CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  Take a third party risk management course for FREE
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Adobe » Acrobat Reader » * * * * : Security Vulnerabilities

Cpe Name:cpe:2.3:a:adobe:acrobat_reader:*:*:*:*:*:*:*:*
CVSS Scores Greater Than: 0   1   2   3   4   5   6   7   8   9  
Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2018-4916 787 Exec Code 2018-02-27 2018-03-16
6.8
 None Remote Medium Not required Partial Partial Partial
An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions. The vulnerability is caused by the computation that writes data past the end of the intended buffer; the computation is part of the image conversion module that handless TIFF data. An attacker can potentially leverage the vulnerability to corrupt sensitive data or execute arbitrary code.
2 CVE-2018-4915 787 Exec Code 2018-02-27 2018-03-16
6.8
 None Remote Medium Not required Partial Partial Partial
An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions. The vulnerability is caused by the computation that writes data past the end of the intended buffer; the computation is part of the JavaScript API related to color conversion. An attacker can potentially leverage the vulnerability to corrupt sensitive data or execute arbitrary code.
3 CVE-2018-4914 125 2018-02-27 2018-03-16
4.3
 None Remote Medium Not required Partial None None
An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions. This vulnerability occurs as a result of computation that reads data that is past the end of the target buffer; the computation is part of the TIFF processing in the XPS engine. A successful attack can lead to sensitive data exposure.
4 CVE-2018-4913 416 Exec Code 2018-02-27 2018-03-16
6.8
 None Remote Medium Not required Partial Partial Partial
An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions. This vulnerability is an instance of a use after free vulnerability in the XFA engine, related to DOM manipulation. The vulnerability is triggered by crafted XFA script definitions in a PDF file. Successful exploitation could lead to arbitrary code execution.
5 CVE-2018-4912 125 2018-02-27 2018-03-16
4.3
 None Remote Medium Not required Partial None None
An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions. This vulnerability occurs as a result of computation that reads data that is past the end of the target buffer; the computation is part of the image conversion module that handles JPEG 2000 data. A successful attack can lead to sensitive data exposure.
6 CVE-2018-4911 416 2018-02-27 2018-03-16
6.8
 None Remote Medium Not required Partial Partial Partial
An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions. This vulnerability is an instance of a use after free vulnerability in the JavaScript API related to bookmark functionality. The vulnerability is triggered by crafted JavaScript code embedded within a PDF file. A successful attack can lead to code corruption, control-flow hijack, or a code re-use attack.
7 CVE-2018-4910 787 Overflow 2018-02-27 2020-08-24
6.8
 None Remote Medium Not required Partial Partial Partial
An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions. This vulnerability is an instance of a heap overflow vulnerability in the JavaScript engine. The vulnerability is triggered by a PDF file with crafted JavaScript code that manipulates the optional content group (OCG). A successful attack can lead to code corruption, control-flow hijack, or a code re-use attack.
8 CVE-2018-4909 125 2018-02-27 2018-03-16
4.3
 None Remote Medium Not required Partial None None
An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions. This vulnerability occurs as a result of computation that reads data that is past the end of the target buffer; the computation is part of the image conversion module when processing metadata in JPEG images. A successful attack can lead to sensitive data exposure.
9 CVE-2018-4908 125 2018-02-27 2018-03-16
4.3
 None Remote Medium Not required Partial None None
An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions. This vulnerability occurs as a result of computation that reads data that is past the end of the target buffer; the computation is part of the TTF font processing in the XPS module. A successful attack can lead to sensitive data exposure.
10 CVE-2018-4907 125 2018-02-27 2018-03-16
4.3
 None Remote Medium Not required Partial None None
An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions. This vulnerability occurs as a result of computation that reads data that is past the end of the target buffer; the computation is part of the TIFF processing in the XPS module. A successful attack can lead to sensitive data exposure.
11 CVE-2018-4906 125 2018-02-27 2018-03-17
4.3
 None Remote Medium Not required Partial None None
An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions. This vulnerability occurs as a result of computation that reads data that is past the end of the target buffer; the computation is part of the image conversion module that handles Enhanced Metafile Format Plus (EMF+) data related to graphic object image attributes. A successful attack can lead to sensitive data exposure.
12 CVE-2018-4905 125 2018-02-27 2018-03-19
4.3
 None Remote Medium Not required Partial None None
An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions. This vulnerability occurs as a result of computation that reads data that is past the end of the target buffer; the computation is part of TIFF processing within the XPS module. A successful attack can lead to sensitive data exposure.
