Remote Code Execution Vulnerability in Adobe Captivate by Adobe
CVE-2017-3098

9.8CRITICAL

Key Information:

Vendor: Adobe
Status: Adobe Captivate 9 And Earlier.
Vendor: CVE Published:; 20 June 2017

Summary

Adobe Captivate versions 9 and earlier are susceptible to a remote code execution vulnerability in the quiz reporting feature. This flaw may allow an attacker to read and write arbitrary files on the server, posing significant risks to server integrity and confidentiality.

Affected Version(s)

Adobe Captivate 9 and earlier. Adobe Captivate 9 and earlier.

References

https://helpx.adobe.com/security/products/captivate/apsb1...

x_refsource_CONFIRM

http://www.securitytracker.com/id/1038657

vdb-entryx_refsource_SECTRACK

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jun 20, 2017
Vulnerability Reserved
Dec 2, 2016