Vulnerability Description
Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have a memory address leak vulnerability in the JPEG 2000 parser, related to contiguous code-stream parsing.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Adobe | Acrobat | <= 11.0.19 |
| Adobe | Acrobat Dc | <= 15.006.30280 |
| Adobe | Acrobat Reader Dc | <= 15.006.30280 |
| Adobe | Reader | <= 11.0.19 |
| Apple | Mac Os X | All versions |
| Microsoft | Windows | All versions |
Related Weaknesses (CWE)
References
- http://www.securityfocus.com/bid/97554Third Party AdvisoryVDB Entry
- http://www.securitytracker.com/id/1038228
- https://helpx.adobe.com/security/products/acrobat/apsb17-11.htmlVendor Advisory
- http://www.zerodayinitiative.com/advisories/ZDI-17-270/Third Party AdvisoryVDB Entry
- http://www.securityfocus.com/bid/97554Third Party AdvisoryVDB Entry
- http://www.securitytracker.com/id/1038228
- https://helpx.adobe.com/security/products/acrobat/apsb17-11.htmlVendor Advisory
FAQ
What is CVE-2017-3046?
CVE-2017-3046 is a vulnerability with a CVSS score of 5.5 (MEDIUM). Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have a memory address leak vulnerability in the JPEG 2000 parser, related to contiguous code-strea...
How severe is CVE-2017-3046?
CVE-2017-3046 has been rated MEDIUM with a CVSS base score of 5.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2017-3046?
Check the references section above for vendor advisories and patch information. Affected products include: Adobe Acrobat, Adobe Acrobat Dc, Adobe Acrobat Reader Dc, Adobe Reader, Apple Mac Os X.