CVE-2017-3120

Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable use after free vulnerability in the XFA parsing engine when handling certain types of internal instructions. Successful exploitation could lead to arbitrary code execution.
References
Link Resource
https://helpx.adobe.com/security/products/acrobat/apsb17-24.html Patch Vendor Advisory
http://www.securitytracker.com/id/1039098 Third Party Advisory VDB Entry
http://www.securityfocus.com/bid/100182 Third Party Advisory VDB Entry
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

AND
OR cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*
cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*
cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*
cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*
cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*
cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*
cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*
cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*
OR cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*

Information

Published : 2017-08-11 12:29

Updated : 2019-08-21 09:19


NVD link : CVE-2017-3120

Mitre link : CVE-2017-3120


JSON object : View

CWE
CWE-416

Use After Free

Advertisement

dedicated server usa

Products Affected

microsoft

  • windows

adobe

  • acrobat
  • acrobat_reader_dc
  • reader
  • acrobat_dc

apple

  • mac_os_x