Summary
| Detail | |||
|---|---|---|---|
| Vendor | Adobe | First view | 2016-10-13 |
| Product | Reader | Last view | 2017-08-11 |
| Version | 11.0.17 | Type | Application |
| Update | * | ||
| Edition | * | ||
| Language | * | ||
| Sofware Edition | * | ||
| Target Software | * | ||
| Target Hardware | * | ||
| Other | * | ||
| CPE Product | cpe:2.3:a:adobe:reader | ||
Activity : Overall
Related : CVE
| Date | Alert | Description | |
|---|---|---|---|
| 9.8 | 2017-08-11 | CVE-2017-3124 | Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the picture exchange (PCX) file format parsing module. Successful exploitation could lead to arbitrary code execution. |
| 8.8 | 2017-08-11 | CVE-2017-3123 | Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conversion engine when processing Enhanced Metafile Format (EMF) data drawing position definition. Successful exploitation could lead to arbitrary code execution. |
| 6.5 | 2017-08-11 | CVE-2017-3122 | Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conversion engine when processing Enhanced Metafile Format (EMF) data related to Bezier curves. Successful exploitation could lead to arbitrary code execution. |
| 8.8 | 2017-08-11 | CVE-2017-3121 | Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the Enhanced Metafile Format (EMF) parser. Successful exploitation could lead to arbitrary code execution. |
| 8.8 | 2017-08-11 | CVE-2017-3120 | Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable use after free vulnerability in the XFA parsing engine when handling certain types of internal instructions. Successful exploitation could lead to arbitrary code execution. |
| 8.8 | 2017-08-11 | CVE-2017-3119 | Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in Acrobat/Reader 11.0.19 engine. Successful exploitation could lead to arbitrary code execution. |
| 6.5 | 2017-08-11 | CVE-2017-3118 | Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has a security bypass vulnerability related to execution of malicious attachments. |
| 8.8 | 2017-08-11 | CVE-2017-3117 | Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable heap overflow vulnerability in the plugin that handles links within the PDF. Successful exploitation could lead to arbitrary code execution. |
| 8.8 | 2017-08-11 | CVE-2017-3116 | Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the MakeAccessible plugin when parsing TrueType font data. Successful exploitation could lead to arbitrary code execution. |
| 6.5 | 2017-08-11 | CVE-2017-3115 | Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an information disclosure vulnerability when handling links in a PDF document. |
| 8.8 | 2017-08-11 | CVE-2017-3113 | Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable use after free vulnerability in JavaScript engine when creating large strings. Successful exploitation could lead to arbitrary code execution. |
| 8.8 | 2017-08-11 | CVE-2017-3016 | Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution. |
| 8.8 | 2017-08-11 | CVE-2017-11271 | Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conversion engine when processing Enhanced Metafile Format (EMF) data related to transfer of pixel blocks. Successful exploitation could lead to arbitrary code execution. |
| 8.8 | 2017-08-11 | CVE-2017-11270 | Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conversion engine when processing Enhanced Metafile Format (EMF) private data representing icons. Successful exploitation could lead to arbitrary code execution. |
| 8.8 | 2017-08-11 | CVE-2017-11269 | Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conversion engine when processing Enhanced Metafile Format (EMF) image stream data. Successful exploitation could lead to arbitrary code execution. |
| 8.8 | 2017-08-11 | CVE-2017-11268 | Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conversion engine when processing Enhanced Metafile Format (EMF) private JPEG data. Successful exploitation could lead to arbitrary code execution. |
| 8.8 | 2017-08-11 | CVE-2017-11267 | Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conversion engine when processing Enhanced Metafile Format (EMF) private data interpreted as JPEG data. Successful exploitation could lead to arbitrary code execution. |
