admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-28 01:02:25 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2017/CVE-2017-163xx/CVE-2017-16360.json
cad-safe-bot e6cbafdc40 Auto-Update: 2024-12-08T03:00:18.988682+00:00
2024-12-08 03:06:42 +00:00

193 lines
6.9 KiB
JSON
Raw Blame History

{
"id": "CVE-2017-16360",
"sourceIdentifier": "psirt@adobe.com",
"published": "2017-12-09T06:29:00.943",
"lastModified": "2024-11-21T03:16:19.910",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. This vulnerability is an instance of a use after free vulnerability in the MakeAccessible plugin, when creating an internal data structure. The mismatch between an old and a new object can provide an attacker with unintended memory access -- potentially leading to code corruption, control-flow hijack, or an information leak attack. Successful exploitation could lead to arbitrary code execution."
},
{
"lang": "es",
"value": "Se ha descubierto un problema en Adobe Acrobat y Reader: 2017.012.20098 y versiones anteriores, 2017.011.30066 y versiones anteriores, 2015.006.30355 y versiones anteriores y 11.0.22 y versiones anteriores. Esta vulnerabilidad es un ejemplo de una vulnerabilidad de uso de memoria previamente liberada en el plugin MakeAccesible, al crear una estructura de datos interna. La no coincidencia entre un objeto nuevo y otro viejo puede proporcionarle a un atacante acceso a la memoria no planeado. Esto podr\u00eda desembocar en la corrupci\u00f3n de c\u00f3digo, secuestro del flujo de control o en un ataque de filtrado de informaci\u00f3n. La explotaci\u00f3n con \u00e9xito de esta vulnerabilidad podr\u00eda permitir la ejecuci\u00f3n arbitraria de c\u00f3digo."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
],
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"baseScore": 9.3,
"accessVector": "NETWORK",
"accessComplexity": "MEDIUM",
"authentication": "NONE",
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"availabilityImpact": "COMPLETE"
},
"baseSeverity": "HIGH",
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": true
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"versionEndIncluding": "11.0.22",
"matchCriteriaId": "43C26AAA-3620-4229-AEFC-78AB3B2AAACF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"versionStartIncluding": "17.0",
"versionEndIncluding": "17.011.30066",
"matchCriteriaId": "2AD1E919-28D9-4C88-B8F9-95E062E9F9D0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"versionStartIncluding": "-",
"versionEndIncluding": "17.012.20098",
"matchCriteriaId": "43E90FF1-8078-4B18-A492-507E6129D10D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"versionStartIncluding": "15.0",
"versionEndIncluding": "15.006.30355",
"matchCriteriaId": "E45BE50E-04BE-49BE-8AFD-DFFAE6D11538"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:acrobat_reader:*:*:*:*:*:*:*:*",
"versionEndIncluding": "11.0.22",
"matchCriteriaId": "FA8E1E9D-FE27-4916-9BB3-D3E92BBB5641"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:acrobat_reader:*:*:*:*:*:*:*:*",
"versionStartIncluding": "17.0",
"versionEndIncluding": "17.011.30066",
"matchCriteriaId": "9346604B-ADB0-471B-9F81-8560E3F516AA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"versionStartIncluding": "-",
"versionEndIncluding": "17.012.20098",
"matchCriteriaId": "2A50612A-DC1B-4F64-BF9F-748A15EC6610"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"versionStartIncluding": "15.0",
"versionEndIncluding": "15.006.30355",
"matchCriteriaId": "394E8F26-2B1C-47ED-85F9-32BC5E04EC3A"
}
]
}
]
}
],
"references": [
{
"url": "http://www.securityfocus.com/bid/101818",
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "http://www.securitytracker.com/id/1039791",
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-36.html",
"source": "psirt@adobe.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "http://www.securityfocus.com/bid/101818",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "http://www.securitytracker.com/id/1039791",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-36.html",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
}
]
}
Reference in New Issue View Git Blame Copy Permalink