CVE-2017-11308

CRITICAL

Adobe Acrobat and Reader < 11.0.22, 15.006.30355-15.006.30392, 17.012.20098-18.009.20044 - Heap Overflow

Title source: llm
STIX 2.1

Description

Adobe Acrobat and Reader versions 2017.012.20098 and earlier, 2017.011.30066 and earlier, 2015.006.30355 and earlier, 11.0.22 and earlier have an exploitable heap overflow vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.

References (1)

Core 1
Core References

Scores

CVSS v3 9.8
EPSS 0.0801
EPSS Percentile 94.1%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-787
Status published
Products (6)
adobe/acrobat 11.0.0 - 11.0.22
adobe/acrobat_dc 15.006.30355 - 15.006.30392
adobe/acrobat_dc 17.012.20098 - 18.009.20044
adobe/acrobat_reader 11.0.0 - 11.0.22
adobe/acrobat_reader_dc 15.006.30355 - 15.006.30392
adobe/acrobat_reader_dc 17.012.20098 - 18.009.20044
Published May 19, 2018
Tracked Since Feb 18, 2026