CVSS: 9.3EPSS: 2%CPEs: 8EXPL: 0CVE-2017-16404 – Adobe Acrobat Pro DC ImageConversion EMF EmfPlusObject Heap-based Buffer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2017-16404
14 Nov 2017 — An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. The vulnerability is caused by a computation that writes data past the end of the intended buffer; the computation is part of processing Enhanced Metafile Format Plus (EMF+). The vulnerability is a result of an out of range pointer offset that is used to access sub-elements of an internal data structure. An attac... • http://www.securityfocus.com/bid/102140 • CWE-125: Out-of-bounds Read •
CVSS: 6.5EPSS: 0%CPEs: 10EXPL: 0CVE-2017-3118
https://notcve.org/view.php?id=CVE-2017-3118
11 Aug 2017 — Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has a security bypass vulnerability related to execution of malicious attachments. Adobe Acrobat Reader 2017.009.20058 y anteriores, 2017.008.30051 y anteriores, 2015.006.30306 y anteriores, y 11.0.20 y anteriores tiene una vulnerabilidad de omisión de seguridad relacionada con la ejecución de archivos adjuntos maliciosos. • http://www.securityfocus.com/bid/100189 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.3EPSS: 0%CPEs: 10EXPL: 0CVE-2017-11220
https://notcve.org/view.php?id=CVE-2017-11220
11 Aug 2017 — Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable heap overflow vulnerability in an internal data structure. Successful exploitation could lead to arbitrary code execution. Adobe Acrobat Reader 2017.009.20058 y anteriores, 2017.008.30051 y anteriores, 2015.006.30306 y anteriores, y 11.0.20 y anteriores tiene una vulnerabilidad de desbordamiento de memoria dinámica en una estructura de datos interna. La explotac... • http://www.securityfocus.com/bid/100180 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 0%CPEs: 10EXPL: 0CVE-2017-3117
https://notcve.org/view.php?id=CVE-2017-3117
11 Aug 2017 — Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable heap overflow vulnerability in the plugin that handles links within the PDF. Successful exploitation could lead to arbitrary code execution. Adobe Acrobat Reader 2017.009.20058 y anteriores, 2017.008.30051 y anteriores, 2015.006.30306 y anteriores, y 11.0.20 y anteriores tiene una vulnerabilidad de desbordamiento de memoria dinámica en el plugin que gestiona enl... • http://www.securityfocus.com/bid/100180 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 2%CPEs: 10EXPL: 0CVE-2017-11221
https://notcve.org/view.php?id=CVE-2017-11221
11 Aug 2017 — Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable type confusion vulnerability in the annotation functionality. Successful exploitation could lead to arbitrary code execution. Adobe Acrobat Reader 2017.009.20058 y anteriores, 2017.008.30051 y anteriores, 2015.006.30306 y anteriores, y 11.0.20 y anteriores tiene una vulnerabilidad explotable de confusión de tipo en la funcionalidad de anotación. La explotación c... • http://www.securityfocus.com/bid/100181 • CWE-704: Incorrect Type Conversion or Cast •
CVSS: 9.3EPSS: 4%CPEs: 10EXPL: 0CVE-2017-11222
https://notcve.org/view.php?id=CVE-2017-11222
11 Aug 2017 — Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the Product Representation Compact (PRC) engine. Successful exploitation could lead to arbitrary code execution. Adobe Acrobat Reader 2017.009.20058 y anteriores, 2017.008.30051 y anteriores, 2015.006.30306 y anteriores, y 11.0.20 y anteriores tiene una vulnerabilidad de corrupción de memoria en el motor Product Representation ... • http://www.securityfocus.com/bid/100179 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 4%CPEs: 10EXPL: 0CVE-2017-11226
https://notcve.org/view.php?id=CVE-2017-11226
11 Aug 2017 — Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image processing engine when processing JPEG 2000 (JP2) code stream data. Successful exploitation could lead to arbitrary code execution. Adobe Acrobat Reader 2017.009.20058 y anteriores, 2017.008.30051 y anteriores, 2015.006.30306 y anteriores, y 11.0.20 y anteriores tiene una vulnerabilidad de corrupción de memoria en el ... • http://www.securityfocus.com/bid/100179 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 0%CPEs: 10EXPL: 0CVE-2017-11229
https://notcve.org/view.php?id=CVE-2017-11229
11 Aug 2017 — Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has a security bypass vulnerability when manipulating Forms Data Format (FDF). Adobe Acrobat Reader 2017.009.20058 y anteriores, 2017.008.30051 y anteriores, 2015.006.30306 y anteriores, y 11.0.20 y anteriores tiene una vulnerabilidad de omisión de seguridad cuando se manipula el formato Forms Data Format (FDF). • http://www.securityfocus.com/bid/100186 •
CVSS: 8.8EPSS: 1%CPEs: 10EXPL: 0CVE-2017-11254
https://notcve.org/view.php?id=CVE-2017-11254
11 Aug 2017 — Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable use after free vulnerability in the Acrobat/Reader's JavaScript engine. Successful exploitation could lead to arbitrary code execution. Adobe Acrobat Reader 2017.009.20058 y anteriores, 2017.008.30051 y anteriores, 2015.006.30306 y anteriores, y 11.0.20 y anteriores tiene una vulnerabilidad de uso de memoria antes de liberación (use after free) en el motor JavaS... • http://www.securityfocus.com/bid/100182 • CWE-416: Use After Free •
CVSS: 9.3EPSS: 4%CPEs: 10EXPL: 0CVE-2017-11262
https://notcve.org/view.php?id=CVE-2017-11262
11 Aug 2017 — Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conversion engine when processing Enhanced Metafile Format (EMF) data related to drawing ASCII text string. Successful exploitation could lead to arbitrary code execution. Adobe Acrobat Reader 2017.009.20058 y anteriores, 2017.008.30051 y anteriores, 2015.006.30306 y anteriores, y 11.0.20 y anteriores tiene una vulner... • http://www.securityfocus.com/bid/100179 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •