CVSS: 9.3EPSS: 4%CPEs: 8EXPL: 0CVE-2017-16384 – Adobe Acrobat Pro DC XPS PNG tEXT Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2017-16384
14 Nov 2017 — An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. The vulnerability is caused by a buffer over-read in the exif processing module for a PNG file (during XPS conversion). Invalid input leads to a computation where pointer arithmetic results in a location outside valid memory locations belonging to the buffer. An attack can be used to obtain sensitive information,... • http://www.securityfocus.com/bid/101824 • CWE-125: Out-of-bounds Read •
CVSS: 9.3EPSS: 3%CPEs: 10EXPL: 0CVE-2017-11222
https://notcve.org/view.php?id=CVE-2017-11222
11 Aug 2017 — Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the Product Representation Compact (PRC) engine. Successful exploitation could lead to arbitrary code execution. Adobe Acrobat Reader 2017.009.20058 y anteriores, 2017.008.30051 y anteriores, 2015.006.30306 y anteriores, y 11.0.20 y anteriores tiene una vulnerabilidad de corrupción de memoria en el motor Product Representation ... • http://www.securityfocus.com/bid/100179 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 3%CPEs: 10EXPL: 0CVE-2017-11262
https://notcve.org/view.php?id=CVE-2017-11262
11 Aug 2017 — Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conversion engine when processing Enhanced Metafile Format (EMF) data related to drawing ASCII text string. Successful exploitation could lead to arbitrary code execution. Adobe Acrobat Reader 2017.009.20058 y anteriores, 2017.008.30051 y anteriores, 2015.006.30306 y anteriores, y 11.0.20 y anteriores tiene una vulner... • http://www.securityfocus.com/bid/100179 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 3%CPEs: 10EXPL: 0CVE-2017-11263
https://notcve.org/view.php?id=CVE-2017-11263
11 Aug 2017 — Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the internal data structure manipulation related to document encoding. Successful exploitation could lead to arbitrary code execution. Adobe Acrobat Reader 2017.009.20058 y anteriores, 2017.008.30051 y anteriores, 2015.006.30306 y anteriores, y 11.0.20 y anteriores tiene una vulnerabilidad de corrupción de memoria en la manipul... • http://www.securityfocus.com/bid/100179 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 2%CPEs: 10EXPL: 0CVE-2017-11221
https://notcve.org/view.php?id=CVE-2017-11221
11 Aug 2017 — Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable type confusion vulnerability in the annotation functionality. Successful exploitation could lead to arbitrary code execution. Adobe Acrobat Reader 2017.009.20058 y anteriores, 2017.008.30051 y anteriores, 2015.006.30306 y anteriores, y 11.0.20 y anteriores tiene una vulnerabilidad explotable de confusión de tipo en la funcionalidad de anotación. La explotación c... • http://www.securityfocus.com/bid/100181 • CWE-704: Incorrect Type Conversion or Cast •
CVSS: 9.3EPSS: 3%CPEs: 10EXPL: 0CVE-2017-11226
https://notcve.org/view.php?id=CVE-2017-11226
11 Aug 2017 — Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image processing engine when processing JPEG 2000 (JP2) code stream data. Successful exploitation could lead to arbitrary code execution. Adobe Acrobat Reader 2017.009.20058 y anteriores, 2017.008.30051 y anteriores, 2015.006.30306 y anteriores, y 11.0.20 y anteriores tiene una vulnerabilidad de corrupción de memoria en el ... • http://www.securityfocus.com/bid/100179 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 0%CPEs: 10EXPL: 0CVE-2017-11254
https://notcve.org/view.php?id=CVE-2017-11254
11 Aug 2017 — Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable use after free vulnerability in the Acrobat/Reader's JavaScript engine. Successful exploitation could lead to arbitrary code execution. Adobe Acrobat Reader 2017.009.20058 y anteriores, 2017.008.30051 y anteriores, 2015.006.30306 y anteriores, y 11.0.20 y anteriores tiene una vulnerabilidad de uso de memoria antes de liberación (use after free) en el motor JavaS... • http://www.securityfocus.com/bid/100182 • CWE-416: Use After Free •
CVSS: 9.3EPSS: 0%CPEs: 10EXPL: 0CVE-2017-11220
https://notcve.org/view.php?id=CVE-2017-11220
11 Aug 2017 — Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable heap overflow vulnerability in an internal data structure. Successful exploitation could lead to arbitrary code execution. Adobe Acrobat Reader 2017.009.20058 y anteriores, 2017.008.30051 y anteriores, 2015.006.30306 y anteriores, y 11.0.20 y anteriores tiene una vulnerabilidad de desbordamiento de memoria dinámica en una estructura de datos interna. La explotac... • http://www.securityfocus.com/bid/100180 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 0%CPEs: 10EXPL: 0CVE-2017-11229
https://notcve.org/view.php?id=CVE-2017-11229
11 Aug 2017 — Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has a security bypass vulnerability when manipulating Forms Data Format (FDF). Adobe Acrobat Reader 2017.009.20058 y anteriores, 2017.008.30051 y anteriores, 2015.006.30306 y anteriores, y 11.0.20 y anteriores tiene una vulnerabilidad de omisión de seguridad cuando se manipula el formato Forms Data Format (FDF). • http://www.securityfocus.com/bid/100186 •
CVSS: 9.3EPSS: 1%CPEs: 10EXPL: 0CVE-2017-11257 – Adobe Acrobat Pro DC XFA nodes Type Confusion Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2017-11257
09 Aug 2017 — Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable type confusion vulnerability in the XFA layout engine. Successful exploitation could lead to arbitrary code execution. Adobe Acrobat Reader 2017.009.20058 y anteriores, 2017.008.30051 y anteriores, 2015.006.30306 y anteriores, y 11.0.20 y anteriores tiene una vulnerabilidad de confusión de tipo en el motor de diseño XFA. La explotación con éxito de esta vulnerab... • http://www.securityfocus.com/bid/100181 • CWE-704: Incorrect Type Conversion or Cast •