13 CVE-2018-4904 787 Exec Code Overflow 2018-02-27 2020-08-24
6.8
 None Remote Medium Not required Partial Partial Partial
An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions. This vulnerability is an instance of a heap overflow vulnerability. The vulnerability is triggered by crafted TIFF data within an XPS file, which causes an out of bounds memory access. An attacker can potentially leverage the vulnerability to corrupt sensitive data or execute arbitrary code.
14 CVE-2018-4903 125 2018-02-27 2018-03-19
4.3
 None Remote Medium Not required Partial None None
An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions. This vulnerability occurs as a result of computation that reads data that is past the end of the target buffer; the computation is part of the TIFF processing within the XPS module. A successful attack can lead to sensitive data exposure.
15 CVE-2018-4902 416 Exec Code 2018-02-27 2018-03-17
6.8
 None Remote Medium Not required Partial Partial Partial
An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions. This vulnerability is an instance of a use after free vulnerability in the rendering engine. The vulnerability is triggered by a crafted PDF file containing a video annotation (and corresponding media files) that is activated by the embedded JavaScript. Successful exploitation could lead to arbitrary code execution.
16 CVE-2018-4901 787 Exec Code 2018-02-27 2018-03-17
6.8
 None Remote Medium Not required Partial Partial Partial
An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions. The vulnerability is caused by the computation that writes data past the end of the intended buffer; the computation is part of the document identity representation. An attacker can potentially leverage the vulnerability to corrupt sensitive data or execute arbitrary code.
17 CVE-2018-4900 125 2018-02-27 2018-03-19
4.3
 None Remote Medium Not required Partial None None
An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions. This vulnerability occurs as a result of computation that reads data that is past the end of the target buffer; the computation is part of JavaScript manipulation of an Annotation object. A successful attack can lead to sensitive data exposure.
18 CVE-2018-4899 125 2018-02-27 2018-03-19
4.3
 None Remote Medium Not required Partial None None
An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions. This vulnerability occurs as a result of computation that reads data that is past the end of the target buffer; the computation is part of the initial XPS page processing. A successful attack can lead to sensitive data exposure.
19 CVE-2018-4898 787 Exec Code 2018-02-27 2018-03-19
6.8
 None Remote Medium Not required Partial Partial Partial
An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions. The vulnerability is caused by the computation that writes data past the end of the intended buffer; the computation is part of the XPS engine that adds vector graphics and images to a fixed page. An attacker can potentially leverage the vulnerability to corrupt sensitive data or execute arbitrary code.
20 CVE-2018-4897 125 2018-02-27 2018-03-23
4.3
 None Remote Medium Not required Partial None None
An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions. This vulnerability occurs as a result of computation that reads data that is past the end of the target buffer; the computation is part of the image conversion module that parses TIFF metadata. A successful attack can lead to sensitive data exposure.
21 CVE-2018-4896 125 2018-02-27 2018-03-16
4.3
 None Remote Medium Not required Partial None None
An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions. This vulnerability occurs as a result of computation that reads data that is past the end of the target buffer; the computation is part of the image conversion module that handles Enhanced Metafile Format Plus (EMF+) data. A successful attack can lead to sensitive data exposure.
22 CVE-2018-4895 787 Exec Code 2018-02-27 2018-03-16
10.0
 None Remote Low Not required Complete Complete Complete
An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions. The vulnerability is caused by the computation that writes data past the end of the intended buffer; the computation is part of the image conversion engine when processing Enhanced Metafile Format Plus (EMF+) data. An attacker can potentially leverage the vulnerability to corrupt sensitive data or execute arbitrary code.
23 CVE-2018-4894 125 2018-02-27 2018-03-16
4.3
 None Remote Medium Not required Partial None None
An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions. This vulnerability occurs as a result of computation that reads data that is past the end of the target buffer; the computation is part of the XPS font processing. A successful attack can lead to sensitive data exposure.
24 CVE-2018-4893 125 2018-02-27 2018-03-16
4.3
 None Remote Medium Not required Partial None None
An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions. This vulnerability occurs as a result of computation that reads data that is past the end of the target buffer; the computation is part of XPS font processing. A successful attack can lead to sensitive data exposure.
25 CVE-2018-4892 416 Exec Code 2018-02-27 2018-03-16
6.8
 None Remote Medium Not required Partial Partial Partial
An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions. This vulnerability is an instance of a use after free vulnerability in the JBIG2 decoder. The vulnerability is triggered by a crafted PDF file that contains a malformed JBIG2 stream. Successful exploitation could lead to arbitrary code execution.
26 CVE-2018-4891 125 2018-02-27 2018-03-16
4.3
 None Remote Medium Not required Partial None None
An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions. This vulnerability occurs as a result of computation that reads data that is past the end of the target buffer; the computation is part of the XPS module that handles TIFF data. A successful attack can lead to sensitive data exposure.