| 6.5 | 2017-08-11 | CVE-2017-11265 | Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the Adobe Graphics Manager module. Successful exploitation could lead to arbitrary code execution. |
| 8.8 | 2017-08-11 | CVE-2017-11263 | Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the internal data structure manipulation related to document encoding. Successful exploitation could lead to arbitrary code execution. |
| 8.8 | 2017-08-11 | CVE-2017-11262 | Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conversion engine when processing Enhanced Metafile Format (EMF) data related to drawing ASCII text string. Successful exploitation could lead to arbitrary code execution. |
| 8.8 | 2017-08-11 | CVE-2017-11261 | Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conversion engine when processing Enhanced Metafile Format (EMF) private data and the embedded TIF image. Successful exploitation could lead to arbitrary code execution. |
| 8.8 | 2017-08-11 | CVE-2017-11260 | Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conversion engine when processing Enhanced Metafile Format (EMF) private data interpreted as a GIF image. Successful exploitation could lead to arbitrary code execution. |
| 8.8 | 2017-08-11 | CVE-2017-11259 | Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conversion engine when processing Enhanced Metafile Format (EMF) private data. Successful exploitation could lead to arbitrary code execution. |
| 6.5 | 2017-08-11 | CVE-2017-11258 | Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conversion engine when processing Enhanced Metafile Format (EMF) private data and the embedded GIF image. Successful exploitation could lead to arbitrary code execution. |
| 8.8 | 2017-08-11 | CVE-2017-11257 | Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable type confusion vulnerability in the XFA layout engine. Successful exploitation could lead to arbitrary code execution. |
CWE : Common Weakness Enumeration
| % | id | Name |
|---|---|---|
| 66% (148) | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
| 19% (44) | CWE-416 | Use After Free |
| 5% (12) | CWE-125 | Out-of-bounds Read |
| 1% (4) | CWE-200 | Information Exposure |
| 1% (3) | CWE-787 | Out-of-bounds Write |
| 1% (3) | CWE-704 | Incorrect Type Conversion or Cast |
| 0% (2) | CWE-427 | Uncontrolled Search Path Element |
| 0% (2) | CWE-190 | Integer Overflow or Wraparound |
| 0% (1) | CWE-284 | Access Control (Authorization) Issues |
| 0% (1) | CWE-254 | Security Features |
| 0% (1) | CWE-191 | Integer Underflow (Wrap or Wraparound) |
| 0% (1) | CWE-20 | Improper Input Validation |
Snort® IPS/IDS
| Date | Description |
|---|---|
| 2019-07-16 | Adobe Acrobat TIFF heap buffer overflow attempt RuleID : 50444 - Type : FILE-IMAGE - Revision : 2 |
| 2019-07-16 | Adobe Acrobat TIFF heap buffer overflow attempt RuleID : 50443 - Type : FILE-IMAGE - Revision : 2 |
| 2019-07-16 | Adobe Acrobat TIFF heap buffer overflow attempt RuleID : 50442 - Type : FILE-IMAGE - Revision : 2 |
| 2019-07-16 | Adobe Acrobat TIFF heap buffer overflow attempt RuleID : 50441 - Type : FILE-IMAGE - Revision : 2 |
| 2019-03-12 | Adobe Acrobat TIFF heap buffer overflow attempt RuleID : 49125 - Type : FILE-IMAGE - Revision : 2 |
| 2019-03-12 | Adobe Acrobat TIFF heap buffer overflow attempt RuleID : 49124 - Type : FILE-IMAGE - Revision : 2 |
| 2019-03-12 | Adobe Acrobat TIFF heap buffer overflow attempt RuleID : 49123 - Type : FILE-IMAGE - Revision : 2 |
| 2019-03-12 | Adobe Acrobat TIFF heap buffer overflow attempt RuleID : 49122 - Type : FILE-IMAGE - Revision : 2 |
| 2017-12-13 | Adobe Acrobat Reader JPEG2000 codestream memory corruption attempt RuleID : 44794 - Type : FILE-PDF - Revision : 3 |
| 2017-12-13 | Adobe Acrobat Reader JPEG2000 codestream memory corruption attempt RuleID : 44793 - Type : FILE-PDF - Revision : 3 |
| 2017-11-14 | Adobe Acrobat Pro malformed EMF memory corruption attempt RuleID : 44551 - Type : FILE-IMAGE - Revision : 3 |
| 2017-11-14 | Adobe Acrobat Pro malformed EMF memory corruption attempt RuleID : 44550 - Type : FILE-IMAGE - Revision : 4 |
| 2017-10-03 | Adobe Acrobat Reader embedded JS array memory corruption attempt RuleID : 44209 - Type : FILE-PDF - Revision : 2 |
