CVE-2017-11273

An issue was discovered in Adobe Digital Editions 4.5.6 and earlier versions. Adobe Digital Editions parses crafted XML files in an unsafe manner, which could lead to sensitive information disclosure.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
5.5 MEDIUM
LOCAL
LOW
NONE
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
adobeCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 90%
VendorProductVersion
adobedigital_editions
𝑥
≤ 4.5.6
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://www.securityfocus.com/bid/101839
http://www.securitytracker.com/id/1039798
https://helpx.adobe.com/security/products/Digital-Editions/apsb17-39.html
http://www.securityfocus.com/bid/101839
http://www.securitytracker.com/id/1039798
https://helpx.adobe.com/security/products/Digital-Editions/apsb17-39.html