Memory Corruption Vulnerability in Adobe Acrobat Reader
CVE-2017-3019

7.8HIGH

Key Information:

Vendor

Adobe
Status
Adobe Acrobat Reader 11.0.19 And Earlier, 15.006.30280 And Earlier, 15.023.20070 And Earlier.
Vendor
CVE Published:
12 April 2017

What is CVE-2017-3019?

Adobe Acrobat Reader is susceptible to a memory corruption vulnerability in its Product Representation Compact (PRC) format parser. This flaw can be exploited to execute arbitrary code, potentially compromising the integrity of the system running the affected versions. Users of versions 11.0.19 and earlier, as well as 15.006.30280 and 15.023.20070 and earlier, are advised to take immediate precautions and update their software to mitigate risks associated with this vulnerability.

Affected Version(s)

Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier. Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier.

References

http://www.securitytracker.com/id/1038228
vdb-entryx_refsource_SECTRACK
http://www.securityfocus.com/bid/97556
vdb-entryx_refsource_BID
https://helpx.adobe.com/security/products/acrobat/apsb17-...
x_refsource_CONFIRM

CVSS V3.1

Score:
7.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
CVE-2017-3019 : Memory Corruption Vulnerability in Adobe Acrobat Reader