27 CVE-2018-4890 787 Overflow +Info 2018-02-27 2019-10-03
6.8
 None Remote Medium Not required Partial Partial Partial
An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions. This vulnerability is an instance of a heap overflow vulnerability in the image conversion engine, when handling JPEG data embedded within an XPS file. A successful attack can lead to code corruption, control-flow hijack, or an information leak attack.
28 CVE-2018-4889 125 2018-02-27 2018-03-16
4.3
 None Remote Medium Not required Partial None None
An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions. This vulnerability occurs as a result of computation that reads data that is past the end of the target buffer; the computation is part of the XPS image conversion. A successful attack can lead to sensitive data exposure.
29 CVE-2018-4888 416 Exec Code 2018-02-27 2018-03-16
6.8
 None Remote Medium Not required Partial Partial Partial
An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions. This vulnerability is an instance of a use after free vulnerability. The vulnerability is triggered by a crafted PDF file that can cause a memory access violation exception in the XFA engine because of a dangling reference left as a consequence of freeing an object in the computation that manipulates internal nodes in a graph representation of a document object model used in XFA. Successful exploitation could lead to arbitrary code execution.
30 CVE-2018-4887 125 2018-02-27 2018-03-16
4.3
 None Remote Medium Not required Partial None None
An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions. This vulnerability occurs as a result of computation that reads data that is past the end of the target buffer; the computation is part of the Unicode mapping module that is invoked when processing Enhanced Metafile Format (EMF) data (during image conversion). A successful attack can lead to sensitive data exposure.
31 CVE-2018-4886 125 2018-02-27 2018-03-16
4.3
 None Remote Medium Not required Partial None None
An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions. This vulnerability occurs as a result of computation that reads data that is past the end of the target buffer; the computation occurs in the image conversion engine when processing Enhanced Metafile Format (EMF) data related to handling of bitmap rectangles. A successful attack can lead to sensitive data exposure.
32 CVE-2018-4885 125 2018-02-27 2018-03-16
4.3
 None Remote Medium Not required Partial None None
An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions. This vulnerability occurs as a result of computation that reads data that is past the end of the target buffer; the computation is part of Enhanced Metafile Format processing engine (within the image conversion module). A successful attack can lead to sensitive data exposure.
33 CVE-2018-4884 125 2018-02-27 2018-03-16
4.3
 None Remote Medium Not required Partial None None
An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions. This vulnerability occurs as a result of computation that reads data that is past the end of the target buffer; the computation is part of the image conversion engine when processing Enhanced Metafile Format (EMF) data that embeds an image in the bitmap (BMP) file format. A successful attack can lead to sensitive data exposure.
34 CVE-2018-4883 125 2018-02-27 2018-03-16
4.3
 None Remote Medium Not required Partial None None
An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions. This vulnerability occurs because of computation that reads data that is past the end of the target buffer; the computation is part of the image conversion engine that handles Enhanced Metafile Format (EMF). A successful attack can lead to sensitive data exposure.
35 CVE-2018-4882 125 2018-02-27 2018-03-16
4.3
 None Remote Medium Not required Partial None None
An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions. This vulnerability occurs as a result of computation that reads data that is past the end of the target buffer; the computation is part of the string literal parser. A successful attack can lead to sensitive data exposure.
36 CVE-2018-4881 125 2018-02-27 2018-03-16
4.3
 None Remote Medium Not required Partial None None
An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions. This vulnerability occurs as a result of computation that reads data that is past the end of the target buffer; the computation is part of the image conversion module that reads bitmap image file (BMP) data. A successful attack can lead to sensitive data exposure.
37 CVE-2018-4880 125 2018-02-27 2018-03-16
4.3
 None Remote Medium Not required Partial None None
An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions. This vulnerability occurs as a result of computation that reads data that is past the end of the target buffer; the computation is part of the conversion module that reads U3D data. A successful attack can lead to sensitive data exposure.
38 CVE-2018-4879 787 Exec Code 2018-02-27 2018-03-16
10.0
 None Remote Low Not required Complete Complete Complete
An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions. The vulnerability is caused by the computation that writes data past the end of the intended buffer; the computation is part of the image conversion module that processes Enhanced Metafile Format Plus (EMF+) data. An attacker can potentially leverage the vulnerability to corrupt sensitive data or execute arbitrary code.
39 CVE-2018-4872 Bypass 2018-02-27 2020-08-24
10.0
 None Remote Low Not required Complete Complete Complete
An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions. This vulnerability is a security bypass vulnerability that leads to a sandbox escape. Specifically, the vulnerability exists in the way a cross call is handled.
