VIR Vulnerability Intelligence Relay

CVE-2017-11234

high
Published 2017-08-11 · Modified 2026-05-13
CVSS v3
8.8
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
VIR risk
8.8

Description

Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conversion engine when processing TIFF data related to the way how the components of each pixel are stored. Successful exploitation could lead to arbitrary code execution.

Predictions

Exploit likelihood
92%
Patch ETA

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

No vendor mitigations ingested yet for this CVE. The mitigation-content worker queues fetches as references arrive — check back in a few minutes, or see the references list below.

OS impact
OSVersionStatusFixed in
macos macosnot-affected

Application impact
VendorProductVersionsFixed
adobe adobeacrobat{"startIncluding":"11.0.0","endIncluding":"11.0.20"}
adobe adobeacrobat_dc{"startIncluding":"15.006.30060","endIncluding":"15.006.30306"}
adobe adobeacrobat_reader{"startIncluding":"17.011.00000","endIncluding":"17.011.30066"}
adobe adobeacrobat_reader_dc{"startIncluding":"15.006.30060","endIncluding":"15.006.30306"}
adobe adobereader{"startIncluding":"11.0.0","endIncluding":"11.0.20"}

References

CWEs

CWE-119

💬 Discuss CVE-2017-11234 on VIR Community →

Community-verified mitigations for this CVE will appear above when contributors publish them.

Verify integrity in audit chain (admin only). AS-IS.