CVE-2017-3057 – Adobe Reader DC Collab documentToStream Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2017-3057
Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable use after free vulnerability in the JavaScript API related to the collaboration functionality. Successful exploitation could lead to arbitrary code execution. Las versiones de Adobe Acrobat Reader 11.0.19 y anteriores, 15.006.30280 y anteriores, 15.023.20070 y anteriores tienen un uso explotable después de la vulnerabilidad gratuita en la API de JavaScript relacionada con la funcionalidad de colaboración. Una explotación exitosa podría conducir a la ejecución arbitraria de código. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Reader DC. • http://www.securityfocus.com/bid/97550 http://www.securitytracker.com/id/1038228 http://www.zerodayinitiative.com/advisories/ZDI-17-282 https://helpx.adobe.com/security/products/acrobat/apsb17-11.html • CWE-416: Use After Free •
CVE-2017-3011
https://notcve.org/view.php?id=CVE-2017-3011
Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable integer overflow vulnerability in the CCITT fax PDF filter. Successful exploitation could lead to arbitrary code execution. Las versiones de Adobe Acrobat Reader 11.0.19 y anteriores, 15.006.30280 y anteriores, 15.023.20070 y anteriores tienen una vulnerabilidad de desbordamiento entero explotable en el filtro CCITT fax PDF. Una explotación exitosa podría conducir a la ejecución arbitraria de código. • http://www.securityfocus.com/bid/97548 http://www.securitytracker.com/id/1038228 https://helpx.adobe.com/security/products/acrobat/apsb17-11.html • CWE-190: Integer Overflow or Wraparound •
CVE-2017-3012
https://notcve.org/view.php?id=CVE-2017-3012
Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an insecure library loading (DLL hijacking) vulnerability in the OCR plugin. Las versiones de Adobe Acrobat Reader 11.0.19 y anteriores, 15.006.30280 y anteriores, 15.023.20070 y anteriores tienen una vulnerabilidad de carga de la biblioteca insegura (secuestro de DLL) en el complemento de OCR. • http://www.securityfocus.com/bid/97547 http://www.securitytracker.com/id/1038228 https://helpx.adobe.com/security/products/acrobat/apsb17-11.html • CWE-427: Uncontrolled Search Path Element •
CVE-2017-3013
https://notcve.org/view.php?id=CVE-2017-3013
Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an insecure library loading (DLL hijacking) vulnerability in a DLL related to remote logging. Las versiones de Adobe Acrobat Reader 11.0.19 y anteriores, 15.006.30280 y anteriores, 15.023.20070 y anteriores tienen una vulnerabilidad de carga de la biblioteca insegura (secuestro DLL) en un DLL relacionado con el registro remoto. • http://www.securityfocus.com/bid/97547 http://www.securitytracker.com/id/1038228 https://helpx.adobe.com/security/products/acrobat/apsb17-11.html • CWE-427: Uncontrolled Search Path Element •
CVE-2017-3014
https://notcve.org/view.php?id=CVE-2017-3014
Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable use after free vulnerability in XML Forms Architecture (XFA) related to reset form functionality. Successful exploitation could lead to arbitrary code execution. Las versiones de Adobe Acrobat Reader 11.0.19 y anteriores, 15.006.30280 y anteriores, 15.023.20070 y anteriores tienen un uso después de liberación explotable después de la vulnerabilidad XML Forms Architecture (XFA) relacionada con la funcionalidad del formulario de restablecimiento. Una explotación exitosa podría conducir a la ejecución arbitraria de código. • http://www.securityfocus.com/bid/97550 http://www.securitytracker.com/id/1038228 https://helpx.adobe.com/security/products/acrobat/apsb17-11.html • CWE-416: Use After Free •