CVE-2017-3009
Description
Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable buffer overflow vulnerability in the JPEG2000 parser. Successful exploitation could lead to information disclosure.
Risk Information
Base Score
7.5
MODERATE
Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
EPSS Score
Exploitation Probability
1.909
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Vulnerabilities CVE-2017-3009,CVE-2017-3010 are fixed in Adobe Reader 11.0.19 update - All languages (APSB17-01) | Windows |
| Vulnerabilities CVE-2017-3009,CVE-2017-3010 are fixed in Adobe Reader 11.0.19 update - Multilingual (MUI) installer (APSB17-01) | Windows |
| Vulnerabilities CVE-2017-3009,CVE-2017-3010 are fixed in Adobe Acrobat DC 15.023.20053 | Windows |
| Vulnerabilities CVE-2017-3009,CVE-2017-3010 are fixed in Adobe Acrobat DC 15.006.30279 | Windows |
| Multiple Vulnerabilities are affected in Adobe Acrobat DC for MAC 15.006.30244 | Mac |
| Multiple Vulnerabilities are affected in Adobe Acrobat Reader DC for MAC 15.020.20042 | Mac |
Patch Details
Click to see the patches provided by ManageEngine for this CVE
| Patch ID | Patch Description |
|---|---|
| PATCH-304513 | Adobe Reader 11.0.19 update - All languages (APSB17-01) |
| PATCH-304514 | Adobe Reader 11.0.19 update - Multilingual (MUI) installer (APSB17-01) |
| PATCH-343120 | Adobe Acrobat Reader DC (24.004.20272) |
| PATCH-315460 | Adobe Acrobat DC Pro and Standard (Classic Track) update - All languages (15.006.30527) (APSB20-48) |
| PATCH-611991 | Adobe Acrobat DC for MAC (25.001.20693)(Deployment-Only) |
| PATCH-611989 | Adobe Acrobat Reader DC for MAC (25.001.20693)(Deployment-Only) |
References
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234