CVE-2017-3090

Adobe Digital Editions versions 4.5.4 and earlier contain an insecure library loading vulnerability. The vulnerability is due to unsafe…

adobe·CWE-427·Published 2017-06-20

CVSS

—

EPSS

0.09

KEV

Exploits

cve.orgen

280 chars

Adobe Digital Editions versions 4.5.4 and earlier contain an insecure library loading vulnerability. The vulnerability is due to unsafe library loading of browser related library extensions in the installer plugin. A successful exploitation could lead to arbitrary code execution.

NVDen

280 chars

NVDes

344 chars

Adobe Digital Editions versiones 4.5.4 y anteriores contienen una vulnerabilidad de carga de librería insegura. La vulnerabilidad se debe a la carga insegura de la biblioteca de extensiones de biblioteca relacionadas con el navegador en el complemento de instalación. Una explotación exitosa podría conducir a la ejecución de código arbitrario.

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	NVD	10.0	10.0	10.0	AV:N/AC:L/Au:N/C:C/I:C/A:C
3.0	Primary	NVD	9.8	3.9	5.9	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H