7.5
CVE-2017-3009
- EPSS 1.25%
- Veröffentlicht 31.03.2017 16:59:00
- Zuletzt bearbeitet 20.04.2025 01:37:25
- Quelle psirt@adobe.com
- Teams Watchlist Login
- Unerledigt Login
Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable buffer overflow vulnerability in the JPEG2000 parser. Successful exploitation could lead to information disclosure.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Adobe ≫ Acrobat Dc SwEditionclassic Version >= 15.000.0000 <= 15.006.30244
Adobe ≫ Acrobat Dc SwEditioncontinuous Version >= 15.000.0000 <= 15.020.20042
Adobe ≫ Acrobat Reader Dc SwEditionclassic Version >= 15.000.0000 <= 15.006.30244
Adobe ≫ Acrobat Reader Dc SwEditioncontinuous Version >= 15.000.0000 <= 15.020.20042
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 1.25% | 0.774 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 3.9 | 3.6 |
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
|
| nvd@nist.gov | 5 | 10 | 2.9 |
AV:N/AC:L/Au:N/C:P/I:N/A:N
|
CWE-125 Out-of-bounds Read
The product reads data past the end, or before the beginning, of the intended buffer.