CVE-2017-2959

Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable heap overflow vulnerability in the image conversion engine, related to parsing of color profile metadata. Successful exploitation could lead to arbitrary code execution.
Configurations

Configuration 1 (hide)

AND
OR cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*
cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*
cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*
cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*
cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*
cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*
OR cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*

History

No history.

Information

Published : 2017-01-11 04:59

Updated : 2024-02-04 19:11


NVD link : CVE-2017-2959

Mitre link : CVE-2017-2959

CVE.ORG link : CVE-2017-2959


JSON object : View

Products Affected

microsoft

  • windows

adobe

  • acrobat_reader_dc
  • acrobat
  • reader
  • acrobat_dc

apple

  • mac_os_x
CWE
CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer