Published: 09/12/2017 Updated: 15/12/2017
CVSS v2 Base Score: 9.3 | Impact Score: 10 | Exploitability Score: 8.6
CVSS v3 Base Score: 8.8 | Impact Score: 5.9 | Exploitability Score: 2.8
VMScore: 828
Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C

Vulnerability Summary

An issue exists in Adobe Acrobat and Reader: 2017.012.20098 and previous versions versions, 2017.011.30066 and previous versions versions, 2015.006.30355 and previous versions versions, and 11.0.22 and previous versions versions. This vulnerability leads to a stack-based buffer overflow condition in the internal Unicode string manipulation module. It is triggered by an invalid PDF file, where a crafted Unicode string causes an out of bounds memory access of a stack allocated buffer, due to improper checks when manipulating an offset of a pointer to the buffer. Attackers can exploit the vulnerability and achieve arbitrary code execution if they can effectively control the accessible memory.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

adobe acrobat reader dc

adobe acrobat dc

adobe acrobat

adobe acrobat reader