Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable heap overflow vulnerability in the image conversion engine, related to parsing of color profile metadata. Successful exploitation could lead to arbitrary code execution.
References
Configurations
Configuration 1 (hide)
AND |
|
Information
Published : 2017-01-10 20:59
Updated : 2017-01-17 18:59
NVD link : CVE-2017-2959
Mitre link : CVE-2017-2959
JSON object : View
CWE
CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
Products Affected
microsoft
- windows
adobe
- acrobat
- acrobat_reader_dc
- reader
- acrobat_dc
apple
- mac_os_x