CVE-2017-2929

MEDIUM

Adobe Acrobat - XSS

Title source: rule

Description

Adobe Acrobat Chrome extension version 15.1.0.3 and earlier have a DOM-based cross-site scripting vulnerability. Successful exploitation could lead to JavaScript code execution.

References (3)

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/95693

[Patch, Vendor Advisory] https://helpx.adobe.com/security/products/acrobat/apsb17-03.html

[Third Party Advisory, VDB Entry] http://www.securitytracker.com/id/1037687

Scores

CVSS v3 6.1

EPSS 0.0387

EPSS Percentile 88.1%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Classification

CWE

CWE-79

Status published

Affected Products (2)

adobe/acrobat

n/a/Adobe Acrobat Extension for Chrome 15.1.0.3 < Adobe Acrobat Extension for Chrome 15.1.0.3

Timeline

Published Jan 24, 2017

Tracked Since Feb 18, 2026