684 matches found
CVE-2017-11224
Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable use after free vulnerability in the XFA layout engine. Successful exploitation could lead to arbitrary code execution...
CVE-2017-11218
Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable use after free vulnerability in XFA event management. Successful exploitation could lead to arbitrary code execution...
CVE-2017-3120
Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable use after free vulnerability in the XFA parsing engine when handling certain types of internal instructions. Successful exploitation could lead to...
CVE-2017-11218
CVE-2017-11218 affects Adobe Acrobat/Reader (including XFA event management) and is due to a use-after-free condition that could lead to arbitrary code execution. Affected products/versions include Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, ...
CVE-2017-11256
CVE-2017-11256 affects Adobe Acrobat Reader and related Acrobat products (XFA layout engine) with a use-after-free vulnerability in content generation. Successful exploitation could lead to arbitrary code execution. The provided documents do not include patch details or affected version ranges be...
CVE-2017-11256
Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable use after free vulnerability when generating content using XFA layout engine. Successful exploitation could lead to arbitrary code execution...
CVE-2017-11257
Technical details for CVE-2017-11257 are not publicly available in the provided documents. Monitor for updates.
CVE-2017-11224
CVE-2017-11224 affects Adobe Acrobat/Reader (various 2017/earlier builds) with the XFA layout engine. It is described as a use-after-free in XFA, with successful exploitation potentially enabling arbitrary code execution (high severity). The connected OpenVAS entries reference this CVE as part of...
CVE-2017-11219
Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable use after free vulnerability in the XFA rendering engine. Successful exploitation could lead to arbitrary code execution...
CVE-2017-11219
Adobe Acrobat Reader 2017.x and earlier (versions listed in CVE-2017-11219 entry: 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier) contains an exploitable use-after-free in the XFA rendering engine. Successful exploitation could lead to ...
CVE-2017-11223
Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable use after free vulnerability in the core of the XFA engine. Successful exploitation could lead to arbitrary code execution...
Adobe Acrobat Pro DC XFA PDEContent Use-After-Free Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Acrobat Pro DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within XFA's...
Adobe Acrobat Pro DC XFA nodes Type Confusion Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Acrobat Pro DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handlin...
Adobe Reader DC XFA Parsing Use-After-Free Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within XFA parsing. The...
Adobe Reader DC XFA topInset Use-After-Free Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within XFA's topInset...
Adobe Reader DC XFA loadXML Use-After-Free Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...
Adobe Acrobat and Reader Type Confusion (APSB17-24: CVE-2017-11257)
A type confusion overflow vulnerability exists in Adobe Acrobat and Reader. The vulnerability is due to how Adobe processes XFA layout. A remote attacker may exploit this vulnerability by enticing a target user to open a specially crafted PDF file...
Adobe Reader DC XFA closeDoc Use-After-Free Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...
Adobe Acrobat and Reader Use After Free (APSB17-24: CVE-2017-11256)
A use after free vulnerability exists in Adobe Acrobat and Reader. The vulnerability is due to how Adobe processes XFA layout. A remote attacker may exploit this vulnerability by enticing a target user to open a specially crafted PDF file with Adobe Reader...
Adobe Reader DC XFA exportAsXFAStr Use-After-Free Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within XFA's...