CVE-2017-2954

Name of the Vulnerable Software and Affected Versions Adobe Acrobat versions prior to 15.020.20042 Adobe Acrobat Reader versions prior to 15.020.20042 Adobe Acrobat versions prior to 15.006.30244 Adobe Acrobat Reader versions prior to 15.006.30244 Adobe Acrobat versions prior to 11.0.18 Adobe Acrobat Reader versions prior to 11.0.18

Description The issue is related to a memory corruption vulnerability in the image conversion module when handling malformed TIFF images. This could lead to arbitrary code execution if successfully exploited. The vulnerability is caused by a buffer overflow in memory, allowing a remote attacker to execute arbitrary code by processing a corrupted TIFF image.

Recommendations For Adobe Acrobat and Reader versions prior to 15.020.20042, update to a version later than 15.020.20042 to resolve the issue. For Adobe Acrobat and Reader versions prior to 15.006.30244, update to a version later than 15.006.30244 to resolve the issue. For Adobe Acrobat and Reader versions prior to 11.0.18, update to a version later than 11.0.18 to resolve the issue. As a temporary workaround, consider avoiding the use of the image conversion module for TIFF images until a patch is available.