CVE-2017-3035

Adobe Acrobat Reader (affected: 11.0.19 and earlier; 15.006.30280 and earlier; 15.023.20070 and earlier) contains a use-after-free vulnerability in the XML Forms Architecture (XFA) engine (CVE-2017-3035). Exploitation could lead to arbitrary code execution. The connected documents acknowledge CVE...

CVE-2017-3036

CVE-2017-3036 affects Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, and 15.023.20070 and earlier, with an exploitable memory corruption vulnerability in the PCX image format processing. The issue is triggered during image conversion and could lead to arbitrary code ...

CVE-2017-3039

CVE-2017-3039 affects Adobe Acrobat Reader (Windows/macOS) where memory corruption in the PPKLite security handler could allow arbitrary code execution. Affected versions include Acrobat Reader 11.0.19 and earlier; 15.006.30280 and earlier; and 15.023.20070 and earlier. The vulnerability descript...

CVE-2017-3043

Adobe Acrobat Reader (Windows/macOS) versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier are affected by a memory address leak in the collaboration feature (CVE-2017-3043). The connected sources confirm the same CVE entry is associated with these builds; no exploitati...

CVE-2017-3051

Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability in the image conversion engine, related to parsing of JPEG files. Successful exploitation could lead to arbitrary code execution...

Adobe Acrobat and Reader Memory Corruption (APSB17-11: CVE-2017-3036)

A memory corruption vulnerability exists in Adobe Reader and Acrobat. The vulnerability is due to an error in Adobe Reader and Acrobat while opening a PCX file. A remote attacker may exploit this vulnerability by enticing a target user to open a specially crafted PCX file with Adobe Reader...

Adobe Acrobat and Reader Use After Free (APSB17-11: CVE-2017-3014)

A use after free vulnerability exists in Adobe Acrobat and Reader. The vulnerability is due to an error in the way Adobe Acrobat and Reader handles objects in memory. A remote attacker can exploit this vulnerability by enticing the user to open a specially crafted PDF file...

Adobe Acrobat and Reader Use After Free (APSB17-11: CVE-2017-3057)

A use after free vulnerability exists in Adobe Acrobat and Reader. The vulnerability is due to an error in the way Adobe Acrobat and Reader handles objects in memory. A remote attacker can exploit this vulnerability by enticing the user to open a specially crafted PDF file...

Adobe Acrobat and Reader Memory Corruption (APSB17-11: CVE-2017-3056)

A memory corruption vulnerability exists in Adobe Acrobat and Reader. The vulnerability is due to an error while loading a PDF containing a malicious JavaScript code. A remote attacker may exploit this issue by enticing a target user to open a malicious PDF file with an affected version of Adobe...

Adobe Acrobat and Reader Memory Corruption (APSB17-11: CVE-2017-3019)

A memory corruption vulnerability exists in Adobe Acrobat and Reader. The vulnerability is due to an error in the way Adobe Acrobat and Reader handles objects in memory. A remote attacker can exploit this vulnerability by enticing the user to open a specially crafted PDF file...

Adobe Acrobat and Reader Memory Corruption (APSB17-11: CVE-2017-3017)

A memory corruption vulnerability exists in Adobe Reader and Acrobat. The vulnerability is due to an error in Adobe Reader and Acrobat while parsing a corrupted file. A remote attacker may exploit this vulnerability by enticing a target user to open a specially crafted file...

Adobe Patches 59 Vulnerabilities Across Flash, Reader, Photoshop

Adobe patched 59 vulnerabilities in five different products, including Flash Player, Acrobat/Reader, Photoshop, Adobe Campaign, and its Adobe Creative Cloud App as part of its regularly scheduled software update today. The company warned in a series of security bulletins posted shortly before noo...

Adobe Releases Security Updates

Adobe has released security updates to address vulnerabilities in Adobe Campaign, Flash Player, Acrobat and Reader, Photoshop CC, and Creative Cloud. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system. Users and administrators are...

Adobe Reader DC XFA dashDotDot Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Acrobat Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within XFA's...

APSB17-11 Security update available for Adobe Acrobat and Reader

Adobe has released security updates for Adobe Acrobat and Reader for Windows and Macintosh. These updates address critical vulnerabilities that could potentially allow an attacker to take control of the affected system...

Adobe Acrobat and Reader Heap Overflow (APSB17-01: CVE-2017-2971)

A code execution vulnerability exists in Adobe Reader and Acrobat. The vulnerability is due to heap overflow vulnerability in the JPEG decoder routine. A remote attacker can exploit this vulnerability by enticing a target user to open a specially crafted JPEG file...

Adobe Flash Player Use After Free Code Execution (APSB17-07: CVE-2017-3001)

A use after free vulnerability exists in Adobe Acrobat and Reader. The vulnerability is due to an error in the way Adobe Acrobat and Reader handles objects in memory. A remote attacker can exploit this vulnerability by enticing the user to open a specially crafted PDF file...

CVE-2017-2970

CVE-2017-2970 refers to an exploitable heap overflow in the XSLT engine of Adobe Acrobat Reader/Reader DC, related to template manipulation. Affected versions include: 15.020.20042 and earlier, 15.006.30244 and earlier, and 11.0.18 and earlier. The confirmed impact is arbitrary code execution if ...

Adobe Acrobat and Reader Type Confusion (APSB17-01: CVE-2017-2962)

A type confusion vulnerability exists in Adobe Acrobat and Reader. The vulnerability is due to an error in Adobe Acrobat and Reader while handling a specially crafted PDF file. A remote attacker can exploit this vulnerability by enticing a target user to open a specially crafted PDF file with an...

Adobe Acrobat and Reader Use After Free (APSB17-01: CVE-2017-2961)

A use after free vulnerability exists in Adobe Acrobat and Reader. The vulnerability is due to an error in the way Adobe Acrobat and Reader handles objects in memory. A remote attacker can exploit this vulnerability by enticing the user to open a specially crafted PDF file...