Vulnerability Details CVE-2017-3097
Adobe Digital Editions versions 4.5.4 and earlier contain an insecure library loading vulnerability. The vulnerability is due to unsafe library loading functions in the installer plugin. A successful exploitation could lead to arbitrary code execution.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.233
EPSS Ranking 95.6%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 10.0
References
- http://www.securityfocus.com/bid/99024
- http://www.securitytracker.com/id/1038658
- https://helpx.adobe.com/security/products/Digital-Editions/apsb17-20.html
- http://www.securityfocus.com/bid/99024
- http://www.securitytracker.com/id/1038658
- https://helpx.adobe.com/security/products/Digital-Editions/apsb17-20.html
Products affected by CVE-2017-3097
-
cpe:2.3:a:adobe:digital_editions:-
-
cpe:2.3:a:adobe:digital_editions:2.0.0
-
cpe:2.3:a:adobe:digital_editions:2.0.1
-
cpe:2.3:a:adobe:digital_editions:4.0.0
-
cpe:2.3:a:adobe:digital_editions:4.0.1
-
cpe:2.3:a:adobe:digital_editions:4.0.2
-
cpe:2.3:a:adobe:digital_editions:4.0.3
-
cpe:2.3:a:adobe:digital_editions:4.5.0
-
cpe:2.3:a:adobe:digital_editions:4.5.1
-
cpe:2.3:a:adobe:digital_editions:4.5.2
-
cpe:2.3:a:adobe:digital_editions:4.5.3
-
cpe:2.3:a:adobe:digital_editions:4.5.4