Lucene search

K
cvelistAdobeCVELIST:CVE-2017-16386
HistoryDec 09, 2017 - 6:00 a.m.

CVE-2017-16386

2017-12-0906:00:00
adobe
www.cve.org

8.9 High

AI Score

Confidence

High

0.015 Low

EPSS

Percentile

86.7%

An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. This vulnerability occurs as a result of a computation that reads data that is past the end of the target buffer; the computation is part of the XPS2PDF conversion engine. The use of an invalid (out-of-range) pointer offset during access of internal data structure fields causes the vulnerability. A successful attack can lead to sensitive data exposure.

CNA Affected

[
  {
    "product": "Adobe Acrobat Reader 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, 11.0.22 and earlier versions",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "Adobe Acrobat Reader 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, 11.0.22 and earlier versions"
      }
    ]
  }
]

8.9 High

AI Score

Confidence

High

0.015 Low

EPSS

Percentile

86.7%