Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2017-11261

Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conversion engine when processing Enhanced Metafile Format (EMF) private data and the embedded TIF image. Successful exploitation could lead to arbitrary code execution.

Published

2017-08-11T19:29:01.647

Last Modified

2025-04-20T01:37:25.860

Status

Deferred

Source

[email protected]

Severity

CVSSv3.0: 8.8 (HIGH)

CVSSv2 Vector

AV:N/AC:M/Au:N/C:C/I:C/A:C

  • Access Vector: NETWORK
  • Access Complexity: MEDIUM
  • Authentication: NONE
  • Confidentiality Impact: COMPLETE
  • Integrity Impact: COMPLETE
  • Availability Impact: COMPLETE
Exploitability Score

8.6

Impact Score

10.0

Weaknesses
  • Type: Primary
    CWE-119
Affected Vendors & Products
Type Vendor Product Version/Range Vulnerable?
Application adobe acrobat ≤ 11.0.20 Yes
Application adobe acrobat ≤ 17.011.30066 Yes
Application adobe acrobat_dc ≤ 15.006.30306 Yes
Application adobe acrobat_dc ≤ 17.009.20058 Yes
Application adobe acrobat_reader ≤ 17.011.30066 Yes
Application adobe acrobat_reader_dc ≤ 15.006.30306 Yes
Application adobe acrobat_reader_dc ≤ 17.009.20058 Yes
Application adobe reader ≤ 11.0.20 Yes
Operating System apple mac_os_x * No
Operating System microsoft windows * No
References