CVE-2017-11241 – Adobe Acrobat Pro DC ImageConversion EMF Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2017-11241
Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable heap overflow vulnerability in the image conversion engine when processing Enhanced Metafile Format (EMF) data related to polygons. Successful exploitation could lead to arbitrary code execution. Adobe Acrobat Reader 2017.009.20058 y anteriores, 2017.008.30051 y anteriores, 2015.006.30306 y anteriores, y 11.0.20 y anteriores tiene una vulnerabilidad de desbordamiento de memoria dinámica en el motor de conversión de imagen cuando procesa datos Enhanced Metafile Format (EMF) relacionados con los polígonos. La explotación con éxito de esta vulnerabilidad podría permitir la ejecución arbitraria de código. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Acrobat Pro DC. • http://www.securityfocus.com/bid/100180 http://www.securitytracker.com/id/1039098 https://helpx.adobe.com/security/products/acrobat/apsb17-24.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2017-3124 – Adobe Acrobat Pro DC ImageConversion PCX Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2017-3124
Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the picture exchange (PCX) file format parsing module. Successful exploitation could lead to arbitrary code execution. Adobe Acrobat Reader 2017.009.20058 y anteriores, 2017.008.30051 y anteriores, 2015.006.30306 y anteriores, y 11.0.20 y anteriores tiene una vulnerabilidad de corrupción de memoria en el módulo de parseo de formato de archivo picture exchange (PCX). La explotación con éxito de esta vulnerabilidad podría permitir la ejecución arbitraria de código. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Acrobat Pro DC. • http://www.securityfocus.com/bid/100179 http://www.securitytracker.com/id/1039098 https://helpx.adobe.com/security/products/acrobat/apsb17-24.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2017-3038
https://notcve.org/view.php?id=CVE-2017-3038
Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability when parsing TTF (TrueType font format) stream data. Successful exploitation could lead to arbitrary code execution. Las versiones de Adobe Acrobat Reader 11.0.19 y anteriores, 15.006.30280 y anteriores, 15.023.20070 y anteriores tienen una vulnerabilidad de corrupción de memoria explotable al analizar datos de flujo TTF (formato de fuente TrueType). Una explotación exitosa podría conducir a la ejecución arbitraria de código. • http://www.securityfocus.com/bid/97556 http://www.securitytracker.com/id/1038228 http://www.securitytracker.com/id/1039098 https://helpx.adobe.com/security/products/acrobat/apsb17-11.html https://helpx.adobe.com/security/products/acrobat/apsb17-24.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2017-3057 – Adobe Reader DC Collab documentToStream Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2017-3057
Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable use after free vulnerability in the JavaScript API related to the collaboration functionality. Successful exploitation could lead to arbitrary code execution. Las versiones de Adobe Acrobat Reader 11.0.19 y anteriores, 15.006.30280 y anteriores, 15.023.20070 y anteriores tienen un uso explotable después de la vulnerabilidad gratuita en la API de JavaScript relacionada con la funcionalidad de colaboración. Una explotación exitosa podría conducir a la ejecución arbitraria de código. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Reader DC. • http://www.securityfocus.com/bid/97550 http://www.securitytracker.com/id/1038228 http://www.zerodayinitiative.com/advisories/ZDI-17-282 https://helpx.adobe.com/security/products/acrobat/apsb17-11.html • CWE-416: Use After Free •
CVE-2017-3011
https://notcve.org/view.php?id=CVE-2017-3011
Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable integer overflow vulnerability in the CCITT fax PDF filter. Successful exploitation could lead to arbitrary code execution. Las versiones de Adobe Acrobat Reader 11.0.19 y anteriores, 15.006.30280 y anteriores, 15.023.20070 y anteriores tienen una vulnerabilidad de desbordamiento entero explotable en el filtro CCITT fax PDF. Una explotación exitosa podría conducir a la ejecución arbitraria de código. • http://www.securityfocus.com/bid/97548 http://www.securitytracker.com/id/1038228 https://helpx.adobe.com/security/products/acrobat/apsb17-11.html • CWE-190: Integer Overflow or Wraparound •