Adobe Digital Editions < 4.5.4 Multiple Vulnerabilities (APSB17-05)
Critical Nessus Plugin ID 97214
SynopsisAn application installed on the remote Windows host is affected by multiple vulnerabilities.
DescriptionThe version of Adobe Digital Editions installed on the remote Windows host is prior to 4.5.4. It is, therefore, affected by multiple vulnerabilities :
- A heap buffer overflow condition exists that allows an unauthenticated, remote attacker to execute arbitrary code. (CVE-2017-2973).
- Multiple buffer overflow conditions exist that allow an unauthenticated, remote attacker to disclose memory contents. (CVE-2017-2974, CVE-2017-2975, CVE-2017-2976, CVE-2017-2978, CVE-2017-2977, CVE-2017-2979, CVE-2017-2980, CVE-2017-2981)
SolutionUpgrade to Adobe Digital Editions version 4.5.4 or later.