40 CVE-2017-16420 125 2017-12-09 2017-12-14
9.3
 None Remote Medium Not required Complete Complete Complete
An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. This vulnerability occurs as a result of a computation that reads data that is past the end of the target buffer; the computation is in the part of the JavaScript engine that handles annotation abstraction. The use of an invalid (out-of-range) pointer offset during access of internal data structure fields causes the vulnerability. A successful attack can lead to sensitive data exposure.
41 CVE-2017-16419 674 2017-12-09 2019-10-03
4.3
 None Remote Medium Not required None None Partial
An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. The issue is a stack exhaustion problem within the JavaScript API, where the computation does not correctly control the amount of recursion that can happen with respect to system resources.
42 CVE-2017-16418 125 2017-12-09 2017-12-15
9.3
 None Remote Medium Not required Complete Complete Complete
An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. This vulnerability occurs as a result of a computation that reads data that is past the end of the target buffer; the computation is a part of the image conversion module that handles XPS files. The use of an invalid (out-of-range) pointer offset during access of internal data structure fields causes the vulnerability. A successful attack can lead to sensitive data exposure.
43 CVE-2017-16417 787 2017-12-09 2017-12-15
9.3
 None Remote Medium Not required Complete Complete Complete
An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. This vulnerability occurs as a result of a computation that reads data that is past the end of the target buffer; the computation is a part of the font parsing module. The use of an invalid (out-of-range) pointer offset during access of internal data structure fields causes the vulnerability. A successful attack can lead to sensitive data exposure.
44 CVE-2017-16416 787 Exec Code 2017-12-09 2017-12-15
9.3
 None Remote Medium Not required Complete Complete Complete
An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. The vulnerability is caused by a computation that writes data past the end of the intended buffer; the computation is part of the image conversion module that handles Enhanced Metafile Format Plus (EMF+) data. The vulnerability is a result of an out of range pointer offset that is used to access sub-elements of an internal data structure. An attacker can potentially leverage the vulnerability to corrupt sensitive data or execute arbitrary code.
45 CVE-2017-16415 787 Exec Code 2017-12-09 2017-12-15
9.3
 None Remote Medium Not required Complete Complete Complete
An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. The vulnerability is caused by a computation that writes data past the end of the intended buffer; the computation is a part of the functionality that handles font encodings. The vulnerability is a result of out of range pointer offset that is used to access sub-elements of an internal data structure. An attacker can potentially leverage the vulnerability to corrupt sensitive data or execute arbitrary code.
46 CVE-2017-16414 125 2017-12-09 2017-12-15
9.3
 None Remote Medium Not required Complete Complete Complete
An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. This vulnerability occurs as a result of a computation that reads data that is past the end of the target buffer; the computation is a part of the JavaScript API module responsible for form field computation. The use of an invalid (out-of-range) pointer offset during access of internal data structure fields causes the vulnerability. A successful attack can lead to sensitive data exposure.
47 CVE-2017-16413 787 Exec Code 2017-12-09 2017-12-15
9.3
 None Remote Medium Not required Complete Complete Complete
An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. The vulnerability is caused by a computation that writes data past the end of the intended buffer; the computation is part of the XPS to PDF conversion module, when processing TIFF files. The vulnerability is a result of an out of range pointer offset that is used to access sub-elements of an internal data structure. An attacker can potentially leverage the vulnerability to corrupt sensitive data or execute arbitrary code.
48 CVE-2017-16412 125 2017-12-09 2017-12-15
9.3
 None Remote Medium Not required Complete Complete Complete
An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. This vulnerability occurs because of a computation that reads data that is past the end of the target buffer; the computation is part of the XPS conversion module, when handling a JPEG resource. The use of an invalid (out-of-range) pointer offset during access of internal data structure fields causes the vulnerability. A successful attack can lead to sensitive data exposure.
49 CVE-2017-16411 119 Overflow 2017-12-09 2017-12-15
9.3
 None Remote Medium Not required Complete Complete Complete
An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. This vulnerability occurs as a result of a computation that reads data that is past the end of the target buffer; the computation is part of the WebCapture module, related to an internal hash table implementation. The use of an invalid (out-of-range) pointer offset during access of internal data structure fields causes the vulnerability. A successful attack can lead to sensitive data exposure.
50 CVE-2017-16410 129 2017-12-09 2017-12-15
9.3
 None Remote Medium Not required Complete Complete Complete
An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. The vulnerability is a result of untrusted input that is used to calculate an array index; the calculation occurs in the image conversion module, when processing GIF files. The vulnerability leads to an operation that can write to a memory location that is outside of the memory addresses allocated for the data structure. The specific scenario leads to a write access to a memory location that does not belong to the relevant process address space.
Total number of vulnerabilities : 151   Page : 1 (This Page)2 3 4
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.