CVE-2017-3038

EUVD-2017-12179
Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability when parsing TTF (TrueType font format) stream data. Successful exploitation could lead to arbitrary code execution.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.8 HIGH
LOCAL
LOW
NONE
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 79%
Affected Products (NVD)
VendorProductVersion
adobeacrobat
𝑥
≤ 11.0.19
adobeacrobat_dc
𝑥
≤ 15.006.30280
adobeacrobat_dc
𝑥
≤ 15.023.20070
adobeacrobat_reader_dc
𝑥
≤ 15.006.30280
adobeacrobat_reader_dc
𝑥
≤ 15.023.20070
adobereader
𝑥
≤ 11.0.19
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://www.securityfocus.com/bid/97556
http://www.securitytracker.com/id/1038228
http://www.securitytracker.com/id/1039098
https://helpx.adobe.com/security/products/acrobat/apsb17-11.html
https://helpx.adobe.com/security/products/acrobat/apsb17-24.html
http://www.securityfocus.com/bid/97556
http://www.securitytracker.com/id/1038228
http://www.securitytracker.com/id/1039098
https://helpx.adobe.com/security/products/acrobat/apsb17-11.html
https://helpx.adobe.com/security/products/acrobat/apsb17-24.html