com/security/products/acrobat/apsb17-24.html

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

47) Memory corruption

EUVDB-ID: #VU7810

Risk: Low

CVSSv4.0: 1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2017-11246

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a remote attacker to obtain potentially sensitive information.

The weakness exists due to boundary error in the image conversion engine when parsing JPEG data. A remote attacker can send a specially crafted file, trick the victim into opening it, trigger memory corruption and read arbitrary files on the system.

Successful exploitation of the vulnerability results in information disclosure.

Mitigation

Update Acrobat DC and Acrobat Reader DC to version 2015.006.30352 or 2017.012.20093.
Update Acrobat 2017 and Acrobat Reader 2017 to version 2017.011.30059.
Update Acrobat XI and Reader XI to version 11.21.

Vulnerable software versions

Adobe Reader: 11.0.0 - 17.009.20058

Adobe Acrobat: 11.0.0 - 17.009.20058

CPE2.3

External links

https://helpx.adobe.com/security/products/acrobat/apsb17-24.html

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

48) Memory corruption

EUVDB-ID: #VU7809

Risk: Low

CVSSv4.0: 1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2017-11248

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a remote attacker to obtain potentially sensitive information.

The weakness exists due to boundary error in the image conversion engine when processing Enhanced Metafile Format (EMF) data related to pixel block transfer. A remote attacker can send a specially crafted file, trick the victim into opening it, trigger memory corruption and read arbitrary files on the system.

Successful exploitation of the vulnerability results in information disclosure.

Mitigation

Update Acrobat DC and Acrobat Reader DC to version 2015.006.30352 or 2017.012.20093.
Update Acrobat 2017 and Acrobat Reader 2017 to version 2017.011.30059.
Update Acrobat XI and Reader XI to version 11.21.

Vulnerable software versions

Adobe Reader: 11.0.0 - 17.009.20058

Adobe Acrobat: 11.0.0 - 17.009.20058

CPE2.3

External links

https://helpx.adobe.com/security/products/acrobat/apsb17-24.html

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

49) Memory corruption

EUVDB-ID: #VU7808

Risk: Low

CVSSv4.0: 1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2017-11249

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a remote attacker to obtain potentially sensitive information.

The weakness exists due to boundary error in the image conversion engine when parsing an invalid Enhanced Metafile Format (EMF) record. A remote attacker can send a specially crafted file, trick the victim into opening it, trigger memory corruption and read arbitrary files on the system.

Successful exploitation of the vulnerability results in information disclosure.

Mitigation

Update Acrobat DC and Acrobat Reader DC to version 2015.006.30352 or 2017.012.20093.
Update Acrobat 2017 and Acrobat Reader 2017 to version 2017.011.30059.
Update Acrobat XI and Reader XI to version 11.21.

Vulnerable software versions

Adobe Reader: 11.0.0 - 17.009.20058

Adobe Acrobat: 11.0.0 - 17.009.20058

CPE2.3

External links

https://helpx.adobe.com/security/products/acrobat/apsb17-24.html

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

50) Memory corruption

EUVDB-ID: #VU7790

Risk: High

CVSSv4.0: 5.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2017-11251

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to boundary error in the JPEG 2000 parsing module. A remote attacker can send a specially crafted file, trick the victim into opening it, trigger memory corruption and execute arbitrary code with system privileges.

Successful exploitation of the vulnerability may result in system compromise.

Mitigation

Update Acrobat DC and Acrobat Reader DC to version 2015.006.30352 or 2017.012.20093.
Update Acrobat 2017 and Acrobat Reader 2017 to version 2017.011.30059.
Update Acrobat XI and Reader XI to version 11.21.

Vulnerable software versions

Adobe Reader: 11.0.0 - 17.009.20058

Adobe Acrobat: 11.0.0 - 17.009.20058

CPE2.3

External links

https://helpx.adobe.com/security/products/acrobat/apsb17-24.html

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

51) Memory corruption

EUVDB-ID: #VU7807

Risk: Low

CVSSv4.0: 1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2017-11252

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a remote attacker to obtain potentially sensitive information.

The weakness exists due to boundary error in the Adobe Graphics Manager (AGM) module. A remote attacker can send a specially crafted file, trick the victim into opening it, trigger memory corruption and read arbitrary files on the system.

Successful exploitation of the vulnerability results in information disclosure.

