CVE-2017-2946

Severity CVSS v4.0:
Pending analysis
Type:
CWE-119 Buffer Errors
Publication date:
11/01/2017
Last modified:
20/04/2025

Description

Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable heap overflow vulnerability when parsing the segment for storing non-graphic information. Successful exploitation could lead to arbitrary code execution.

Vulnerable products and versions

CPE From Up to
cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:* 11.0.18 (including)
cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:* 15.006.30244 (including)
cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:* 15.020.20042 (including)
cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:* 15.006.30244 (including)
cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:* 15.020.20042 (including)
cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:* 11.0.18 (including)
cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*