CVE-2017-16367 Information

Description

An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions 2017.011.30066 and earlier versions 2015.006.30355 and earlier versions and 11.0.22 and earlier versions. This vulnerability is an instance of a type confusion overflow vulnerability. The vulnerability leads to an out of bounds memory access. Attackers can exploit the vulnerability by using the out of bounds access for unintended reads or writes – potentially leading to code corruption control-flow hijack or an information leak attack.

CVSS Vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Reference

http://www.securityfocus.com/bid/101815 http://www.securitytracker.com/id/1039791 https://helpx.adobe.com/security/products/acrobat/apsb17-36.html

Attack Complexity

LOW

Privileges Required

NONE

User Interaction Required

NONE

Scope

REQUIRED

Confidentiality Impact

UNCHANGED

Integrity Impact

HIGH

Availability Impact

HIGH

Base Score

HIGH

Base Severity

8.8