Vulnerability Description
An issue was discovered in Adobe InDesign 12.1.0 and earlier versions. An exploitable memory corruption vulnerability exists. Successful exploitation could lead to arbitrary code execution.
CVSS Score
9.8
CRITICAL
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Adobe | Indesign | <= 12.1.0 |
Related Weaknesses (CWE)
References
- http://www.securityfocus.com/bid/101840Third Party AdvisoryVDB Entry
- http://www.securitytracker.com/id/1039785Third Party AdvisoryVDB Entry
- https://helpx.adobe.com/security/products/indesign/apsb17-38.htmlVendor Advisory
- http://www.securityfocus.com/bid/101840Third Party AdvisoryVDB Entry
- http://www.securitytracker.com/id/1039785Third Party AdvisoryVDB Entry
- https://helpx.adobe.com/security/products/indesign/apsb17-38.htmlVendor Advisory
FAQ
What is CVE-2017-11302?
CVE-2017-11302 is a vulnerability with a CVSS score of 9.8 (CRITICAL). An issue was discovered in Adobe InDesign 12.1.0 and earlier versions. An exploitable memory corruption vulnerability exists. Successful exploitation could lead to arbitrary code execution.
How severe is CVE-2017-11302?
CVE-2017-11302 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2017-11302?
Check the references section above for vendor advisories and patch information. Affected products include: Adobe Indesign.