Lucene search
Fernando MunozZDI-17-570HistoryAug 08, 2017 - 12:00 a.m.
Adobe Reader DC URL Parsing Insufficient Verification of Data Authenticity Information Disclosure Vulnerability
2017-08-0800:00:00
Fernando Munoz
www.zerodayinitiative.com
16
0.003 Low
EPSS
Percentile
71.4%
This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Adobe Acrobat Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within URL parsing. The issue results from the lack of proper validation of user-supplied data which can allow for spoofing URL requests. An attacker can leverage this vulnerability to leak sensitive information.
Related
prion
prion
Information disclosure
2017-08-11 19:29:00
checkpoint_advisories
checkpoint_advisories
Adobe Acrobat and Reader Information Disclosure (APSB17-24: CVE-2017-3115)
2017-08-08 00:00:00
nvd
nvd
CVE-2017-3115
2017-08-11 19:29:02
cve
cve
CVE-2017-3115
2017-08-11 19:29:02
cvelist
cvelist
CVE-2017-3115
2017-08-08 00:00:00
nessus
nessus
kaspersky
kaspersky
KLA11086 Multiple vulnerabilities in Adobe Acrobat and Adobe Reader
2017-08-08 00:00:00
openvas
openvas
Adobe Acrobat DC (Continuous Track) Security Updates (APSB17-24) - Mac OS X
2018-03-09 00:00:00
Adobe Reader Security Updates (APSB17-24) - Windows
2017-08-10 00:00:00
Adobe Acrobat DC (Classic Track) Security Updates (APSB17-24) - Mac OS X
2018-03-09 00:00:00
trendmicroblog
trendmicroblog
adobe
adobe
APSB17-24 Security updates available for Adobe Acrobat and Reader
2017-08-03 00:00:00