admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-09-17 18:45:49 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2017/CVE-2017-163xx/CVE-2017-16362.json
René Helmke 7791f18b51 bootstrap
2023-05-16 16:09:41 +02:00

169 lines
6.3 KiB
JSON
Raw Blame History

{
"id": "CVE-2017-16362",
"sourceIdentifier": "psirt@adobe.com",
"published": "2017-12-09T06:29:01.007",
"lastModified": "2017-12-14T18:56:44.097",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. This vulnerability is an instance of an out of bounds read vulnerability in the MakeAccesible plugin, when handling font data. It causes an out of bounds memory access, which sometimes triggers an access violation exception. Attackers can exploit the vulnerability by using the out of bounds access for unintended reads, writes, or frees, potentially leading to code corruption, control-flow hijack, or an information leak attack."
},
{
"lang": "es",
"value": "Se ha descubierto un problema en Adobe Acrobat y Reader: 2017.012.20098 y versiones anteriores, 2017.011.30066 y versiones anteriores, 2015.006.30355 y versiones anteriores y 11.0.22 y versiones anteriores. La vulnerabilidad es un ejemplo de lectura fuera de l\u00edmites en el plugin MakeAccesible, al manipular datos de fuentes. Provoca un acceso a la memoria fuera de l\u00edmites, lo que, a veces, desencadena una excepci\u00f3n de violaci\u00f3n de acceso. Los atacantes pueden explotar esta vulnerabilidad empleando el acceso fuera de l\u00edmites para lecturas, escrituras o liberaciones no planeadas. Esto podr\u00eda desembocar en la corrupci\u00f3n de c\u00f3digo, secuestro del flujo de control o un ataque de filtrado de informaci\u00f3n."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
],
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"accessVector": "NETWORK",
"accessComplexity": "MEDIUM",
"authentication": "NONE",
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3
},
"baseSeverity": "HIGH",
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": true
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"versionEndIncluding": "11.0.22",
"matchCriteriaId": "43C26AAA-3620-4229-AEFC-78AB3B2AAACF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*",
"versionStartIncluding": "17.0",
"versionEndIncluding": "17.011.30066",
"matchCriteriaId": "2AD1E919-28D9-4C88-B8F9-95E062E9F9D0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"versionStartIncluding": "-",
"versionEndIncluding": "17.012.20098",
"matchCriteriaId": "43E90FF1-8078-4B18-A492-507E6129D10D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"versionStartIncluding": "15.0",
"versionEndIncluding": "15.006.30355",
"matchCriteriaId": "E45BE50E-04BE-49BE-8AFD-DFFAE6D11538"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:acrobat_reader:*:*:*:*:*:*:*:*",
"versionEndIncluding": "11.0.22",
"matchCriteriaId": "FA8E1E9D-FE27-4916-9BB3-D3E92BBB5641"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:acrobat_reader:*:*:*:*:*:*:*:*",
"versionStartIncluding": "17.0",
"versionEndIncluding": "17.011.30066",
"matchCriteriaId": "9346604B-ADB0-471B-9F81-8560E3F516AA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"versionStartIncluding": "-",
"versionEndIncluding": "17.012.20098",
"matchCriteriaId": "2A50612A-DC1B-4F64-BF9F-748A15EC6610"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"versionStartIncluding": "15.0",
"versionEndIncluding": "15.006.30355",
"matchCriteriaId": "394E8F26-2B1C-47ED-85F9-32BC5E04EC3A"
}
]
}
]
}
],
"references": [
{
"url": "http://www.securityfocus.com/bid/102140",
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "http://www.securitytracker.com/id/1039791",
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://helpx.adobe.com/security/products/acrobat/apsb17-36.html",
"source": "psirt@adobe.com",
"tags": [
"Vendor Advisory"
]
}
]
}
Reference in New Issue View Git Blame Copy Permalink