ID CVE-2017-11235
Summary Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable use after free vulnerability in the image conversion engine when decompressing JPEG data. Successful exploitation could lead to arbitrary code execution.
References
Vulnerable Configurations
  • cpe:2.3:a:adobe:acrobat:11.0.20
    cpe:2.3:a:adobe:acrobat:11.0.20
  • cpe:2.3:a:adobe:acrobat:2017.008.30051
    cpe:2.3:a:adobe:acrobat:2017.008.30051
  • cpe:2.3:a:adobe:acrobat_dc:2015.006.30306:-:-:-:classic
    cpe:2.3:a:adobe:acrobat_dc:2015.006.30306:-:-:-:classic
  • cpe:2.3:a:adobe:acrobat_dc:2017.009.20058:-:-:-:continuous
    cpe:2.3:a:adobe:acrobat_dc:2017.009.20058:-:-:-:continuous
  • cpe:2.3:a:adobe:acrobat_reader:2017.008.30051
    cpe:2.3:a:adobe:acrobat_reader:2017.008.30051
  • cpe:2.3:a:adobe:acrobat_reader_dc:2015.006.30306:-:-:-:classic
    cpe:2.3:a:adobe:acrobat_reader_dc:2015.006.30306:-:-:-:classic
  • cpe:2.3:a:adobe:acrobat_reader_dc:2017.009.20058:-:-:-:continuous
    cpe:2.3:a:adobe:acrobat_reader_dc:2017.009.20058:-:-:-:continuous
  • cpe:2.3:a:adobe:reader:11.0.20
    cpe:2.3:a:adobe:reader:11.0.20
  • Apple Mac OS X
    cpe:2.3:o:apple:mac_os_x
  • Microsoft Windows
    cpe:2.3:o:microsoft:windows
CVSS
Base: 9.3
Impact:
Exploitability:
CWE CWE-416
CAPEC
refmap via4
bid 100182
confirm https://helpx.adobe.com/security/products/acrobat/apsb17-24.html
sectrack 1039098
Last major update 11-08-2017 - 15:29
Published 11-08-2017 - 15:29
Last modified 17-08-2017 - 09:50
Back to Top