Memory Address Leak Vulnerability in Adobe Acrobat Reader
CVE-2017-3029

3.3LOW

Key Information:

Vendor

Adobe
Status
Adobe Acrobat Reader 11.0.19 And Earlier, 15.006.30280 And Earlier, 15.023.20070 And Earlier.
Vendor
CVE Published:
12 April 2017

What is CVE-2017-3029?

Adobe Acrobat Reader is affected by a memory address leak vulnerability, particularly when processing JPEG 2000 code-streams. This issue can potentially allow an attacker to exploit the leak to gain information that should be inaccessible. Users of versions 11.0.19 and earlier, 15.006.30280 and earlier, and 15.023.20070 and earlier must address this vulnerability to ensure their systems remain secure.

Affected Version(s)

Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier. Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier.

References

http://www.securityfocus.com/bid/97554
vdb-entryx_refsource_BID
http://www.securitytracker.com/id/1038228
vdb-entryx_refsource_SECTRACK
https://helpx.adobe.com/security/products/acrobat/apsb17-...
x_refsource_CONFIRM

CVSS V3.1

Score:
3.3
Severity:
LOW
Confidentiality:
Low
Integrity:
None
Availability:
Low
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
CVE-2017-3029 : Memory Address Leak Vulnerability in Adobe Acrobat Reader