Mitigation

Update Acrobat DC and Acrobat Reader DC to version 2015.006.30352 or 2017.012.20093.
Update Acrobat 2017 and Acrobat Reader 2017 to version 2017.011.30059.
Update Acrobat XI and Reader XI to version 11.21.

Vulnerable software versions

Adobe Reader: 11.0.0 - 17.009.20058

Adobe Acrobat: 11.0.0 - 17.009.20058

CPE2.3

External links

https://helpx.adobe.com/security/products/acrobat/apsb17-24.html

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

52) Use-after-free error

EUVDB-ID: #VU7791

Risk: High

CVSSv4.0: 5.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2017-11254

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to use-after-free error in the Acrobat/Reader's JavaScript engine. A remote attacker can send a specially crafted file, trick the victim into opening it, trigger memory corruption and execute arbitrary code with system privileges.

Successful exploitation of the vulnerability may result in system compromise.

Mitigation

Update Acrobat DC and Acrobat Reader DC to version 2015.006.30352 or 2017.012.20093.
Update Acrobat 2017 and Acrobat Reader 2017 to version 2017.011.30059.
Update Acrobat XI and Reader XI to version 11.21.

Vulnerable software versions

Adobe Reader: 11.0.0 - 17.009.20058

Adobe Acrobat: 11.0.0 - 17.009.20058

CPE2.3

External links

https://helpx.adobe.com/security/products/acrobat/apsb17-24.html

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

53) Memory corruption

EUVDB-ID: #VU7806

Risk: Low

CVSSv4.0: 1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2017-11255

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a remote attacker to obtain potentially sensitive information.

The weakness exists due to boundary error in the image conversion engine when processing TIFF color map data. A remote attacker can send a specially crafted file, trick the victim into opening it, trigger memory corruption and read arbitrary files on the system.

Successful exploitation of the vulnerability results in information disclosure.

Mitigation

Update Acrobat DC and Acrobat Reader DC to version 2015.006.30352 or 2017.012.20093.
Update Acrobat 2017 and Acrobat Reader 2017 to version 2017.011.30059.
Update Acrobat XI and Reader XI to version 11.21.

Vulnerable software versions

Adobe Reader: 11.0.0 - 17.009.20058

Adobe Acrobat: 11.0.0 - 17.009.20058

CPE2.3

External links

https://helpx.adobe.com/security/products/acrobat/apsb17-24.html

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

54) Use-after-free error

EUVDB-ID: #VU7792

Risk: High

CVSSv4.0: 5.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2017-11256

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to use-after-free error when generating content using XFA layout engine. A remote attacker can send a specially crafted file, trick the victim into opening it, trigger memory corruption and execute arbitrary code with system privileges.

Successful exploitation of the vulnerability may result in system compromise.

Mitigation

Update Acrobat DC and Acrobat Reader DC to version 2015.006.30352 or 2017.012.20093.
Update Acrobat 2017 and Acrobat Reader 2017 to version 2017.011.30059.
Update Acrobat XI and Reader XI to version 11.21.

Vulnerable software versions

Adobe Reader: 11.0.0 - 17.009.20058

Adobe Acrobat: 11.0.0 - 17.009.20058

CPE2.3

External links

https://helpx.adobe.com/security/products/acrobat/apsb17-24.html

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

55) Type confusion error

EUVDB-ID: #VU7793

Risk: High

CVSSv4.0: 5.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2017-11257

CWE-ID: CWE-843 - Type confusion

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to type confusion error in the XFA layout engine. A remote attacker can send a specially crafted file, trick the victim into opening it and execute arbitrary code with system privileges.

Successful exploitation of the vulnerability may result in system compromise.

Mitigation

Update Acrobat DC and Acrobat Reader DC to version 2015.006.30352 or 2017.012.20093.
Update Acrobat 2017 and Acrobat Reader 2017 to version 2017.011.30059.
Update Acrobat XI and Reader XI to version 11.21.

Vulnerable software versions

Adobe Reader: 11.0.0 - 17.009.20058

Adobe Acrobat: 11.0.0 - 17.009.20058

CPE2.3

External links

https://helpx.adobe.com/security/products/acrobat/apsb17-24.html

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

56) Memory corruption

EUVDB-ID: #VU7805

Risk: Low

CVSSv4.0: 1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2017-11258

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a remote attacker to obtain potentially sensitive information.