| 2017-10-03 | Adobe Acrobat Reader embedded JS array memory corruption attempt RuleID : 44208 - Type : FILE-PDF - Revision : 2 |
| 2017-10-03 | Adobe Acrobat Reader embedded JS array memory corruption attempt RuleID : 44207 - Type : FILE-PDF - Revision : 2 |
| 2017-10-03 | Adobe Acrobat Reader embedded JS array memory corruption attempt RuleID : 44206 - Type : FILE-PDF - Revision : 2 |
| 2017-09-28 | Adobe Professional JPEG ICC profile heap overflow attempt RuleID : 44170 - Type : FILE-PDF - Revision : 4 |
| 2017-09-28 | Adobe Professional JPEG ICC profile heap overflow attempt RuleID : 44169 - Type : FILE-PDF - Revision : 4 |
| 2017-09-26 | Adobe Reader XFA event use after free attempt RuleID : 44145 - Type : FILE-PDF - Revision : 3 |
| 2017-09-26 | Adobe Reader XFA event use after free attempt RuleID : 44144 - Type : FILE-PDF - Revision : 3 |
| 2017-09-26 | Adobe Acrobat Professional EMF JPEG APP13 malformed record memory corruption ... RuleID : 44122 - Type : FILE-OTHER - Revision : 5 |
| 2017-09-26 | Adobe Acrobat Professional EMF JPEG APP13 malformed record memory corruption ... RuleID : 44121 - Type : FILE-OTHER - Revision : 5 |
| 2017-09-26 | Adobe Acrobat Professional EMF JPEG APP13 malformed record crash attempt RuleID : 44120 - Type : FILE-OTHER - Revision : 3 |
| 2017-09-26 | Adobe Acrobat Professional EMF JPEG APP13 malformed record crash attempt RuleID : 44119 - Type : FILE-OTHER - Revision : 3 |
| 2017-09-26 | Adobe Professional EMF file TIFF image size memory corruption attempt RuleID : 44115 - Type : FILE-OTHER - Revision : 4 |
Nessus® Vulnerability Scanner
| id | Description |
|---|---|
| 2017-08-11 | Name: The version of Adobe Acrobat installed on the remote Windows host is affected... File: adobe_acrobat_apsb17-24.nasl - Type: ACT_GATHER_INFO |
| 2017-08-11 | Name: The version of Adobe Reader installed on the remote Windows host is affected ... File: adobe_reader_apsb17-24.nasl - Type: ACT_GATHER_INFO |
| 2017-08-11 | Name: The version of Adobe Acrobat installed on the remote host is affected by mult... File: macosx_adobe_acrobat_apsb17-24.nasl - Type: ACT_GATHER_INFO |
| 2017-08-11 | Name: The version of Adobe Reader installed on the remote host is affected by multi... File: macosx_adobe_reader_apsb17-24.nasl - Type: ACT_GATHER_INFO |
| 2017-04-14 | Name: The version of Adobe Acrobat installed on the remote Windows host is affected... File: adobe_acrobat_apsb17-11.nasl - Type: ACT_GATHER_INFO |
| 2017-04-14 | Name: The version of Adobe Reader installed on the remote Windows host is affected ... File: adobe_reader_apsb17-11.nasl - Type: ACT_GATHER_INFO |
| 2017-04-14 | Name: The version of Adobe Acrobat installed on the remote host is affected by mult... File: macosx_adobe_acrobat_apsb17-11.nasl - Type: ACT_GATHER_INFO |
| 2017-04-14 | Name: The version of Adobe Reader installed on the remote host is affected by multi... File: macosx_adobe_reader_apsb17-11.nasl - Type: ACT_GATHER_INFO |
| 2017-01-12 | Name: The version of Adobe Acrobat installed on the remote Windows host is affected... File: adobe_acrobat_apsb17-01.nasl - Type: ACT_GATHER_INFO |
| 2017-01-12 | Name: The version of Adobe Reader installed on the remote Windows host is affected ... File: adobe_reader_apsb17-01.nasl - Type: ACT_GATHER_INFO |
| 2017-01-12 | Name: The version of Adobe Acrobat installed on the remote macOS or Mac OS X host i... File: macosx_adobe_acrobat_apsb17-01.nasl - Type: ACT_GATHER_INFO |
| 2017-01-12 | Name: The version of Adobe Reader installed on the remote macOS or Mac OS X host is... File: macosx_adobe_reader_apsb17-01.nasl - Type: ACT_GATHER_INFO |
| 2016-10-14 | Name: The version of Adobe Acrobat installed on the remote Windows host is affected... File: adobe_acrobat_apsb16-33.nasl - Type: ACT_GATHER_INFO |
| 2016-10-14 | Name: The version of Adobe Reader installed on the remote Windows host is affected ... File: adobe_reader_apsb16-33.nasl - Type: ACT_GATHER_INFO |
| 2016-10-14 | Name: The version of Adobe Acrobat installed on the remote macOS or Mac OS X host i... File: macosx_adobe_acrobat_apsb16-33.nasl - Type: ACT_GATHER_INFO |
| 2016-10-14 | Name: The version of Adobe Reader installed on the remote macOS or Mac OS X host is... File: macosx_adobe_reader_apsb16-33.nasl - Type: ACT_GATHER_INFO |
