CVSS: 9.3EPSS: 1%CPEs: 10EXPL: 0CVE-2017-11234 – Adobe Acrobat Pro DC ImageConversion TIFF Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2017-11234
Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conversion engine when processing TIFF data related to the way how the components of each pixel are stored. Successful exploitation could lead to arbitrary code execution. Adobe Acrobat Reader 2017.009.20058 y anteriores, 2017.008.30051 y anteriores, 2015.006.30306 y anteriores, y 11.0.20 y anteriores tiene una vulnerabilidad de corrupción de memoria en el motor de conversión de imagen cuando procesa datos TIFF relacionados con la manera en la que se almacenan los componentes de cada píxel. La explotación con éxito de esta vulnerabilidad podría permitir la ejecución arbitraria de código. This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Adobe Acrobat Pro DC. • http://www.securityfocus.com/bid/100179 http://www.securitytracker.com/id/1039098 https://helpx.adobe.com/security/products/acrobat/apsb17-24.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.5EPSS: 1%CPEs: 10EXPL: 0CVE-2017-11265 – Adobe Acrobat Pro DC PDF Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2017-11265
Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the Adobe Graphics Manager module. Successful exploitation could lead to arbitrary code execution. Adobe Acrobat Reader 2017.009.20058 y anteriores, 2017.008.30051 y anteriores, 2015.006.30306 y anteriores, y 11.0.20 y anteriores tiene una vulnerabilidad de corrupción de memoria en el módulo Adobe Graphics Manager. La explotación con éxito de esta vulnerabilidad podría permitir la ejecución arbitraria de código. This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Adobe Acrobat Pro DC. • http://www.securityfocus.com/bid/100184 http://www.securitytracker.com/id/1039098 https://helpx.adobe.com/security/products/acrobat/apsb17-24.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 1%CPEs: 10EXPL: 0CVE-2017-11211 – Adobe Acrobat Pro DC ImageConversion JPEG Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2017-11211
Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable heap overflow vulnerability in the JPEG parser. Successful exploitation could lead to arbitrary code execution. Adobe Acrobat Reader 2017.009.20058 y anteriores, 2017.008.30051 y anteriores, 2015.006.30306 y anteriores, y 11.0.20 y anteriores tiene una vulnerabilidad de desbordamiento basado en memoria dinámica en el parser JPEG. La explotación con éxito de esta vulnerabilidad podría permitir la ejecución arbitraria de código. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Acrobat Pro DC. • http://www.securityfocus.com/bid/100180 http://www.securitytracker.com/id/1039098 http://www.zerodayinitiative.com/advisories/ZDI-17-579 https://helpx.adobe.com/security/products/acrobat/apsb17-24.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 2%CPEs: 10EXPL: 0CVE-2017-11241 – Adobe Acrobat Pro DC ImageConversion EMF Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2017-11241
Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable heap overflow vulnerability in the image conversion engine when processing Enhanced Metafile Format (EMF) data related to polygons. Successful exploitation could lead to arbitrary code execution. Adobe Acrobat Reader 2017.009.20058 y anteriores, 2017.008.30051 y anteriores, 2015.006.30306 y anteriores, y 11.0.20 y anteriores tiene una vulnerabilidad de desbordamiento de memoria dinámica en el motor de conversión de imagen cuando procesa datos Enhanced Metafile Format (EMF) relacionados con los polígonos. La explotación con éxito de esta vulnerabilidad podría permitir la ejecución arbitraria de código. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Acrobat Pro DC. • http://www.securityfocus.com/bid/100180 http://www.securitytracker.com/id/1039098 https://helpx.adobe.com/security/products/acrobat/apsb17-24.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 4%CPEs: 8EXPL: 0CVE-2016-1111 – Adobe Reader DC Graphics State Dictionary Double Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2016-1111
Double free vulnerability in Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC Classic before 15.006.30119, and Acrobat and Acrobat Reader DC Continuous before 15.010.20056 on Windows and OS X allows attackers to execute arbitrary code via a crafted Graphics State dictionary. Vulnerabilidad de liberación doble de memoria en Adobe Reader y Acrobat en versiones anteriores a 11.0.14, Acrobat y Acrobat Reader DC Classic en versiones anteriores a 15.006.30119 y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 15.010.20056 sobre Windows y OS X permite a atacantes ejecutar código arbitrario a través de un diccionario Graphics State manipulado. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within Graphics State Dictionary parsing. A specially crafted Graphics State Dictionary inside a PDF document can trigger a double free condition. • http://www.zerodayinitiative.com/advisories/ZDI-16-273 https://helpx.adobe.com/security/products/acrobat/apsb16-02.html •