CVE-2017-3048 – Adobe Acrobat Pro DC ImageConversion TIFF Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2017-3048
Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable heap overflow vulnerability in the image conversion engine, related to internal scan line representation in TIFF files. Successful exploitation could lead to arbitrary code execution. Las versiones de Adobe Acrobat Reader 11.0.19 y anteriores, 15.006.30280 y anteriores, 15.023.20070 y anteriores tienen una vulnerabilidad explotable de desbordamiento de montón en el motor de conversión de imágenes, relacionado con la representación de línea de exploración interna en archivos TIFF. Una explotación exitosa podría conducir a la ejecución arbitraria de código. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Acrobat Pro DC. • http://www.securityfocus.com/bid/97549 http://www.securitytracker.com/id/1038228 http://www.zerodayinitiative.com/advisories/ZDI-17-272 https://helpx.adobe.com/security/products/acrobat/apsb17-11.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2017-2971
https://notcve.org/view.php?id=CVE-2017-2971
Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable heap overflow vulnerability in the JPEG decoder routine. Successful exploitation could lead to arbitrary code execution. Las versiones de Adobe Acrobat Reader 15.020.20042 y anteriores, 15.006.30244 y anteriores, 11.0.18 y anteriores tienen una vulnerabilidad explotable de desbordamiento de pila en la rutina del decodificador JPEG. Una explotación exitosa podría conducir a la ejecución de código arbitrario. • http://www.securityfocus.com/bid/95690 http://www.talosintelligence.com/reports/TALOS-2016-0259 https://helpx.adobe.com/security/products/acrobat/apsb17-01.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2017-2972
https://notcve.org/view.php?id=CVE-2017-2972
Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable memory corruption vulnerability in the image conversion module related to JPEG parsing. Successful exploitation could lead to arbitrary code execution. Las versiones de Adobe Acrobat Reader 15.020.20042 y anteriores, 15.006.30244 y anteriores, 11.0.18 y anteriores tienen una vulnerabilidad explotable de corrupción de memoria en el módulo de conversación de imágenes relacionado con el análisis JPEG. Una explotación exitosa podría conducir a la ejecución de código arbitrario. • http://www.securityfocus.com/bid/95690 https://helpx.adobe.com/security/products/acrobat/apsb17-01.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2017-2970 – Adobe Reader DC XSLT apply-templates Heap-based Buffer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2017-2970
Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable heap overflow vulnerability in the XSLT engine related to template manipulation. Successful exploitation could lead to arbitrary code execution. Las versiones de Adobe Acrobat Reader 15.020.20042 y anteriores, 15.006.30244 y anteriores, 11.0.18 y anteriores tienen una vulnerabilidad explotable de desbordamiento de pila en el motor XSLT relacionada con la manipulación de plantilla. Una explotación exitosa podría conducir a la ejecución de código arbitrario. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Acrobat Reader DC. • http://www.securityfocus.com/bid/95690 https://helpx.adobe.com/security/products/acrobat/apsb17-01.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2017-2947
https://notcve.org/view.php?id=CVE-2017-2947
Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have a security bypass vulnerability when manipulating Form Data Format (FDF). Las versiones de Adobe Acrobat Reader 15.020.20042 y anteriores, 15.006.30244 y anteriores, 11.0.18 y anteriores tienen una vulnerabilidad para eludir la seguridad cuando manipulan Form Data Format (FDF). • http://www.securityfocus.com/bid/95348 http://www.securitytracker.com/id/1037574 https://helpx.adobe.com/security/products/acrobat/apsb17-01.html • CWE-20: Improper Input Validation •