{ "id": "CVE-2017-11229", "sourceIdentifier": "psirt@adobe.com", "published": "2017-08-11T19:29:00.743", "lastModified": "2024-11-21T03:07:22.240", "vulnStatus": "Modified", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has a security bypass vulnerability when manipulating Forms Data Format (FDF)." }, { "lang": "es", "value": "Adobe Acrobat Reader 2017.009.20058 y anteriores, 2017.008.30051 y anteriores, 2015.006.30306 y anteriores, y 11.0.20 y anteriores tiene una vulnerabilidad de omisi\u00f3n de seguridad cuando se manipula el formato Forms Data Format (FDF)." } ], "metrics": { "cvssMetricV30": [ { "source": "nvd@nist.gov", "type": "Primary", "cvssData": { "version": "3.0", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "baseScore": 8.8, "baseSeverity": "HIGH", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH" }, "exploitabilityScore": 2.8, "impactScore": 5.9 } ], "cvssMetricV2": [ { "source": "nvd@nist.gov", "type": "Primary", "cvssData": { "version": "2.0", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "baseScore": 6.8, "accessVector": "NETWORK", "accessComplexity": "MEDIUM", "authentication": "NONE", "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "availabilityImpact": "PARTIAL" }, "baseSeverity": "MEDIUM", "exploitabilityScore": 8.6, "impactScore": 6.4, "acInsufInfo": false, "obtainAllPrivilege": false, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true } ] }, "weaknesses": [ { "source": "nvd@nist.gov", "type": "Primary", "description": [ { "lang": "en", "value": "NVD-CWE-noinfo" } ] } ], "configurations": [ { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*", "versionStartIncluding": "11.0.0", "versionEndIncluding": "11.0.20", "matchCriteriaId": "A30D9514-FE2E-4A9C-9500-16890F53E970" }, { "vulnerable": true, "criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*", "versionStartIncluding": "17.011.00000", "versionEndIncluding": "17.011.30066", "matchCriteriaId": "7C9B6745-48B3-47D5-B624-3321E9058FB6" }, { "vulnerable": true, "criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*", "versionStartIncluding": "15.006.30060", "versionEndIncluding": "15.006.30306", "matchCriteriaId": "99D08096-DEEA-4409-835A-68479002FF0F" }, { "vulnerable": true, "criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*", "versionStartIncluding": "15.007.20033", "versionEndIncluding": "17.009.20058", "matchCriteriaId": "C7A7FA12-9250-4E26-87AE-D5413A1B7D83" }, { "vulnerable": true, "criteria": "cpe:2.3:a:adobe:acrobat_reader:*:*:*:*:*:*:*:*", "versionStartIncluding": "17.011.00000", "versionEndIncluding": "17.011.30066", "matchCriteriaId": "11A0E83A-9D77-4A0B-90DE-386D21D54146" }, { "vulnerable": true, "criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*", "versionStartIncluding": "15.006.30060", "versionEndIncluding": "15.006.30306", "matchCriteriaId": "0E4BAFB4-C5F3-4033-9876-AC3CF37206F8" }, { "vulnerable": true, "criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*", "versionStartIncluding": "15.007.20033", "versionEndIncluding": "17.009.20058", "matchCriteriaId": "7C578153-11EF-4F8D-9137-4F7AB8024D7E" }, { "vulnerable": true, "criteria": "cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*", "versionStartIncluding": "11.0.0", "versionEndIncluding": "11.0.20", "matchCriteriaId": "1F87CC97-6ED7-4AF1-B7B7-F89EA09A68DB" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*", "matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574" }, { "vulnerable": false, "criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*", "matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256" } ] } ] } ], "references": [ { "url": "http://www.securityfocus.com/bid/100186", "source": "psirt@adobe.com", "tags": [ "Third Party Advisory", "VDB Entry" ] }, { "url": "http://www.securitytracker.com/id/1039098", "source": "psirt@adobe.com", "tags": [ "Third Party Advisory", "VDB Entry" ] }, { "url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html", "source": "psirt@adobe.com", "tags": [ "Patch", "Vendor Advisory" ] }, { "url": "http://www.securityfocus.com/bid/100186", "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "VDB Entry" ] }, { "url": "http://www.securitytracker.com/id/1039098", "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "VDB Entry" ] }, { "url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html", "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ] } ] }