CVE-2017-3009

Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable buffer overflow vulnerability in the JPEG2000 parser. Successful exploitation could lead to information disclosure.

Published: Mar 31, 2017
Updated: Apr 13, 2023
CVE: CVE-2017-3009
Severity: High
Exploit:

CVSS v3:

Severity: High
Score: 7.5
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CVSS v2:

Severity: Medium
Score: 5
AV:N/AC:L/Au:N/C:P/I:N/A:N

CWEs:

CWE-125

Affected Software
References

Software	From	Fixed in
adobe / acrobat	11.0.0	11.0.18.x
adobe / acrobat_dc	15.000.0000	15.006.30244.x
adobe / acrobat_dc	15.000.0000	15.020.20042.x
adobe / acrobat_reader_dc	15.000.0000	15.006.30244.x
adobe / acrobat_reader_dc	15.000.0000	15.020.20042.x
adobe / reader	11.0.0	11.0.18.x

http://www.securityfocus.com/bid/97302
https://helpx.adobe.com/security/products/acrobat/apsb17-01.html

Vulnerability Database

290,206

CVE-2017-3009