CVE-2017-2947

CVE-2017-2947

Name

CVE-2017-2947

Description

Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have a security bypass vulnerability when manipulating Form Data Format (FDF).

NVD Severity

unknown

Other trackers

CVE, NVD, CERT, CVE Details, CIRCL, Arch Linux, Debian, Red Hat, Ubuntu, Gentoo, SUSE (Bugzilla), SUSE (CVE), Mageia

Mailing lists

oss-security, full-disclosure, bugtraq

Exploits

Exploit DB, Metasploit

Forges

GitHub (code, issues), Aports (code, issues)

Type	URI
psirt@adobe.com	http://www.securityfocus.com/bid/95348
psirt@adobe.com	http://www.securitytracker.com/id/1037574
Patch	https://helpx.adobe.com/security/products/acrobat/apsb17-01.html

Type

URI

psirt@adobe.com

http://www.securityfocus.com/bid/95348

psirt@adobe.com

http://www.securitytracker.com/id/1037574

Patch

https://helpx.adobe.com/security/products/acrobat/apsb17-01.html

Match rules

CPE URI	Source package	Min version	Max version
`cpe:2.3:a:adobe:acrobat::::::::`	acrobat	>= None	<= 11.0.18
`cpe:2.3:a:adobe:acrobat_dc:::::classic:::*`	acrobat_dc	>= None	<= 15.006.30244
`cpe:2.3:a:adobe:acrobat_dc:::::continuous:::*`	acrobat_dc	>= None	<= 15.020.20042
`cpe:2.3:a:adobe:acrobat_reader_dc:::::classic:::*`	acrobat_reader_dc	>= None	<= 15.006.30244
`cpe:2.3:a:adobe:acrobat_reader_dc:::::continuous:::*`	acrobat_reader_dc	>= None	<= 15.020.20042
`cpe:2.3:a:adobe:reader::::::::`	reader	>= None	<= 11.0.18

CPE URI

Source package

Min version

Max version

cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*

acrobat

>= None

<= 11.0.18

cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*

acrobat_dc

>= None

<= 15.006.30244

cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*

acrobat_dc

>= None

<= 15.020.20042

cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*

acrobat_reader_dc

>= None

<= 15.006.30244

cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*

acrobat_reader_dc

>= None

<= 15.020.20042

cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*

reader

>= None

<= 11.0.18

Vulnerable and fixed packages

Source package	Branch	Version	Maintainer	Status
reader	edge-community	0.5.0-r6	Adam Thiede <me@adamthiede.com>	possibly vulnerable
reader	edge-community	0.5.0-r5	Adam Thiede <me@adamthiede.com>	possibly vulnerable
reader	edge-community	0.5.0-r4	Adam Thiede <me@adamthiede.com>	possibly vulnerable
reader	edge-community	0.5.0-r3	Adam Thiede <me@adamthiede.com>	possibly vulnerable
reader	edge-community	0.5.0-r2	Adam Thiede <me@adamthiede.com>	possibly vulnerable
reader	edge-community	0.5.0-r1	Adam Thiede <me@adamthiede.com>	possibly vulnerable
reader	edge-community	0.5.0-r0	Adam Thiede <me@adamthiede.com>	possibly vulnerable
reader	edge-community	0.4.7-r3	Adam Thiede <me@adamthiede.com>	possibly vulnerable
reader	edge-community	0.4.7-r2	Adam Thiede <me@adamthiede.com>	possibly vulnerable
reader	edge-community	0.4.7-r1	Adam Thiede <me@adamthiede.com>	possibly vulnerable
reader	edge-community	0.4.7-r0	Adam Thiede <me@adamthiede.com>	possibly vulnerable
reader	edge-community	0.4.5-r2	Adam Thiede <me@adamthiede.com>	possibly vulnerable
reader	edge-community	0.4.5-r1	Adam Thiede <me@adamthiede.com>	possibly vulnerable
reader	edge-community	0.4.5-r0	Adam Thiede <me@adamthiede.com>	possibly vulnerable
reader	3.23-community	0.5.0-r6	Adam Thiede <me@adamthiede.com>	possibly vulnerable
reader	3.23-community	0.5.0-r5	Adam Thiede <me@adamthiede.com>	possibly vulnerable
reader	3.22-community	0.5.0-r4	Adam Thiede <me@adamthiede.com>	possibly vulnerable
reader	3.22-community	0.5.0-r3	Adam Thiede <me@adamthiede.com>	possibly vulnerable
reader	3.22-community	0.5.0-r2	Adam Thiede <me@adamthiede.com>	possibly vulnerable
reader	3.22-community	0.5.0-r1	Adam Thiede <me@adamthiede.com>	possibly vulnerable
reader	3.22-community	0.4.5-r5	Adam Thiede <me@adamthiede.com>	possibly vulnerable

Source package

Branch

Version

Maintainer

Status

reader

edge-community

0.5.0-r6

Adam Thiede <me@adamthiede.com>

possibly vulnerable

reader

edge-community