Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
kasperskyKaspersky LabKLA10992
HistoryApr 06, 2017 - 12:00 a.m.

KLA10992 Multiple vulnerabilities in Adobe Acrobat and Adobe Reader

2017-04-0600:00:00
Kaspersky Lab
threats.kaspersky.com
214

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.574 Medium

EPSS

Percentile

97.7%

JSON

Detect date:

04/06/2017

Severity:

Critical

Description:

Multiple serious vulnerabilities have been found in Adobe Acrobat and Adobe Reader. Malicious users can exploit these vulnerabilities to execute arbitary code and possibly cause a denial of service.

Affected products:

Adobe Acrobat DC Continuous earlier than 2017.009.20044
Adobe Acrobat Reader DC Continuous earlier than 2017.009.20044
Adobe Acrobat DC Classic earlier than 2015.006.30306
Adobe Acrobat Reader DC Classic earlier than 2015.006.30306
Adobe Acrobat XI earlier than 11.0.20
Adobe Reader XI earlier than 11.0.20

Solution:

Update to the latest versions
Download Adobe Acrobat
Download Adobe Acrobat Reader DC
Download Adobe Reader XI

Original advisories:

Adobe security bulletin

Impacts:

ACE

Related products:

Adobe Reader XI

CVE-IDS:

CVE-2017-30119.3Critical
CVE-2017-30129.3Critical
CVE-2017-30139.3Critical
CVE-2017-30149.3Critical
CVE-2017-30159.3Critical
CVE-2017-30189.3Critical
CVE-2017-30199.3Critical
CVE-2017-30204.3Warning
CVE-2017-30214.3Warning
CVE-2017-30224.3Warning
CVE-2017-30249.3Critical
CVE-2017-30259.3Critical
CVE-2017-30269.3Critical
CVE-2017-30279.3Critical
CVE-2017-30289.3Critical
CVE-2017-30309.3Critical
CVE-2017-30314.3Warning
CVE-2017-30324.3Warning
CVE-2017-30334.3Warning
CVE-2017-30349.3Critical
CVE-2017-30369.3Critical
CVE-2017-30389.3Critical
CVE-2017-30399.3Critical
CVE-2017-30409.3Critical
CVE-2017-30429.3Critical
CVE-2017-30434.3Warning
CVE-2017-30449.3Critical
CVE-2017-30454.3Warning
CVE-2017-30464.3Warning
CVE-2017-30489.3Critical
CVE-2017-30499.3Critical
CVE-2017-30509.3Critical
CVE-2017-30519.3Critical
CVE-2017-30524.3Warning
CVE-2017-30549.3Critical
CVE-2017-30559.3Critical
CVE-2017-30569.3Critical
CVE-2017-30579.3Critical
CVE-2017-30659.3Critical

Exploitation:

Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.

References

Related

nessus 8
openvas 28
adobe 2
trendmicroblog 1
checkpoint_advisories 31
threatpost 1
prion 39
cve 39
zdi 28
srcincite 2
kaspersky 1
nessus
nessus
Adobe Acrobat < 11.0.20 / 2015.006.30306 / 2017.009.20044 Multiple Vulnerabilities (APSB17-11)
2017-04-14 00:00:00
Adobe Reader < 11.0.20 / 2015.006.30306 / 2017.009.20044 Multiple Vulnerabilities (APSB17-11)
2017-04-14 00:00:00
Adobe Reader < 11.0.20 / 2015.006.30306 / 2017.009.20044 Multiple Vulnerabilities (APSB17-11) (macOS)
2017-04-14 00:00:00
openvas
openvas
Adobe Acrobat DC (Classic Track) Security Updates (APSB17-11) - Mac OS X
2018-03-12 00:00:00
Adobe Reader DC (Continuous Track) Security Updates (APSB17-11) - Windows
2018-03-12 00:00:00
Adobe Acrobat DC (Classic Track) Security Updates (APSB17-11) - Windows
2018-03-12 00:00:00
adobe
adobe
APSB17-11 Security update available for Adobe Acrobat and Reader
2017-04-06 00:00:00
APSB17-24 Security updates available for Adobe Acrobat and Reader
2017-08-03 00:00:00
trendmicroblog
trendmicroblog
TippingPoint Threat Intelligence and Zero-Day Coverage – Week of April 17, 2017
2017-04-21 18:23:45
checkpoint_advisories
checkpoint_advisories
Adobe Acrobat and Reader Heap Overflow (APSB17-11: CVE-2017-3042; CVE-2017-3054)
2017-04-24 00:00:00
Adobe Acrobat and Reader Memory Corruption (APSB17-11: CVE-2017-3030)
2017-04-18 00:00:00
Adobe Acrobat and Reader Use After Free (APSB17-11: CVE-2017-3027)
2017-04-19 00:00:00
threatpost
threatpost
Adobe Patches 59 Vulnerabilities Across Flash, Reader, Photoshop
2017-04-11 14:58:55
prion
prion
Memory corruption
2017-04-12 14:59:00
Design/Logic Flaw
2017-04-12 14:59:00
Memory corruption
2017-04-12 14:59:00
cve
cve
CVE-2017-3014
2017-04-12 14:59:00
CVE-2017-3030
2017-04-12 14:59:00
CVE-2017-3013
2017-04-12 14:59:00
zdi
zdi
Adobe Acrobat Pro DC ImageConversion PCX Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
2017-04-11 00:00:00
Adobe Reader DC JPEG2000 Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
2017-04-11 00:00:00
Adobe Reader DC XSLT Namespace Node Out-Of-Bounds Read Information Disclosure Vulnerability
2017-04-11 00:00:00
srcincite
srcincite
SRC-2017-0003 : Adobe Acrobat Pro DC ImageConversion EMF Parsing iType Out-Of-Bounds Read Remote Code Execution Vulnerability
2017-03-09 00:00:00
SRC-2017-0002 : Adobe Acrobat Pro DC ImageConversion TIFF Parsing Use-After-Free Read Remote Code Execution Vulnerability
2017-02-02 00:00:00
kaspersky
kaspersky
KLA11086 Multiple vulnerabilities in Adobe Acrobat and Adobe Reader
2017-08-08 00:00:00

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.574 Medium

EPSS

Percentile

97.7%

JSON
Related for KLA10992
nessus8openvas28adobe2trendmicroblog1checkpoint_advisories31threatpost1prion39cve39zdi28srcincite2kaspersky1