Vulnerability Description
Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have a memory address leak vulnerability when handling JPEG 2000 code-stream tile data.
CVSS Score
LOW
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Adobe | Acrobat | <= 11.0.19 |
| Adobe | Acrobat Dc | <= 15.006.30280 |
| Adobe | Acrobat Reader Dc | <= 15.006.30280 |
| Adobe | Reader | <= 11.0.19 |
| Apple | Mac Os X | All versions |
| Microsoft | Windows | All versions |
Related Weaknesses (CWE)
References
- http://www.securityfocus.com/bid/97554Third Party AdvisoryVDB Entry
- http://www.securitytracker.com/id/1038228
- https://helpx.adobe.com/security/products/acrobat/apsb17-11.htmlVendor Advisory
- http://www.zerodayinitiative.com/advisories/ZDI-17-258/Third Party AdvisoryVDB Entry
- http://www.securityfocus.com/bid/97554Third Party AdvisoryVDB Entry
- http://www.securitytracker.com/id/1038228
- https://helpx.adobe.com/security/products/acrobat/apsb17-11.htmlVendor Advisory
FAQ
What is CVE-2017-3033?
CVE-2017-3033 is a vulnerability with a CVSS score of 3.3 (LOW). Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have a memory address leak vulnerability when handling JPEG 2000 code-stream tile data.
How severe is CVE-2017-3033?
CVE-2017-3033 has been rated LOW with a CVSS base score of 3.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2017-3033?
Check the references section above for vendor advisories and patch information. Affected products include: Adobe Acrobat, Adobe Acrobat Dc, Adobe Acrobat Reader Dc, Adobe Reader, Apple Mac Os X.