CVSS: 9.3EPSS: 27%CPEs: 8EXPL: 0CVE-2017-16392 – Adobe Acrobat Pro DC JPEG Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2017-16392
09 Dec 2017 — An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. The vulnerability is caused by a buffer access with an incorrect length value in the JPEG processing module. Crafted input with an unexpected JPEG file segment size causes a mismatch between allocated buffer size and the access allowed by the computation. If an attacker can adequately control the accessible memor... • http://www.securityfocus.com/bid/101831 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 9%CPEs: 8EXPL: 0CVE-2017-16394
https://notcve.org/view.php?id=CVE-2017-16394
09 Dec 2017 — An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. This vulnerability occurs as a result of a computation that reads data that is past the end of the target buffer; the computation is a part of the WebCapture module. The use of an invalid (out-of-range) pointer offset during access of internal data structure fields causes the vulnerability. A successful attack ca... • http://www.securityfocus.com/bid/102140 • CWE-125: Out-of-bounds Read •
CVSS: 9.3EPSS: 9%CPEs: 8EXPL: 0CVE-2017-16409 – Adobe Acrobat Pro DC ImageConversion EMF EMR_EXTTEXTOUTA Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2017-16409
09 Dec 2017 — An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. This vulnerability occurs as a result of a computation that reads data that is past the end of the target buffer; the computation is part of the Adobe graphics module responsible for displaying textual data. The use of an invalid (out-of-range) pointer offset during access of internal data structure fields causes... • http://www.securityfocus.com/bid/102140 • CWE-125: Out-of-bounds Read •
CVSS: 9.3EPSS: 9%CPEs: 8EXPL: 0CVE-2017-16364
https://notcve.org/view.php?id=CVE-2017-16364
09 Dec 2017 — An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. This issue is due to an untrusted pointer dereference when handling number format dictionary entries. In this scenario, the input is crafted in way that the computation results in pointers to memory locations that do not belong to the relevant process address space. The dereferencing operation is a read operation... • http://www.securityfocus.com/bid/101813 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 9%CPEs: 8EXPL: 0CVE-2017-16375
https://notcve.org/view.php?id=CVE-2017-16375
09 Dec 2017 — An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. This issue is due to an untrusted pointer dereference in the JavaSscript API engine. In this scenario, the JavaScript input is crafted in way that the computation results in pointers to memory locations that do not belong to the relevant process address space. The dereferencing operation is a read operation, and ... • http://www.securityfocus.com/bid/101813 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 9%CPEs: 8EXPL: 0CVE-2017-16362
https://notcve.org/view.php?id=CVE-2017-16362
09 Dec 2017 — An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. This vulnerability is an instance of an out of bounds read vulnerability in the MakeAccesible plugin, when handling font data. It causes an out of bounds memory access, which sometimes triggers an access violation exception. Attackers can exploit the vulnerability by using the out of bounds access for unintended ... • http://www.securityfocus.com/bid/102140 • CWE-125: Out-of-bounds Read •
CVSS: 9.3EPSS: 9%CPEs: 8EXPL: 0CVE-2017-16406 – Adobe Acrobat Pro DC ImageConversion EMF EMR_COMMENT Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2017-16406
09 Dec 2017 — An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. This vulnerability is an instance of a type confusion vulnerability in the EMF processing module. The issue causes the program to access an object using an incompatible type, leading to an out of bounds memory access. Attackers can exploit the vulnerability by using the out of bounds access for unintended reads, ... • http://www.securityfocus.com/bid/101815 • CWE-125: Out-of-bounds Read •
CVSS: 9.3EPSS: 9%CPEs: 8EXPL: 0CVE-2017-16371
https://notcve.org/view.php?id=CVE-2017-16371
09 Dec 2017 — An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. This issue is due to an untrusted pointer dereference in the JavaScript engine. In this scenario, the input is crafted in a way that the computation results in pointers to memory locations that do not belong to the relevant process address space. The dereferencing operation is a read operation, and an attack can ... • http://www.securityfocus.com/bid/101813 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 4%CPEs: 8EXPL: 0CVE-2017-16389
https://notcve.org/view.php?id=CVE-2017-16389
09 Dec 2017 — An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. This vulnerability is an instance of a use after free vulnerability in the JavaScript engine. The mismatch between an old and a new object can provide an attacker with unintended memory access. Successful exploitation could lead to arbitrary code execution. Se ha descubierto un problema en Adobe Acrobat y Reader:... • http://www.securityfocus.com/bid/101818 • CWE-416: Use After Free •
CVSS: 9.3EPSS: 4%CPEs: 8EXPL: 0CVE-2017-16388
https://notcve.org/view.php?id=CVE-2017-16388
09 Dec 2017 — An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. This vulnerability is an instance of a use after free vulnerability in the JavaScript API engine. The mismatch between an old and a new object can provide an attacker with unintended memory access -- potentially leading to code corruption, control-flow hijack, or an information leak attack. Successful exploitatio... • http://www.securityfocus.com/bid/101818 • CWE-416: Use After Free •