Vulnerability Database

289,784

Total vulnerabilities in the database

CVE-2017-2949

Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable heap overflow vulnerability in the XSLT engine. Successful exploitation could lead to arbitrary code execution.

  • Published: Jan 11, 2017
  • Updated: Apr 13, 2023
  • CVE: CVE-2017-2949
  • Severity: High
  • Exploit:

CVSS v3:

  • Severity: High
  • Score: 7.8
  • AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CVSS v2:

  • Severity: High
  • Score: 9.3
  • AV:N/AC:M/Au:N/C:C/I:C/A:C

CWEs:

Software From Fixed in
adobe / acrobat - 11.0.18.x
adobe / acrobat_dc - 15.006.30244.x
adobe / acrobat_dc - 15.020.20042.x
adobe / acrobat_reader_dc - 15.006.30244.x
adobe / acrobat_reader_dc - 15.020.20042.x
adobe / reader - 11.0.18.x