Lucene search
Ke Liu of Tencent's Xuanwu LABZDI-17-253HistoryApr 11, 2017 - 12:00 a.m.
Adobe Reader DC JPEG2000 Out-Of-Bounds Write Remote Code Execution Vulnerability
2017-04-1100:00:00
Ke Liu of Tencent's Xuanwu LAB
www.zerodayinitiative.com
20
EPSS
0.004
Percentile
74.5%
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of JPEG2000 images. The process does not properly validate user-supplied data which can result in a write past the end of an allocated object. An attacker can leverage this vulnerability to execute code in the context of the current process.
Related
cvelist
cvelist
CVE-2017-3023
2017-04-12 14:00:00
cve
cve
CVE-2017-3023
2017-04-12 14:59:01
prion
prion
Memory corruption
2017-04-12 14:59:00
checkpoint_advisories
checkpoint_advisories
Adobe Acrobat and Reader Memory Corruption (APSB17-11: CVE-2017-3023)
2017-04-13 00:00:00
nvd
nvd
CVE-2017-3023
2017-04-12 14:59:01
openvas
openvas
Adobe Acrobat Security Updates (APSB17-11) - Mac OS X
2017-04-14 00:00:00
Adobe Reader Security Updates (APSB17-11) - Windows
2017-04-14 00:00:00
Adobe Acrobat DC (Continuous Track) Security Updates (APSB17-11) - Mac OS X
2018-03-12 00:00:00
nessus
nessus
adobe
adobe
APSB17-11 Security update available for Adobe Acrobat and Reader
2017-04-06 00:00:00
trendmicroblog
trendmicroblog