CVE-2016-6979

Name of the Vulnerable Software and Affected Versions Adobe Reader versions (affected versions not specified) Adobe Acrobat versions (affected versions not specified)

Description The issue is related to a use-after-free vulnerability in memory usage, which can be exploited by a remote attacker to execute arbitrary code. This vulnerability affects programs for viewing PDF files, such as Adobe Reader and Adobe Reader Document Cloud, as well as programs for editing PDF files, like Adobe Acrobat and Adobe Acrobat Document Cloud.

Recommendations For Adobe Reader, update to a version that includes a fix for this issue. For Adobe Acrobat, update to a version that includes a fix for this issue. As a temporary workaround, consider restricting the use of the affected PDF parsing functionality until a patch is available. Avoid using the vulnerable XSLT parsing feature in Adobe Reader DC until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.