KLA10992Multiple vulnerabilities in Adobe Acrobat and Adobe Reader

2017-04-06T00:00:00
ID KLA10992
Type kaspersky
Reporter Kaspersky Lab
Modified 2020-06-18T00:00:00

Description

Detect date:

04/06/2017

Severity:

Critical

Description:

Multiple serious vulnerabilities have been found in Adobe Acrobat and Adobe Reader. Malicious users can exploit these vulnerabilities to execute arbitary code and possibly cause a denial of service.

Affected products:

Adobe Acrobat DC Continuous earlier than 2017.009.20044
Adobe Acrobat Reader DC Continuous earlier than 2017.009.20044
Adobe Acrobat DC Classic earlier than 2015.006.30306
Adobe Acrobat Reader DC Classic earlier than 2015.006.30306
Adobe Acrobat XI earlier than 11.0.20
Adobe Reader XI earlier than 11.0.20

Solution:

Update to the latest versions
Download Adobe Acrobat
Download Adobe Acrobat Reader DC
Download Adobe Reader XI

Original advisories:

Adobe security bulletin

Impacts:

ACE

Related products:

Adobe Reader XI

CVE-IDS:

CVE-2017-30119.3Critical
CVE-2017-30129.3Critical
CVE-2017-30139.3Critical
CVE-2017-30149.3Critical
CVE-2017-30159.3Critical
CVE-2017-30189.3Critical
CVE-2017-30199.3Critical
CVE-2017-30204.3Warning
CVE-2017-30214.3Warning
CVE-2017-30224.3Warning
CVE-2017-30249.3Critical
CVE-2017-30259.3Critical
CVE-2017-30269.3Critical
CVE-2017-30279.3Critical
CVE-2017-30289.3Critical
CVE-2017-30309.3Critical
CVE-2017-30314.3Warning
CVE-2017-30324.3Warning
CVE-2017-30334.3Warning
CVE-2017-30349.3Critical
CVE-2017-30369.3Critical
CVE-2017-303710.0Critical
CVE-2017-30380.0Unknown
CVE-2017-30399.3Critical
CVE-2017-30409.3Critical
CVE-2017-30429.3Critical
CVE-2017-30434.3Warning
CVE-2017-30449.3Critical
CVE-2017-30454.3Warning
CVE-2017-30464.3Warning
CVE-2017-30489.3Critical
CVE-2017-30499.3Critical
CVE-2017-30509.3Critical
CVE-2017-30519.3Critical
CVE-2017-30524.3Warning
CVE-2017-30549.3Critical
CVE-2017-30559.3Critical
CVE-2017-30569.3Critical
CVE-2017-30579.3Critical
CVE-2017-30659.3Critical

Exploitation:

Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.