Adobe Releases Security Updates

Adobe has released security updates to address vulnerabilities in Adobe Flash Player, Acrobat, Reader, Experience Manager, and Digital Editions. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system. US-CERT encourages users and...

Adobe Reader DC URL Parsing Insufficient Verification of Data Authenticity Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Adobe Acrobat Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within...

Adobe Acrobat and Reader Memory Corruption Vulnerability (CNVD-2017-22669)

Adobe Acrobat and Reader are the United States of America Audobee Adobe company's products. The former is a set of PDF file editing and conversion tools, the latter is a set of PDF document reading software. Adobe Acrobat and Reader memory corruption vulnerability exists. Remote attackers can...

APSB17-24 Security updates available for Adobe Acrobat and Reader

Adobe has released security updates for Adobe Acrobat and Reader for Windows and Macintosh. These updates address vulnerabilities rated Critical and Important that could potentially allow an attacker to take control of the affected system...

Adobe Acrobat and Reader Information Disclosure (APSB17-11: CVE-2017-3045)

An information disclosure vulnerability exists in Adobe Acrobat and Reader. The vulnerability is caused due to insufficient bounds check in JPEG 2000 parser. A remote attacker can exploit this vulnerability by enticing the user to open a specially crafted PDF file...

Adobe Acrobat and Reader Memory Corruption (APSB17-11: CVE-2017-3051)

A memory corruption vulnerability exists in Adobe Reader and Acrobat. The vulnerability is due to out-of-bounds error while accessing unintended memory in a specially crafted JPG file. A remote attacker can exploit this vulnerability by enticing a target user to open a specially crafted JPG file ...

Adobe Acrobat and Reader Heap Overflow (APSB17-11: CVE-2017-3049)

A Heap Overflow vulnerability exists in Adobe Reader and Acrobat. The vulnerability is due to an error in the way Adobe Acrobat and Reader handles objects in memory. A remote attacker can exploit this vulnerability by enticing a target user to open a specially crafted TIFF file...

Adobe Acrobat and Reader Use After Free (APSB17-11: CVE-2017-3047)

A use after free vulnerability exists in Adobe Acrobat and Reader. The vulnerability is due to an error in the way Adobe Acrobat and Reader handles objects in memory. A remote attacker can exploit this vulnerability by enticing the user to open a specially crafted PDF file...

Adobe Acrobat and Reader Information Disclosure (APSB17-11: CVE-2017-3046)

An information disclosure vulnerability exists in Adobe Reader and Acrobat. The vulnerability is due to out-of-bounds error while accessing unintended memory. A remote attacker can exploit this vulnerability by enticing a target user to open a specially crafted PDF file...

Adobe Acrobat and Reader Information Disclosure (APSB17-11: CVE-2017-3052)

An information disclosure vulnerability exists in Adobe Acrobat and Reader. The vulnerability is due to an error in the way Adobe Acrobat and Reader handles objects in memory. A remote attacker can exploit this vulnerability by enticing a target user to open a specially crafted EMF file...

Adobe Acrobat and Reader Memory Corruption (APSB17-11: CVE-2017-3044)

A memory corruption vulnerability exists in Adobe Acrobat and Reader. The vulnerability is due to an error in the way Adobe Acrobat and Reader handles objects in memory. A remote attacker can exploit this vulnerability by enticing a target user to open a specially crafted PDF file...

Adobe Acrobat and Reader Memory Corruption (APSB17-11: CVE-2017-3050)

A memory corruption vulnerability exists in Adobe Reader and Acrobat. The vulnerability is due to an error in Adobe Reader and Acrobat while parsing a corrupted Gif file. A remote attacker may exploit this vulnerability by enticing a target user to open a specially crafted file...

Adobe Acrobat and Reader Heap Overflow (APSB17-11: CVE-2017-3048)

A code execution vulnerability exists in Adobe Reader and Acrobat. The vulnerability is due to heap overflow vulnerability in the TIFF decoder routine. A remote attacker can exploit this vulnerability by enticing a target user to open a specially crafted TIFF file...

ColdFusion Hotfix Resolves XSS, Java Deserialization Bugs

Adobe today released an important security hotfix for several versions of its ColdFusion rapid web application development platform. The company said the update addresses an input validation vulnerability CVE-2017-3008 in the software that could be used in reflected cross-site scripting XSS...

Adobe Acrobat and Reader Memory Corruption (APSB17-11: CVE-2017-3039)

A memory corruption vulnerability exists in Adobe Reader and Acrobat. The vulnerability is due to an error in Adobe Reader and Acrobat while parsing a corrupted file. A remote attacker may exploit this vulnerability by enticing a target user to open a specially crafted file...

Adobe Acrobat and Reader Heap Overflow (APSB17-11: CVE-2017-3042; CVE-2017-3054)

A Heap Overflow vulnerability exists in Adobe Reader and Acrobat. The vulnerability is due to an error in the way Adobe Acrobat and Reader handles objects in memory. A remote attacker can exploit this vulnerability by enticing a target user to open a specially crafted PDF file...

Adobe Acrobat and Reader Memory Corruption (APSB17-11: CVE-2017-3041)

A memory corruption vulnerability exists in Adobe Reader and Acrobat. The vulnerability is due to an error in Adobe Reader and Acrobat while parsing a corrupted file. A remote attacker may exploit this vulnerability by enticing a target user to open a specially crafted file...

Adobe Acrobat and Reader Integer Overflow (APSB17-11: CVE-2017-3034)

An integer overflow vulnerability exists in Adobe Acrobat and Reader. The vulnerability is due to a parsing error in XML Forms Architecture XFA engine in Adobe Reader and Acrobat. A remote attacker may exploit this vulnerability by enticing a target user to open a specially crafted PDF file...

Adobe Acrobat and Reader Information Disclosure (APSB17-11: CVE-2017-3033)

An information disclosure vulnerability exists in Adobe Reader and Acrobat. The vulnerability is due to an error in Adobe Reader and Acrobat while parsing a corrupted file. A remote attacker may exploit this vulnerability by enticing a target user to open a specially crafted file...

Adobe Acrobat and Reader Use After Free (APSB17-11: CVE-2017-3027)

A use after free vulnerability exists in Adobe Acrobat and Reader. The vulnerability is due to an error in the way Adobe Acrobat and Reader handles objects in memory. A remote attacker can exploit this vulnerability by enticing the user to open a specially crafted PDF file...