Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable heap overflow vulnerability in the XSLT engine. Successful exploitation could lead to arbitrary code execution.
2017-01-11T04:59:01.273
2025-04-20T01:37:25.860
Deferred
CVSSv3.0: 7.8 (HIGH)
AV:N/AC:M/Au:N/C:C/I:C/A:C
8.6
10.0
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Application | adobe | acrobat | ≤ 11.0.18 | Yes |
| Application | adobe | acrobat_dc | ≤ 15.006.30244 | Yes |
| Application | adobe | acrobat_dc | ≤ 15.020.20042 | Yes |
| Application | adobe | acrobat_reader_dc | ≤ 15.006.30244 | Yes |
| Application | adobe | acrobat_reader_dc | ≤ 15.020.20042 | Yes |
| Application | adobe | reader | ≤ 11.0.18 | Yes |
| Operating System | apple | mac_os_x | * | No |
| Operating System | microsoft | windows | * | No |