CVE-2017-2960

Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable memory corruption vulnerability in the image conversion engine, related to parsing of EXIF metadata. Successful exploitation could lead to arbitrary code execution.
Configurations

Configuration 1 (hide)

AND
OR cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*
cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*
cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*
cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*
cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*
cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*
OR cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*

History

No history.

Information

Published : 2017-01-11 04:59

Updated : 2024-02-04 19:11


NVD link : CVE-2017-2960

Mitre link : CVE-2017-2960

CVE.ORG link : CVE-2017-2960


JSON object : View

Products Affected

microsoft

  • windows

adobe

  • acrobat_reader_dc
  • acrobat
  • reader
  • acrobat_dc

apple

  • mac_os_x
CWE
CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer