CVE-2017-16362

Name of the Vulnerable Software and Affected Versions Adobe Acrobat and Reader versions 2017.012.20098 and earlier Adobe Acrobat and Reader versions 2017.011.30066 and earlier Adobe Acrobat and Reader versions 2015.006.30355 and earlier Adobe Acrobat and Reader versions 11.0.22 and earlier

Description The issue is an out of bounds read vulnerability in the MakeAccesible plugin when handling font data, causing an out of bounds memory access. This can trigger an access violation exception and potentially lead to code corruption, control-flow hijack, or an information leak attack. Attackers can exploit the vulnerability for unintended reads, writes, or frees, and it allows remote code execution.

Recommendations For versions 2017.012.20098 and earlier, update to a version later than 2017.012.20098. For versions 2017.011.30066 and earlier, update to a version later than 2017.011.30066. For versions 2015.006.30355 and earlier, update to a version later than 2015.006.30355. For versions 11.0.22 and earlier, update to a version later than 11.0.22. As a temporary workaround, consider disabling the MakeAccesible plugin until a patch is available.