Vulnerability Description
An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. The issue is a stack exhaustion problem within the JavaScript API, where the computation does not correctly control the amount of recursion that can happen with respect to system resources.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Adobe | Acrobat | <= 11.0.22 |
| Adobe | Acrobat Dc | >= -, <= 17.012.20098 |
| Adobe | Acrobat Reader | <= 11.0.22 |
| Adobe | Acrobat Reader Dc | >= -, <= 17.012.20098 |
Related Weaknesses (CWE)
References
- http://www.securityfocus.com/bid/101817Third Party AdvisoryVDB Entry
- http://www.securitytracker.com/id/1039791Third Party AdvisoryVDB Entry
- https://helpx.adobe.com/security/products/acrobat/apsb17-36.htmlBroken Link
- http://www.securityfocus.com/bid/101817Third Party AdvisoryVDB Entry
- http://www.securitytracker.com/id/1039791Third Party AdvisoryVDB Entry
- https://helpx.adobe.com/security/products/acrobat/apsb17-36.htmlBroken Link
FAQ
What is CVE-2017-16419?
CVE-2017-16419 is a vulnerability with a CVSS score of 6.5 (MEDIUM). An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. Th...
How severe is CVE-2017-16419?
CVE-2017-16419 has been rated MEDIUM with a CVSS base score of 6.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2017-16419?
Check the references section above for vendor advisories and patch information. Affected products include: Adobe Acrobat, Adobe Acrobat Dc, Adobe Acrobat Reader, Adobe Acrobat Reader Dc.