Buffer Over-read Vulnerability in Adobe Digital Editions
CVE-2017-2980

7.5HIGH

Key Information:

Vendor: Adobe
Status: Adobe Digital Editions 4.5.3 And Earlier.
Vendor: CVE Published:; 15 February 2017

🔔 Create Adobe Vulnerability Alert

What is CVE-2017-2980?

Adobe Digital Editions versions up to and including 4.5.3 contain a buffer over-read vulnerability that can be exploited to disclose sensitive information. Attackers could potentially leverage this flaw to access data beyond intended boundaries, highlighting the importance of promptly updating to secure versions.

Affected Version(s)

Adobe Digital Editions 4.5.3 and earlier. Adobe Digital Editions 4.5.3 and earlier.

References

http://www.securitytracker.com/id/1037816

vdb-entryx_refsource_SECTRACK

http://www.securityfocus.com/bid/96195

vdb-entryx_refsource_BID

https://helpx.adobe.com/security/products/Digital-Edition...

x_refsource_CONFIRM

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Feb 15, 2017
Vulnerability Reserved
Dec 2, 2016

.