Medium severity6.5NVD Advisory· Published Aug 11, 2017· Updated May 13, 2026

CVE-2017-11217

Description

Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conversion engine when processing Enhanced Metafile Format (EMF) data related to drawing of Unicode text strings. Successful exploitation could lead to arbitrary code execution.

Affected products

Adobe Inc./Acrobat
cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*
Range: >=11.0.0,<=11.0.20
Adobe Inc./Acrobat Dc2 versions
cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*+ 1 more
- cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*range: >=15.006.30060,<=15.006.30306
- cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*range: >=15.007.20033,<=17.009.20058
Adobe Inc./Acrobat Reader
cpe:2.3:a:adobe:acrobat_reader:*:*:*:*:*:*:*:*
Range: >=17.011.00000,<=17.011.30066
Adobe Inc./Acrobat Reader Dc2 versions
cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*+ 1 more
- cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*range: >=15.006.30060,<=15.006.30306
- cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*range: >=15.007.20033,<=17.009.20058
Adobe Inc./Reader
cpe:2.3:a:adobe:reader:*:*:*:*:*:*:*:*
Range: >=11.0.0,<=11.0.20
Adobe Systems Incorporated/Acrobat Readerv5
Range: 2017.009.20058 and earlier

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

helpx.adobe.com/security/products/acrobat/apsb17-24.htmlnvdPatchVendor Advisory
www.securityfocus.com/bid/100184nvdThird Party AdvisoryVDB Entry
www.securitytracker.com/id/1039098nvdThird Party AdvisoryVDB Entry
www.zerodayinitiative.com/advisories/ZDI-17-586nvdThird Party AdvisoryVDB Entry

News mentions

No linked articles in our index yet.

cvss	0.423
epss	0.006
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000