CVE-2017-3095

9.8CRITICAL

Key Information:

Vendor: Adobe
Status: Adobe Digital Editions 4.5.4 And Earlier.
Vendor: CVE Published:; 20 June 2017

Summary

Adobe Digital Editions versions 4.5.4 and earlier have an exploitable memory corruption vulnerability in the PDF parsing engine. Successful exploitation could lead to arbitrary code execution.

Affected Version(s)

Adobe Digital Editions 4.5.4 and earlier. Adobe Digital Editions 4.5.4 and earlier.

References

http://www.securityfocus.com/bid/99021

vdb-entryx_refsource_BID

http://www.securitytracker.com/id/1038658

vdb-entryx_refsource_SECTRACK

https://helpx.adobe.com/security/products/Digital-Edition...

x_refsource_CONFIRM

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jun 20, 2017
Vulnerability Reserved
Dec 2, 2016