CVSS: 9.3EPSS: 7%CPEs: 8EXPL: 0CVE-2017-16406 – Adobe Acrobat Pro DC ImageConversion EMF EMR_COMMENT Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2017-16406
09 Dec 2017 — An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. This vulnerability is an instance of a type confusion vulnerability in the EMF processing module. The issue causes the program to access an object using an incompatible type, leading to an out of bounds memory access. Attackers can exploit the vulnerability by using the out of bounds access for unintended reads, ... • http://www.securityfocus.com/bid/101815 • CWE-125: Out-of-bounds Read •
CVSS: 9.3EPSS: 0%CPEs: 8EXPL: 0CVE-2017-16412
https://notcve.org/view.php?id=CVE-2017-16412
09 Dec 2017 — An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. This vulnerability occurs because of a computation that reads data that is past the end of the target buffer; the computation is part of the XPS conversion module, when handling a JPEG resource. The use of an invalid (out-of-range) pointer offset during access of internal data structure fields causes the vulnerab... • http://www.securityfocus.com/bid/102140 • CWE-125: Out-of-bounds Read •
CVSS: 9.3EPSS: 2%CPEs: 8EXPL: 0CVE-2017-16413
https://notcve.org/view.php?id=CVE-2017-16413
09 Dec 2017 — An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. The vulnerability is caused by a computation that writes data past the end of the intended buffer; the computation is part of the XPS to PDF conversion module, when processing TIFF files. The vulnerability is a result of an out of range pointer offset that is used to access sub-elements of an internal data struct... • http://www.securityfocus.com/bid/101812 • CWE-787: Out-of-bounds Write •
CVSS: 9.3EPSS: 0%CPEs: 8EXPL: 0CVE-2017-16420
https://notcve.org/view.php?id=CVE-2017-16420
09 Dec 2017 — An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. This vulnerability occurs as a result of a computation that reads data that is past the end of the target buffer; the computation is in the part of the JavaScript engine that handles annotation abstraction. The use of an invalid (out-of-range) pointer offset during access of internal data structure fields causes ... • http://www.securityfocus.com/bid/102140 • CWE-125: Out-of-bounds Read •
CVSS: 9.3EPSS: 0%CPEs: 8EXPL: 0CVE-2017-16394
https://notcve.org/view.php?id=CVE-2017-16394
09 Dec 2017 — An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. This vulnerability occurs as a result of a computation that reads data that is past the end of the target buffer; the computation is a part of the WebCapture module. The use of an invalid (out-of-range) pointer offset during access of internal data structure fields causes the vulnerability. A successful attack ca... • http://www.securityfocus.com/bid/102140 • CWE-125: Out-of-bounds Read •
CVSS: 9.3EPSS: 0%CPEs: 8EXPL: 0CVE-2017-16405
https://notcve.org/view.php?id=CVE-2017-16405
09 Dec 2017 — An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. This vulnerability occurs as a result of a computation that reads data that is past the end of the target buffer; the computation is part of Acrobat's page display functionality. The use of an invalid (out-of-range) pointer offset during access of internal data structure fields causes the vulnerability. A success... • http://www.securityfocus.com/bid/102140 • CWE-125: Out-of-bounds Read •
CVSS: 9.3EPSS: 1%CPEs: 8EXPL: 0CVE-2017-16368 – Adobe Acrobat Pro DC PDF Forms Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2017-16368
09 Dec 2017 — An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. This vulnerability leads to a stack-based buffer overflow condition in the internal Unicode string manipulation module. It is triggered by an invalid PDF file, where a crafted Unicode string causes an out of bounds memory access of a stack allocated buffer, due to improper checks when manipulating an offset of a ... • http://www.securityfocus.com/bid/101816 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.5EPSS: 0%CPEs: 8EXPL: 0CVE-2017-16369 – Adobe Acrobat Pro DC iframe Same Origin Policy Bypass Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2017-16369
21 Nov 2017 — An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. This vulnerability is an instance of a Same Origin Policy security bypass vulnerability, affecting files on the local system, etc. Se ha descubierto un problema en Adobe Acrobat y Reader: 2017.012.20098 y versiones anteriores, 2017.011.30066 y versiones anteriores, 2015.006.30355 y versiones anteriores y 11.0.22 ... • http://www.securityfocus.com/bid/101820 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.3EPSS: 4%CPEs: 8EXPL: 0CVE-2017-16384 – Adobe Acrobat Pro DC XPS PNG tEXT Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2017-16384
14 Nov 2017 — An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. The vulnerability is caused by a buffer over-read in the exif processing module for a PNG file (during XPS conversion). Invalid input leads to a computation where pointer arithmetic results in a location outside valid memory locations belonging to the buffer. An attack can be used to obtain sensitive information,... • http://www.securityfocus.com/bid/101824 • CWE-125: Out-of-bounds Read •
CVSS: 9.3EPSS: 2%CPEs: 8EXPL: 0CVE-2017-16381 – Adobe Acrobat Pro DC XPS TIFF dir Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2017-16381
14 Nov 2017 — An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. The vulnerability is caused by a buffer access with an incorrect length value when processing TIFF files embedded within an XPS document. Crafted TIFF image input causes a mismatch between allocated buffer size and the access allowed by the computation. If an attacker can adequately control the accessible memory ... • http://www.securityfocus.com/bid/101831 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •