CVE-2017-11308

Adobe Acrobat and Reader versions 2017.012.20098 and earlier, 2017.011.30066 and earlier, 2015.006.30355 and earlier, 11.0.22 and earlier have an exploitable heap overflow vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.

Published: May 19, 2018
Updated: Apr 13, 2023
CVE: CVE-2017-11308
Severity: Critical
Exploit:

CVSS v3:

Severity: Critical
Score: 9.8
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CVSS v2:

Severity: High
Score: 10
AV:N/AC:L/Au:N/C:C/I:C/A:C

CWEs:

CWE-787

Affected Software
References

Software	From	Fixed in
adobe / acrobat	11.0.0	11.0.22.x
adobe / acrobat	17.011.30066	17.011.30068
adobe / acrobat_dc	15.006.30355	15.006.30392
adobe / acrobat_dc	17.012.20098	18.009.20044
adobe / acrobat_reader	11.0.0	11.0.22.x
adobe / acrobat_reader	17.011.30066	17.011.30068
adobe / acrobat_reader_dc	15.006.30355	15.006.30392
adobe / acrobat_reader_dc	17.012.20098	18.009.20044

https://helpx.adobe.com/security/products/acrobat/apsb17-36.html

Vulnerability Database

CVE-2017-11308