CVE-2017-11245 - CVE Vulnerability

Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conversion engine when processing Enhanced Metafile Format (EMF) private data. Successful exploitation could lead to arbitrary code execution. (CVSS:4.3) (Last Update:2017-08-17)

Vulnerability Details : Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conversion engine when processing Enhanced Metafile Format (EMF) private data. Successful exploitation could lead to arbitrary code execution. Publish Date : 2017-08-11 Last Update Date : 2017-08-17 - CVSS Scores & Vulnerability Types CVSS Score 4.3 Confidentiality Impact Partial(There is considerable informational disclosure.) Integrity Impact None(There is no impact to the integrity of the system) Availability Impact None(There is no impact to the availability of the system.) Access Complexity Medium(The access conditions are somewhat specialized. Some preconditions must be satistified to exploit) Authentication Not required(Authentication is not required to exploit the vulnerability.) Gained Access None Vulnerability Type(s) Execute CodeMemory corruptionObtain Information CWE ID 200 - Products Affected By CVE-2017-11245 # Product Type Vendor Product Version Update Edition Language 1 Application Adobe Acrobat 11.0.20 Version Details Vulnerabilities 2 Application Adobe Acrobat 2017.008.30051 Version Details Vulnerabilities 3 Application Adobe Acrobat Dc 2015.006.30306 ~~classic~~~ Version Details Vulnerabilities 4 Application Adobe Acrobat Dc 2017.009.20058 ~~continuous~~~ Version Details Vulnerabilities 5 Application Adobe Acrobat Reader 2017.008.30051 Version Details Vulnerabilities 6 Application Adobe Acrobat Reader Dc 2015.006.30306 ~~classic~~~ Version Details Vulnerabilities 7 Application Adobe Acrobat Reader Dc 2017.009.20058 ~~continuous~~~ Version Details Vulnerabilities 8 Application Adobe Reader 11.0.20 Version Details Vulnerabilities - Number Of Affected Versions By Product Vendor Product Vulnerable Versions Adobe Acrobat 2 Adobe Acrobat Dc 2 Adobe Acrobat Reader 1 Adobe Acrobat Reader Dc 2 Adobe Reader 1 - References For CVE-2017-11245 http://www.securityfocus.com/bid/100184 BID 100184 Adobe Acrobat and Reader APSB17-24 Multiple Unspecified Memory Corruption Vulnerabilities Release Date:2017-08-08 http://www.securitytracker.com/id/1039098 SECTRACK 1039098 https://helpx.adobe.com/security/products/acrobat/apsb17-24.html CONFIRM - Vulnerability Conditions Vulnerability is valid if product versions listed below are used TOGETHER WITH(AND) Adobe Acrobat 11.0.20 Adobe Acrobat 2017.008.30051 Adobe Acrobat Dc 2015.006.30306 ~~classic~~~ Adobe Acrobat Dc 2017.009.20058 ~~continuous~~~ Adobe Acrobat Reader 2017.008.30051 Adobe Acrobat Reader Dc 2015.006.30306 ~~classic~~~ Adobe Acrobat Reader Dc 2017.009.20058 ~~continuous~~~ Adobe Reader 11.0.20 Apple Mac Os X Microsoft Windows

- Metasploit Modules Related To CVE-2017-11245 There are not any metasploit modules related to this CVE entry (Please visit www.metasploit.com for more information)