Memory Corruption Vulnerability in Adobe Acrobat Reader
CVE-2017-3056
7.8HIGH
Key Information:
- Vendor
- Adobe
- Vendor
- CVE Published:
- 12 April 2017
Summary
Adobe Acrobat Reader has a vulnerability within its JavaScript engine that affects versions 11.0.19 and earlier, along with specific versions of the 15.x series. This issue is rooted in improper string manipulation, which can be exploited by attackers to execute arbitrary code on affected systems. Users are strongly encouraged to update their software to mitigate potential security risks associated with this vulnerability.
Affected Version(s)
Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier. Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier.
References
CVSS V3.1
Score:
7.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved