8.8
CVSSv3

CVE-2017-16365

Published: 09/12/2017 Updated: 03/10/2019
CVSS v2 Base Score: 9.3 | Impact Score: 10 | Exploitability Score: 8.6
CVSS v3 Base Score: 8.8 | Impact Score: 5.9 | Exploitability Score: 2.8
VMScore: 828
Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C

Vulnerability Summary

An issue exists in Adobe Acrobat and Reader: 2017.012.20098 and previous versions versions, 2017.011.30066 and previous versions versions, 2015.006.30355 and previous versions versions, and 11.0.22 and previous versions versions. The vulnerability is caused by a buffer over-read in the True Type2 Font parsing module. A corrupted cmap table input leads to a computation where the pointer arithmetic results in a location outside valid memory locations belonging to the buffer. An attack can be used to obtain sensitive information, such as object heap addresses, etc.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

adobe acrobat reader dc

adobe acrobat dc

adobe acrobat

adobe acrobat reader