Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable type confusion vulnerability in the XSLT engine related to localization functionality. Successful exploitation could lead to arbitrary code execution.
References
Configurations
Configuration 1 (hide)
AND |
|
History
21 Nov 2024, 03:24
Type | Values Removed | Values Added |
---|---|---|
References | () http://www.securityfocus.com/bid/95340 - | |
References | () http://www.securitytracker.com/id/1037574 - | |
References | () http://www.zerodayinitiative.com/advisories/ZDI-17-026 - | |
References | () https://helpx.adobe.com/security/products/acrobat/apsb17-01.html - Patch, Vendor Advisory |
Information
Published : 2017-01-11 04:59
Updated : 2024-11-21 03:24
NVD link : CVE-2017-2962
Mitre link : CVE-2017-2962
CVE.ORG link : CVE-2017-2962
JSON object : View
Products Affected
apple
- mac_os_x
adobe
- acrobat
- acrobat_reader_dc
- reader
- acrobat_dc
microsoft
- windows
CWE
CWE-704
Incorrect Type Conversion or Cast