CVE-2017-2391

CVE Database · CVE-2017-2391

CVE-2017-2391

· N/AModified

CVSS v3.1

N/A

EPSS

0.96%

Published

Apr 1, 2017

Modified

May 12, 2026

Public PoC / Exploit

All weaponized →

No public PoC or exploit code indexed for this CVE.

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

An issue was discovered in certain Apple products. Pages before 6.1, Numbers before 4.1, and Keynote before 7.1 on macOS and Pages before 3.1, Numbers before 3.1, and Keynote before 3.1 on iOS are affected. The issue involves the "Export" component. It allows users to bypass iWork PDF password protection by leveraging use of 40-bit RC4.

Weaknesses (CWE)

CWE-326

Affected Products (6)

apple · keynotevulnerable

apple · numbersvulnerable

apple · pagesvulnerable

apple · keynotevulnerable

apple · numbersvulnerable

apple · pagesvulnerable

References (10)

http://www.securityfocus.com/bid/97126

Third Party AdvisoryVDB Entry