Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable heap overflow vulnerability in the image conversion engine, related to parsing of color profile metadata. Successful exploitation could lead to arbitrary code execution.

Related CVEs

CVE-2017-2959

Key Information

GHSA ID

GHSA-54fp-2qxq-mm63

Published

May 17, 2022 3:04 AM

Last Modified

May 17, 2022 3:04 AM

CVSS Score

7.5 /10

Primary Ecosystem

Unknown

Primary Package

Unknown

GitHub Reviewed

✗ No

Dataset

Last updated: June 16, 2025 6:25 AM

Data from GitHub Advisory Database. This information is provided for research and educational purposes.