The weakness exists due to boundary error in the image conversion engine when processing Enhanced Metafile Format (EMF) private data and the embedded GIF image. A remote attacker can send a specially crafted file, trick the victim into opening it, trigger memory corruption and read arbitrary files on the system.

Successful exploitation of the vulnerability results in information disclosure.

Mitigation

Update Acrobat DC and Acrobat Reader DC to version 2015.006.30352 or 2017.012.20093.
Update Acrobat 2017 and Acrobat Reader 2017 to version 2017.011.30059.
Update Acrobat XI and Reader XI to version 11.21.

Vulnerable software versions

Adobe Reader: 11.0.0 - 17.009.20058

Adobe Acrobat: 11.0.0 - 17.009.20058

CPE2.3

External links

https://helpx.adobe.com/security/products/acrobat/apsb17-24.html

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

57) Memory corruption

EUVDB-ID: #VU7794

Risk: High

CVSSv4.0: 5.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2017-11259

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to boundary error in the image conversion engine when processing Enhanced Metafile Format (EMF) private data. A remote attacker can send a specially crafted file, trick the victim into opening it, trigger memory corruption and execute arbitrary code with system privileges.

Successful exploitation of the vulnerability may result in system compromise.

Mitigation

Update Acrobat DC and Acrobat Reader DC to version 2015.006.30352 or 2017.012.20093.
Update Acrobat 2017 and Acrobat Reader 2017 to version 2017.011.30059.
Update Acrobat XI and Reader XI to version 11.21.

Vulnerable software versions

Adobe Reader: 11.0.0 - 17.009.20058

Adobe Acrobat: 11.0.0 - 17.009.20058

CPE2.3

External links

https://helpx.adobe.com/security/products/acrobat/apsb17-24.html

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

58) Memory corruption

EUVDB-ID: #VU7795

Risk: High

CVSSv4.0: 5.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2017-11260

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to boundary error in the image conversion engine when processing Enhanced Metafile Format (EMF) private data interpreted as a GIF image. A remote attacker can send a specially crafted file, trick the victim into opening it, trigger memory corruption and execute arbitrary code with system privileges.

Successful exploitation of the vulnerability may result in system compromise.

Mitigation

Update Acrobat DC and Acrobat Reader DC to version 2015.006.30352 or 2017.012.20093.
Update Acrobat 2017 and Acrobat Reader 2017 to version 2017.011.30059.
Update Acrobat XI and Reader XI to version 11.21.

Vulnerable software versions

Adobe Reader: 11.0.0 - 17.009.20058

Adobe Acrobat: 11.0.0 - 17.009.20058

CPE2.3

External links

https://helpx.adobe.com/security/products/acrobat/apsb17-24.html

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

59) Memory corruption

EUVDB-ID: #VU7796

Risk: High

CVSSv4.0: 5.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2017-11261

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to boundary error in the image conversion engine when processing Enhanced Metafile Format (EMF) private data and the embedded TIF image. A remote attacker can send a specially crafted file, trick the victim into opening it, trigger memory corruption and execute arbitrary code with system privileges.

Successful exploitation of the vulnerability may result in system compromise.

Mitigation

Update Acrobat DC and Acrobat Reader DC to version 2015.006.30352 or 2017.012.20093.
Update Acrobat 2017 and Acrobat Reader 2017 to version 2017.011.30059.
Update Acrobat XI and Reader XI to version 11.21.

Vulnerable software versions

Adobe Reader: 11.0.0 - 17.009.20058

Adobe Acrobat: 11.0.0 - 17.009.20058

CPE2.3

External links

https://helpx.adobe.com/security/products/acrobat/apsb17-24.html

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

60) Memory corruption

EUVDB-ID: #VU7797

Risk: High

CVSSv4.0: 5.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2017-11262

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to boundary error in the image conversion engine when processing Enhanced Metafile Format (EMF) data related to drawing ASCII text string. A remote attacker can send a specially crafted file, trick the victim into opening it, trigger memory corruption and execute arbitrary code with system privileges.

Successful exploitation of the vulnerability may result in system compromise.

Mitigation

Update Acrobat DC and Acrobat Reader DC to version 2015.006.30352 or 2017.012.20093.
Update Acrobat 2017 and Acrobat Reader 2017 to version 2017.011.30059.
Update Acrobat XI and Reader XI to version 11.21.

