High severity8.8NVD Advisory· Published Aug 11, 2017· Updated May 13, 2026

CVE-2017-11211

Description

Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable heap overflow vulnerability in the JPEG parser. Successful exploitation could lead to arbitrary code execution.

Affected products

Adobe Inc./Acrobat
cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*
Range: >=11.0.0,<=11.0.20
Adobe Inc./Acrobat Dc2 versions
cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*+ 1 more
- cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*range: >=15.006.30060,<=15.006.30306
- cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*range: >=15.007.20033,<=17.009.20058
Adobe Inc./Acrobat Reader
cpe:2.3:a:adobe:acrobat_reader:*:*:*:*:*:*:*:*
Range: >=17.011.00000,<=17.011.30066
Adobe Inc./Acrobat Reader Dc2 versions
cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*+ 1 more
- cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*range: >=15.006.30060,<=15.006.30306
- cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*range: >=15.007.20033,<=17.009.20058
Adobe Inc./Reader
cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*
Range: >=11.0.0,<=11.0.20
Adobe Systems Incorporated/Acrobat Readerv5
Range: 2017.009.20058 and earlier

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

helpx.adobe.com/security/products/acrobat/apsb17-24.htmlnvdPatchVendor Advisory
www.securityfocus.com/bid/100180nvdThird Party AdvisoryVDB Entry
www.securitytracker.com/id/1039098nvdThird Party AdvisoryVDB Entry
www.zerodayinitiative.com/advisories/ZDI-17-579/nvdThird Party AdvisoryVDB Entry

News mentions

No linked articles in our index yet.

cvss	0.572
epss	0.020
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000