Type Confusion Vulnerability in Adobe Acrobat Reader
CVE-2017-2962

7.8HIGH

Summary

Adobe Acrobat Reader versions prior to 15.020.20042, 15.006.30244, and 11.0.18 are impacted by a type confusion vulnerability within the XSLT engine. This vulnerability is associated with the localization functionality, which if successfully exploited, may permit an attacker to execute arbitrary code on the affected system, posing a significant risk to user data and system integrity.

Affected Version(s)

Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier. Adobe Acrobat Reader 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier.

References

EPSS Score

37% chance of being exploited in the next 30 days.

CVSS V3.1

Score:
7.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
🍪 This website uses cookies, like every other website on the internet 😕 By using our website, you consent to the use of cookies.