PT-2017-15641 · Adobe · Digital Editions

Published

2017-06-20

Updated

2019-10-03

CVE-2017-3090

CVSS v2.0

Critical

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Adobe Digital Editions versions 4.5.4 and earlier

Description The issue is due to unsafe library loading of browser-related library extensions in the installer plugin. A successful exploitation could lead to arbitrary code execution.

Recommendations For Adobe Digital Editions versions 4.5.4 and earlier, update to a version later than 4.5.4 to resolve the issue.

Fix

Uncontrolled Search Path Element

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-427

Related Identifiers

CVE-2017-3090

Affected Products

Digital Editions

PT-2017-15641 · Adobe · Digital Editions

CVE-2017-3090

Weakness Enumeration

Related Identifiers

Affected Products

References · 5