Vulnerable software versions

Adobe Reader: 11.0.0 - 17.009.20058

Adobe Acrobat: 11.0.0 - 17.009.20058

CPE2.3

External links

https://helpx.adobe.com/security/products/acrobat/apsb17-24.html

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

61) Memory corruption

EUVDB-ID: #VU7798

Risk: High

CVSSv4.0: 5.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2017-11263

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to boundary error in the internal data structure manipulation related to document encoding. A remote attacker can send a specially crafted file, trick the victim into opening it, trigger memory corruption and execute arbitrary code with system privileges.

Successful exploitation of the vulnerability may result in system compromise.

Mitigation

Update Acrobat DC and Acrobat Reader DC to version 2015.006.30352 or 2017.012.20093.
Update Acrobat 2017 and Acrobat Reader 2017 to version 2017.011.30059.
Update Acrobat XI and Reader XI to version 11.21.

Vulnerable software versions

Adobe Reader: 11.0.0 - 17.009.20058

Adobe Acrobat: 11.0.0 - 17.009.20058

CPE2.3

External links

https://helpx.adobe.com/security/products/acrobat/apsb17-24.html

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

62) Memory corruption

EUVDB-ID: #VU7804

Risk: Low

CVSSv4.0: 1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2017-11265

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a remote attacker to obtain potentially sensitive information.

The weakness exists due to boundary error in the image conversion engine when processing Enhanced Metafile Format (EMF) private data interpreted as JPEG data. A remote attacker can send a specially crafted file, trick the victim into opening it, trigger memory corruption and read arbitrary files on the system.

Successful exploitation of the vulnerability results in information disclosure.

Mitigation

Update Acrobat DC and Acrobat Reader DC to version 2015.006.30352 or 2017.012.20093.
Update Acrobat 2017 and Acrobat Reader 2017 to version 2017.011.30059.
Update Acrobat XI and Reader XI to version 11.21.

Vulnerable software versions

Adobe Reader: 11.0.0 - 17.009.20058

Adobe Acrobat: 11.0.0 - 17.009.20058

CPE2.3

External links

https://helpx.adobe.com/security/products/acrobat/apsb17-24.html

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

63) Memory corruption

EUVDB-ID: #VU7799

Risk: High

CVSSv4.0: 5.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2017-11267

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to boundary error in the image conversion engine when processing Enhanced Metafile Format (EMF) private data interpreted as JPEG data. A remote attacker can send a specially crafted file, trick the victim into opening it, trigger memory corruption and execute arbitrary code with system privileges.

Successful exploitation of the vulnerability may result in system compromise.

Mitigation

Update Acrobat DC and Acrobat Reader DC to version 2015.006.30352 or 2017.012.20093.
Update Acrobat 2017 and Acrobat Reader 2017 to version 2017.011.30059.
Update Acrobat XI and Reader XI to version 11.21.

Vulnerable software versions

Adobe Reader: 11.0.0 - 17.009.20058

Adobe Acrobat: 11.0.0 - 17.009.20058

CPE2.3

External links

https://helpx.adobe.com/security/products/acrobat/apsb17-24.html

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

64) Memory corruption

EUVDB-ID: #VU7800

Risk: High

CVSSv4.0: 5.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2017-11268

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to boundary error in the image conversion engine when processing Enhanced Metafile Format (EMF) private JPEG data. A remote attacker can send a specially crafted file, trick the victim into opening it, trigger memory corruption and execute arbitrary code with system privileges.

Successful exploitation of the vulnerability may result in system compromise.

Mitigation

Update Acrobat DC and Acrobat Reader DC to version 2015.006.30352 or 2017.012.20093.
Update Acrobat 2017 and Acrobat Reader 2017 to version 2017.011.30059.
Update Acrobat XI and Reader XI to version 11.21.

Vulnerable software versions

Adobe Reader: 11.0.0 - 17.009.20058

Adobe Acrobat: 11.0.0 - 17.009.20058

CPE2.3

External links

https://helpx.adobe.com/security/products/acrobat/apsb17-24.html

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

65) Memory corruption

EUVDB-ID: #VU7801

Risk: High

CVSSv4.0: 5.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2017-11269

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to boundary error in the image conversion engine when processing Enhanced Metafile Format (EMF) image stream data. A remote attacker can send a specially crafted file, trick the victim into opening it, trigger memory corruption and execute arbitrary code with system privileges.

Successful exploitation of the vulnerability may result in system compromise.

