CVE-2017-3009 – Adobe Reader DC JPEG2000 Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2017-3009
Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable buffer overflow vulnerability in the JPEG2000 parser. Successful exploitation could lead to information disclosure. Adobe Acrobat Reader versiones 15.020.20042 y en versiones anteriores a 15.006.30244 y en versiones anteriores a 11.0.18 y versiones anteriores tienen una vulnerabilidad explotable de desbordamiento de búfer en el analizador JPEG2000. Una explotación exitosa podría conducir a la divulgación de información. This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Adobe Reader DC. • http://www.securityfocus.com/bid/97302 https://helpx.adobe.com/security/products/acrobat/apsb17-01.html • CWE-125: Out-of-bounds Read •
CVE-2017-2971
https://notcve.org/view.php?id=CVE-2017-2971
Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable heap overflow vulnerability in the JPEG decoder routine. Successful exploitation could lead to arbitrary code execution. Las versiones de Adobe Acrobat Reader 15.020.20042 y anteriores, 15.006.30244 y anteriores, 11.0.18 y anteriores tienen una vulnerabilidad explotable de desbordamiento de pila en la rutina del decodificador JPEG. Una explotación exitosa podría conducir a la ejecución de código arbitrario. • http://www.securityfocus.com/bid/95690 http://www.talosintelligence.com/reports/TALOS-2016-0259 https://helpx.adobe.com/security/products/acrobat/apsb17-01.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2017-2972
https://notcve.org/view.php?id=CVE-2017-2972
Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable memory corruption vulnerability in the image conversion module related to JPEG parsing. Successful exploitation could lead to arbitrary code execution. Las versiones de Adobe Acrobat Reader 15.020.20042 y anteriores, 15.006.30244 y anteriores, 11.0.18 y anteriores tienen una vulnerabilidad explotable de corrupción de memoria en el módulo de conversación de imágenes relacionado con el análisis JPEG. Una explotación exitosa podría conducir a la ejecución de código arbitrario. • http://www.securityfocus.com/bid/95690 https://helpx.adobe.com/security/products/acrobat/apsb17-01.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2017-2970 – Adobe Reader DC XSLT apply-templates Heap-based Buffer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2017-2970
Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable heap overflow vulnerability in the XSLT engine related to template manipulation. Successful exploitation could lead to arbitrary code execution. Las versiones de Adobe Acrobat Reader 15.020.20042 y anteriores, 15.006.30244 y anteriores, 11.0.18 y anteriores tienen una vulnerabilidad explotable de desbordamiento de pila en el motor XSLT relacionada con la manipulación de plantilla. Una explotación exitosa podría conducir a la ejecución de código arbitrario. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Acrobat Reader DC. • http://www.securityfocus.com/bid/95690 https://helpx.adobe.com/security/products/acrobat/apsb17-01.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2017-2947
https://notcve.org/view.php?id=CVE-2017-2947
Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have a security bypass vulnerability when manipulating Form Data Format (FDF). Las versiones de Adobe Acrobat Reader 15.020.20042 y anteriores, 15.006.30244 y anteriores, 11.0.18 y anteriores tienen una vulnerabilidad para eludir la seguridad cuando manipulan Form Data Format (FDF). • http://www.securityfocus.com/bid/95348 http://www.securitytracker.com/id/1037574 https://helpx.adobe.com/security/products/acrobat/apsb17-01.html • CWE-20: Improper Input Validation •