CVE-2017-11265
medium
CVSS v3
6.5
CVSS v2
4.3
VIR risk
6.5
Description
Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the Adobe Graphics Manager module. Successful exploitation could lead to arbitrary code execution.
Predictions
Exploit likelihood
75%
Patch ETA
—
Heuristic predictions, AS-IS, for prioritization only.
Mitigations
Vendor advisory: psirt@adobe.com — https://helpx.adobe.com/security/products/acrobat/apsb17-24.html
OS impact
| OS | Version | Status | Fixed in |
|---|---|---|---|
| macos | not-affected | |
Application impact
| Vendor | Product | Versions | Fixed |
|---|---|---|---|
| adobe | acrobat | {"startIncluding":"11.0.0","endIncluding":"11.0.20"} | |
| adobe | acrobat_dc | {"startIncluding":"15.006.30060","endIncluding":"15.006.30306"} | |
| adobe | acrobat_reader | {"startIncluding":"17.011.00000","endIncluding":"17.011.30066"} | |
| adobe | acrobat_reader_dc | {"startIncluding":"15.006.30060","endIncluding":"15.006.30306"} | |
| adobe | reader | {"startIncluding":"11.0.0","endIncluding":"11.0.20"} | |
References
CWEs
CWE-119
Verify integrity in audit chain (admin only). AS-IS.