Mitigation

Update Acrobat DC and Acrobat Reader DC to version 2015.006.30352 or 2017.012.20093.
Update Acrobat 2017 and Acrobat Reader 2017 to version 2017.011.30059.
Update Acrobat XI and Reader XI to version 11.21.

Vulnerable software versions

Adobe Reader: 11.0.0 - 17.009.20058

Adobe Acrobat: 11.0.0 - 17.009.20058

CPE2.3

External links

https://helpx.adobe.com/security/products/acrobat/apsb17-24.html

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

66) Memory corruption

EUVDB-ID: #VU7802

Risk: High

CVSSv4.0: 5.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2017-11270

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to boundary error in the image conversion engine when processing Enhanced Metafile Format (EMF) private data representing icons. A remote attacker can send a specially crafted file, trick the victim into opening it, trigger memory corruption and execute arbitrary code with system privileges.

Successful exploitation of the vulnerability may result in system compromise.

Mitigation

Update Acrobat DC and Acrobat Reader DC to version 2015.006.30352 or 2017.012.20093.
Update Acrobat 2017 and Acrobat Reader 2017 to version 2017.011.30059.
Update Acrobat XI and Reader XI to version 11.21.

Vulnerable software versions

Adobe Reader: 11.0.0 - 17.009.20058

Adobe Acrobat: 11.0.0 - 17.009.20058

CPE2.3

External links

https://helpx.adobe.com/security/products/acrobat/apsb17-24.html

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

67) Memory corruption

EUVDB-ID: #VU7803

Risk: High

CVSSv4.0: 5.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2017-11271

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to boundary error in the image conversion engine when processing Enhanced Metafile Format (EMF) data related to transfer of pixel blocks. A remote attacker can send a specially crafted file, trick the victim into opening it, trigger memory corruption and execute arbitrary code with system privileges.

Successful exploitation of the vulnerability may result in system compromise.

Mitigation

Update Acrobat DC and Acrobat Reader DC to version 2015.006.30352 or 2017.012.20093.
Update Acrobat 2017 and Acrobat Reader 2017 to version 2017.011.30059.
Update Acrobat XI and Reader XI to version 11.21.

Vulnerable software versions

Adobe Reader: 11.0.0 - 17.009.20058

Adobe Acrobat: 11.0.0 - 17.009.20058

CPE2.3

External links

https://helpx.adobe.com/security/products/acrobat/apsb17-24.html

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website or open a file.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Risk	High
Patch available	YES
Number of vulnerabilities	67
CVE-ID	CVE-2017-3016 CVE-2017-3038 CVE-2017-3113 CVE-2017-3115 CVE-2017-3116 CVE-2017-3117 CVE-2017-3118 CVE-2017-3119 CVE-2017-3120 CVE-2017-3121 CVE-2017-3122 CVE-2017-3123 CVE-2017-3124 CVE-2017-11209 CVE-2017-11210 CVE-2017-11211 CVE-2017-11212 CVE-2017-11214 CVE-2017-11216 CVE-2017-11217 CVE-2017-11218 CVE-2017-11219 CVE-2017-11220 CVE-2017-11221 CVE-2017-11222 CVE-2017-11223 CVE-2017-11224 CVE-2017-11226 CVE-2017-11227 CVE-2017-11228 CVE-2017-11229 CVE-2017-11230 CVE-2017-11231 CVE-2017-11232 CVE-2017-11233 CVE-2017-11234 CVE-2017-11235 CVE-2017-11236 CVE-2017-11237 CVE-2017-11238 CVE-2017-11239 CVE-2017-11241 CVE-2017-11242 CVE-2017-11243 CVE-2017-11244 CVE-2017-11245 CVE-2017-11246 CVE-2017-11248 CVE-2017-11249 CVE-2017-11251 CVE-2017-11252 CVE-2017-11254 CVE-2017-11255 CVE-2017-11256 CVE-2017-11257 CVE-2017-11258 CVE-2017-11259 CVE-2017-11260 CVE-2017-11261 CVE-2017-11262 CVE-2017-11263 CVE-2017-11265 CVE-2017-11267 CVE-2017-11268 CVE-2017-11269 CVE-2017-11270 CVE-2017-11271
CWE-ID	CWE-119 CWE-416 CWE-20 CWE-122 CWE-843 CWE-264
Exploitation vector	Network
Public exploit	N/A
Vulnerable software	Adobe Reader Client/Desktop applications / Office applications Adobe Acrobat Client/Desktop applications / Office applications Other
Vendor	Adobe