CVE-2017-16416
 
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. The vulnerability is caused by a computation that writes data past the end of the intended buffer; the computation is part of the image conversion module that handles Enhanced Metafile Format Plus (EMF+) data. The vulnerability is a result of an out of range pointer offset that is used to access sub-elements of an internal data structure. An attacker can potentially leverage the vulnerability to corrupt sensitive data or execute arbitrary code.
Se ha descubierto un problema en Adobe Acrobat y Reader: 2017.012.20098 y versiones anteriores, 2017.011.30066 y versiones anteriores, 2015.006.30355 y versiones anteriores y 11.0.22 y versiones anteriores. La vulnerabilidad se debe a un cálculo que escribe datos más allá del final del búfer planeado; el cálculo forma parte del módulo de conversión de imágenes que manipula datos en formato Enhanced Metafile Format Plus (EMF+). La vulnerabilidad es el resultado de un offset de puntero fuera de rango que se emplea para acceder a subelementos de una estructura de datos interna. Un atacante podría aprovechar esta vulnerabilidad para corromper datos sensibles o ejecutar código arbitrario.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2017-11-01 CVE Reserved
- 2017-12-09 CVE Published
- 2023-11-19 EPSS Updated
- 2024-08-05 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-787: Out-of-bounds Write
CAPEC
References (3)
URL | Tag | Source |
---|---|---|
http://www.securityfocus.com/bid/101812 | Third Party Advisory | |
http://www.securitytracker.com/id/1039791 | Third Party Advisory | |
https://helpx.adobe.com/security/products/acrobat/apsb17-36.html | Broken Link |
URL | Date | SRC |
---|
URL | Date | SRC |
---|
URL | Date | SRC |
---|
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Adobe Search vendor "Adobe" | Acrobat Search vendor "Adobe" for product "Acrobat" | <= 11.0.22 Search vendor "Adobe" for product "Acrobat" and version " <= 11.0.22" | - |
Affected
| ||||||
Adobe Search vendor "Adobe" | Acrobat Search vendor "Adobe" for product "Acrobat" | >= 17.0 <= 17.011.30066 Search vendor "Adobe" for product "Acrobat" and version " >= 17.0 <= 17.011.30066" | - |
Affected
| ||||||
Adobe Search vendor "Adobe" | Acrobat Dc Search vendor "Adobe" for product "Acrobat Dc" | <= 17.012.20098 Search vendor "Adobe" for product "Acrobat Dc" and version " <= 17.012.20098" | continuous |
Affected
| ||||||
Adobe Search vendor "Adobe" | Acrobat Dc Search vendor "Adobe" for product "Acrobat Dc" | >= 15.0 <= 15.006.30355 Search vendor "Adobe" for product "Acrobat Dc" and version " >= 15.0 <= 15.006.30355" | classic |
Affected
| ||||||
Adobe Search vendor "Adobe" | Acrobat Reader Search vendor "Adobe" for product "Acrobat Reader" | <= 11.0.22 Search vendor "Adobe" for product "Acrobat Reader" and version " <= 11.0.22" | - |
Affected
| ||||||
Adobe Search vendor "Adobe" | Acrobat Reader Search vendor "Adobe" for product "Acrobat Reader" | >= 17.0 <= 17.011.30066 Search vendor "Adobe" for product "Acrobat Reader" and version " >= 17.0 <= 17.011.30066" | - |
Affected
| ||||||
Adobe Search vendor "Adobe" | Acrobat Reader Dc Search vendor "Adobe" for product "Acrobat Reader Dc" | <= 17.012.20098 Search vendor "Adobe" for product "Acrobat Reader Dc" and version " <= 17.012.20098" | continuous |
Affected
| ||||||
Adobe Search vendor "Adobe" | Acrobat Reader Dc Search vendor "Adobe" for product "Acrobat Reader Dc" | >= 15.0 <= 15.006.30355 Search vendor "Adobe" for product "Acrobat Reader Dc" and version " >= 15.0 <= 15.006.30355" | classic |
Affected
|