Vulnerabilities > Adobe > Medium

DATE CVE VULNERABILITY TITLE RISK
2017-08-11 CVE-2017-11217 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Adobe products
Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conversion engine when processing Enhanced Metafile Format (EMF) data related to drawing of Unicode text strings.
network
low complexity
adobe CWE-119
6.5
2017-08-11 CVE-2017-11210 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Adobe products
Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the font parsing, where the font is embedded in the XML Paper Specification (XPS) file.
network
low complexity
adobe CWE-119
6.5
2017-08-11 CVE-2017-11209 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Adobe products
Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability that occurs when reading a JPEG file embedded within XML Paper Specification (XPS) file.
network
low complexity
adobe CWE-119
6.5
2017-07-17 CVE-2017-3103 Cross-site Scripting vulnerability in Adobe Connect
Adobe Connect versions 9.6.1 and earlier have a stored cross-site scripting vulnerability.
network
low complexity
adobe CWE-79
6.1
2017-07-17 CVE-2017-3102 Cross-site Scripting vulnerability in Adobe Connect
Adobe Connect versions 9.6.1 and earlier have a reflected cross-site scripting vulnerability.
network
low complexity
adobe CWE-79
6.1
2017-07-17 CVE-2017-3100 Out-of-bounds Write vulnerability in Adobe Flash Player and Flash Player Desktop Runtime
Adobe Flash Player versions 26.0.0.131 and earlier have an exploitable memory corruption vulnerability in the Action Script 2 BitmapData class.
network
low complexity
adobe CWE-787
6.5
2017-07-17 CVE-2017-3080 Unspecified vulnerability in Adobe Flash Player and Flash Player Desktop Runtime
Adobe Flash Player versions 26.0.0.131 and earlier have a security bypass vulnerability related to the Flash API used by Internet Explorer.
network
low complexity
adobe
6.5
2017-04-27 CVE-2017-3008 Cross-site Scripting vulnerability in Adobe Coldfusion 10.0/11.0/2016
Adobe ColdFusion 2016 Update 3 and earlier, ColdFusion 11 update 11 and earlier, ColdFusion 10 Update 22 and earlier have a reflected cross-site scripting vulnerability.
network
low complexity
adobe CWE-79
6.1
2017-04-12 CVE-2017-3053 Out-of-bounds Read vulnerability in Adobe products
Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have a memory address leak vulnerability in the image conversion engine, related to parsing of the APP13 segment in JPEG files.
local
low complexity
adobe CWE-125
5.5
2017-04-12 CVE-2017-3052 Out-of-bounds Read vulnerability in Adobe products
Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have a memory address leak vulnerability in the image conversion engine, related to parsing of EMF - enhanced meta file format.
local
low complexity
adobe CWE-125
5.5