CVE-2017-16380
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. This vulnerability is an instance of a security bypass vulnerability for a certain file-type extension. Acrobat maintains both a blacklist and whitelist (the user can specify an allowed attachment). However, any file extensions that are neither on the blacklist nor the whitelist can still be opened after displaying a warning prompt.
Se ha descubierto un problema en Adobe Acrobat y Reader: 2017.012.20098 y versiones anteriores, 2017.011.30066 y versiones anteriores, 2015.006.30355 y versiones anteriores y 11.0.22 y versiones anteriores. La vulnerabilidad es un ejemplo de omisión de seguridad para cierta extensión de tipo de archivo. Acrobat mantiene tanto una lista negra como una blanca (el usuario puede especificar un adjunto permitido). Sin embargo, cualquier extensión de archivo que no esté ni en la lista negra ni en la blanca puede ser abierto tras mostrar un mensaje de advertencia.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2017-11-01 CVE Reserved
- 2017-12-09 CVE Published
- 2023-09-24 EPSS Updated
- 2024-08-05 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
CAPEC
References (3)
| URL | Tag | Source |
|---|---|---|
| http://www.securityfocus.com/bid/101814 | Third Party Advisory | |
| http://www.securitytracker.com/id/1039791 | Third Party Advisory |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://helpx.adobe.com/security/products/acrobat/apsb17-36.html | 2019-10-03 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Adobe Search vendor "Adobe" | Acrobat Search vendor "Adobe" for product "Acrobat" | <= 11.0.22 Search vendor "Adobe" for product "Acrobat" and version " <= 11.0.22" | - |
Affected
| ||||||
| Adobe Search vendor "Adobe" | Acrobat Search vendor "Adobe" for product "Acrobat" | >= 17.0 <= 17.011.30066 Search vendor "Adobe" for product "Acrobat" and version " >= 17.0 <= 17.011.30066" | - |
Affected
| ||||||
| Adobe Search vendor "Adobe" | Acrobat Dc Search vendor "Adobe" for product "Acrobat Dc" | <= 17.012.20098 Search vendor "Adobe" for product "Acrobat Dc" and version " <= 17.012.20098" | continuous |
Affected
| ||||||
| Adobe Search vendor "Adobe" | Acrobat Dc Search vendor "Adobe" for product "Acrobat Dc" | >= 15.0 <= 15.006.30355 Search vendor "Adobe" for product "Acrobat Dc" and version " >= 15.0 <= 15.006.30355" | classic |
Affected
| ||||||
| Adobe Search vendor "Adobe" | Acrobat Reader Search vendor "Adobe" for product "Acrobat Reader" | <= 11.0.22 Search vendor "Adobe" for product "Acrobat Reader" and version " <= 11.0.22" | - |
Affected
| ||||||
| Adobe Search vendor "Adobe" | Acrobat Reader Search vendor "Adobe" for product "Acrobat Reader" | >= 17.0 <= 17.011.30066 Search vendor "Adobe" for product "Acrobat Reader" and version " >= 17.0 <= 17.011.30066" | - |
Affected
| ||||||
| Adobe Search vendor "Adobe" | Acrobat Reader Dc Search vendor "Adobe" for product "Acrobat Reader Dc" | <= 17.012.20098 Search vendor "Adobe" for product "Acrobat Reader Dc" and version " <= 17.012.20098" | continuous |
Affected
| ||||||
| Adobe Search vendor "Adobe" | Acrobat Reader Dc Search vendor "Adobe" for product "Acrobat Reader Dc" | >= 15.0 <= 15.006.30355 Search vendor "Adobe" for product "Acrobat Reader Dc" and version " >= 15.0 <= 15.006.30355" | classic |
Affected
| ||||||